[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 310
  • Last Modified:

Letting Windows Firewall accept incoming connections

When I run Super FTP Search (dowloaded from tucows, http://tucows.menanet.net/files3/fssetuptc.exe) my Windows Fireall does block it as it says it is trying to open an incoming connection from the internet. Why should it try to do it? Is it safe to list this software in the exception list of Windows Firewall?
0
s_federici
Asked:
s_federici
1 Solution
 
glennbrown2Commented:
Open Control Panel, Windows Firewall, click on the "Exceptions" tab, "add program" and browse to your FTP program .exe file.  you could also "add port" if you need.  Port 21 is for ftp
0
 
s_federiciAuthor Commented:
Or this is a stupid question and every FTP software does need an incoming connection to download info/file from the FTP site? What I fear would be having an open door on my PC.
0
 
s_federiciAuthor Commented:
Yes, I know how to block/unblock it. But should I do it? Would that be safe for my PC?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
rindiCommented:
whenever you open up ports you are giving outsiders a chance of connecting to your PC and do bad things. For that reason a Firewall normally will have all ports blocked. When you do open such a port, you should make sure that you setup the rest of your system secure enough so that it will be difficult for outsiders to compromise your PC by making sure that you use strong passwords, use encryption where possible and also make sure that you have installed the latest updates and patches which close known security holes. If you keep to such rules you'll stay as secure as possible. When you install a software like FTP you normally know what you need it for and also secure it, so then you can also open that port. If you don't know what that software is for, then keep the port closed.
0
 
r-kCommented:
I am not familiar with Super FTP Search, but it must be doing more than just act as an FTP client. That doesn't necessarily mean it is bad, but you should dig more into it and see why it needs ports opened. Perhaps email the company that sells it.
0
 
Phil_AgcaoiliCommented:
I think you should allow it.

It sounds like by default, the Super FTP Search FTP application use active FTP and your firewall is seeing the FTP server requesting the data download port on your system and is blocking it.

In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode.

Here's more info about passive versus active FTP to make you feel more comfortable: http://slacksite.com/other/ftp.html
0
 
s_federiciAuthor Commented:
Yes, exactly. You are perfectly right. Thanks
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now