rotaris357
asked on
Ftp high port
What is the ftp high-port ? Is it about ftp active and passive mode ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>However today most client machines are behind a firewall
>so it is not possible for the ftp server to
>open a connection to your machine
What kind of firewall are you using? Mine certainly does do this (supports non-passive FTP) - it's called a stateful firewall, and any firewall that can't do it (these days) is basically crap (although most older firewalls *were* crap, and couldn't do it, hence passive FTP)
Otherwise, all the info I see here seems good, particularly geoffryn's URL - I vote for his answer...
Cheers,
-Jon
>so it is not possible for the ftp server to
>open a connection to your machine
What kind of firewall are you using? Mine certainly does do this (supports non-passive FTP) - it's called a stateful firewall, and any firewall that can't do it (these days) is basically crap (although most older firewalls *were* crap, and couldn't do it, hence passive FTP)
Otherwise, all the info I see here seems good, particularly geoffryn's URL - I vote for his answer...
Cheers,
-Jon
It is not a good idea to allow incoming tcp connection requests.
it can be compromised.
it can be compromised.
>It is not a good idea to allow incoming tcp connection
>requests. it can be compromised.
Please refer to the CERT ID that indicates such vulnerabilities in iptables (I would also be interested in *any* CERT advisory regarding a stateful firewall).
Cheers,
-Jon
>requests. it can be compromised.
Please refer to the CERT ID that indicates such vulnerabilities in iptables (I would also be interested in *any* CERT advisory regarding a stateful firewall).
Cheers,
-Jon
ASKER
Thanks Cincin77 and geoffryn that make me clear , but I choose Cincin77 because he answers the question with his intention , and I think he can make me clear in the short of the detail.
Whatever works...
Cheers,
-Jon
Cheers,
-Jon
http://slacksite.com/other/ftp.html