Solved

Ftp high port

Posted on 2002-06-13
7
345 Views
Last Modified: 2010-04-11
What is the ftp high-port ? Is it about ftp active and passive mode ?
0
Comment
Question by:rotaris357
7 Comments
 
LVL 3

Accepted Solution

by:
cincin77 earned 50 total points
ID: 7075261
Different from other TCP/IP applications, FTP uses 2 ports instead of one; one for control data and the other for the data. In normal operation; you open a connection to the port 21 of the ftp server.(this is the control connection) For this connection your local machine also has a port #.

The commands you enter like GET, PUT go through this channel. Aa the time comes to send or receive some data, FTP server opens a connection from its port # 20 to a local port in your machine which you sent to the server in advance through the control channel. This local port should be the 'high-port'.

However today most client machines are behind a firewall so it is not possible for the ftp server to open a connection to your machine. So your ftp client asks the server if it supports passive mode in which case the data connection is again opened by your client machine.

regards...
0
 
LVL 11

Expert Comment

by:geoffryn
ID: 7075728
Here is a great resource that explains FTP Active vs PASV in detail.

http://slacksite.com/other/ftp.html
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7084197
>However today most client machines are behind a firewall
>so it is not possible for the ftp server to
>open a connection to your machine

What kind of firewall are you using?  Mine certainly does do this (supports non-passive FTP) - it's called a stateful firewall, and any firewall that can't do it (these days) is basically crap (although most older firewalls *were* crap, and couldn't do it, hence passive FTP)

Otherwise, all the info I see here seems good, particularly geoffryn's URL - I vote for his answer...

Cheers,
-Jon


0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 3

Expert Comment

by:cincin77
ID: 7085821
It is not a good idea to allow incoming tcp connection requests.
it can be compromised.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7091048
>It is not a good idea to allow incoming tcp connection
>requests. it can be compromised.

Please refer to the CERT ID that indicates such vulnerabilities in iptables (I would also be interested in *any* CERT advisory regarding a stateful firewall).

Cheers,
-Jon
0
 

Author Comment

by:rotaris357
ID: 7101463
Thanks Cincin77 and geoffryn that make me clear , but I choose Cincin77 because he answers the question with his intention , and I think he can make me clear in the short of the detail.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7103275
Whatever works...

Cheers,
-Jon
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Server File/Folder permissions 6 80
How to configure this IP Address to my firewall 15 105
mysql disables rename 4 71
CSS: Making Pure CSS read more boxes thinner 5 31
Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question