Solved

Ftp high port

Posted on 2002-06-13
7
344 Views
Last Modified: 2010-04-11
What is the ftp high-port ? Is it about ftp active and passive mode ?
0
Comment
Question by:rotaris357
7 Comments
 
LVL 3

Accepted Solution

by:
cincin77 earned 50 total points
ID: 7075261
Different from other TCP/IP applications, FTP uses 2 ports instead of one; one for control data and the other for the data. In normal operation; you open a connection to the port 21 of the ftp server.(this is the control connection) For this connection your local machine also has a port #.

The commands you enter like GET, PUT go through this channel. Aa the time comes to send or receive some data, FTP server opens a connection from its port # 20 to a local port in your machine which you sent to the server in advance through the control channel. This local port should be the 'high-port'.

However today most client machines are behind a firewall so it is not possible for the ftp server to open a connection to your machine. So your ftp client asks the server if it supports passive mode in which case the data connection is again opened by your client machine.

regards...
0
 
LVL 11

Expert Comment

by:geoffryn
ID: 7075728
Here is a great resource that explains FTP Active vs PASV in detail.

http://slacksite.com/other/ftp.html
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7084197
>However today most client machines are behind a firewall
>so it is not possible for the ftp server to
>open a connection to your machine

What kind of firewall are you using?  Mine certainly does do this (supports non-passive FTP) - it's called a stateful firewall, and any firewall that can't do it (these days) is basically crap (although most older firewalls *were* crap, and couldn't do it, hence passive FTP)

Otherwise, all the info I see here seems good, particularly geoffryn's URL - I vote for his answer...

Cheers,
-Jon


0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 3

Expert Comment

by:cincin77
ID: 7085821
It is not a good idea to allow incoming tcp connection requests.
it can be compromised.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7091048
>It is not a good idea to allow incoming tcp connection
>requests. it can be compromised.

Please refer to the CERT ID that indicates such vulnerabilities in iptables (I would also be interested in *any* CERT advisory regarding a stateful firewall).

Cheers,
-Jon
0
 

Author Comment

by:rotaris357
ID: 7101463
Thanks Cincin77 and geoffryn that make me clear , but I choose Cincin77 because he answers the question with his intention , and I think he can make me clear in the short of the detail.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7103275
Whatever works...

Cheers,
-Jon
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now