Solved

Ftp high port

Posted on 2002-06-13
7
346 Views
Last Modified: 2010-04-11
What is the ftp high-port ? Is it about ftp active and passive mode ?
0
Comment
Question by:rotaris357
7 Comments
 
LVL 3

Accepted Solution

by:
cincin77 earned 50 total points
ID: 7075261
Different from other TCP/IP applications, FTP uses 2 ports instead of one; one for control data and the other for the data. In normal operation; you open a connection to the port 21 of the ftp server.(this is the control connection) For this connection your local machine also has a port #.

The commands you enter like GET, PUT go through this channel. Aa the time comes to send or receive some data, FTP server opens a connection from its port # 20 to a local port in your machine which you sent to the server in advance through the control channel. This local port should be the 'high-port'.

However today most client machines are behind a firewall so it is not possible for the ftp server to open a connection to your machine. So your ftp client asks the server if it supports passive mode in which case the data connection is again opened by your client machine.

regards...
0
 
LVL 11

Expert Comment

by:geoffryn
ID: 7075728
Here is a great resource that explains FTP Active vs PASV in detail.

http://slacksite.com/other/ftp.html
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7084197
>However today most client machines are behind a firewall
>so it is not possible for the ftp server to
>open a connection to your machine

What kind of firewall are you using?  Mine certainly does do this (supports non-passive FTP) - it's called a stateful firewall, and any firewall that can't do it (these days) is basically crap (although most older firewalls *were* crap, and couldn't do it, hence passive FTP)

Otherwise, all the info I see here seems good, particularly geoffryn's URL - I vote for his answer...

Cheers,
-Jon


0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 3

Expert Comment

by:cincin77
ID: 7085821
It is not a good idea to allow incoming tcp connection requests.
it can be compromised.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7091048
>It is not a good idea to allow incoming tcp connection
>requests. it can be compromised.

Please refer to the CERT ID that indicates such vulnerabilities in iptables (I would also be interested in *any* CERT advisory regarding a stateful firewall).

Cheers,
-Jon
0
 

Author Comment

by:rotaris357
ID: 7101463
Thanks Cincin77 and geoffryn that make me clear , but I choose Cincin77 because he answers the question with his intention , and I think he can make me clear in the short of the detail.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7103275
Whatever works...

Cheers,
-Jon
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OnPage: Incident management and secure messaging on your smartphone
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question