ch13elpaso
asked on
Problems with FTP and AIX 4.3.3
We have a home brewed program that opens an ftp session into an AIX 4.3.3 box and uploads some files into an specified directory user : ch13ftp (/home/public/cimprt ) The programs was working fine until recently, we had an IT audit and the folks runnig the audit ran Nessus scan; somehow we had to reboot the AIX box, the only thing that is not working is the ftp portion of the program, we get an error saying not connected. SO I know the problem has to do with the ftp portion of it. NOw I have check the inetd, the hosts files and everything else I can think of (I am not an Unix expert, nor pretend to be). THe name of my WIndows machine, the one running the program has not changed, the Unix box appears to be running the FTP deamon, as a matter of fact, sometimes the program appears to connect and uploads to files, other times it completely refuses to connect. ANy ideas?
Freya28
ii would check the route table on the AIX machine to make sure it has the route to the windows machine and check if the ftp is set to passive
ASKER
How would I do that?
Hi,
Can you confirm that you can ftp and transfer files manually to the server (You need an account on the server for which you know the password, and an ftp client - MS Windows ftp will do)?
Also, do you have any firewall between the client and the server?
Can you confirm that you can ftp and transfer files manually to the server (You need an account on the server for which you know the password, and an ftp client - MS Windows ftp will do)?
Also, do you have any firewall between the client and the server?
Hi,
Do you have both AIX and Windows nodes on the same subnet, or they are on separate networks?
If you want to check reachability between the two nodes:
- On AIX server you may use traceroute IP (IP is the windows node ip address)
- On the windows node you can use tracert IP (IP is the AIX node ip address)
- One more possible reason for the problem is that you may have duplicate IPs on the network. Have you added any new node to the network, or changed IP address of some other node?
you may use arp -a to check for the IPs and corresponding MAC addresses.
To see your AIX network setup, use ifconfig -a
Do you have both AIX and Windows nodes on the same subnet, or they are on separate networks?
If you want to check reachability between the two nodes:
- On AIX server you may use traceroute IP (IP is the windows node ip address)
- On the windows node you can use tracert IP (IP is the AIX node ip address)
- One more possible reason for the problem is that you may have duplicate IPs on the network. Have you added any new node to the network, or changed IP address of some other node?
you may use arp -a to check for the IPs and corresponding MAC addresses.
To see your AIX network setup, use ifconfig -a
ASKER
omarfarid,
I can transfer files when the computers decide to connect! When I do a tracert IP from my windows machine it finds the AIX instantly. When I do the traceroute from my AIX to find anyhost on my network I get the following:
#traceroute 192.1.2.150
trying to get source for 192.1.2.150
source should be 192.1.2.1
traceroute to 192.1.2.150(192.1.2.150) from 192.1.2.1 (192.1.2.1), 30 hops max
1 * * *
2 * * *
3 * * *
4 * * *
5 .....18 and so on
I can transfer files when the computers decide to connect! When I do a tracert IP from my windows machine it finds the AIX instantly. When I do the traceroute from my AIX to find anyhost on my network I get the following:
#traceroute 192.1.2.150
trying to get source for 192.1.2.150
source should be 192.1.2.1
traceroute to 192.1.2.150(192.1.2.150) from 192.1.2.1 (192.1.2.1), 30 hops max
1 * * *
2 * * *
3 * * *
4 * * *
5 .....18 and so on
Hi,
The results you see for the traceroute command from the AIX server could be due to firewall / network between you and the other side. It could be that ICMP is not allowed.
But since you can do tracert from the Windows node, it means both nodes can reach each other.
Do you see any problem with FTP server running on the AIX box? Can you check the server logs?
Did you verify that you do not have duplicate IPs on the network?
The results you see for the traceroute command from the AIX server could be due to firewall / network between you and the other side. It could be that ICMP is not allowed.
But since you can do tracert from the Windows node, it means both nodes can reach each other.
Do you see any problem with FTP server running on the AIX box? Can you check the server logs?
Did you verify that you do not have duplicate IPs on the network?
ASKER
I can ftp using the root account from any machine; now if I use the ch13ftp account(regular user) I can telnet without any problems, but when I try to ftp it will not accept my credentials, even though I know they are correct, I just telneted into the same box using those credentials! What can be preventing access to the ftp but not to the telnet?? There is no Firewall between the Windows and the AIX, I disabled the Windows firewall just for arguments sake!
Hi,
Try this:
can you
ftp 0
and use the same user name & password? If not then check if the user name is in /etc/ftpusers
http://ist.uwaterloo.ca/security/howto/2001-01-15/misc.html
http://www.unet.univie.ac.at/aix/aixbman/commadmn/tcp_scurity.htm
It could be that the audit added the userid to this file
Try this:
can you
ftp 0
and use the same user name & password? If not then check if the user name is in /etc/ftpusers
http://ist.uwaterloo.ca/security/howto/2001-01-15/misc.html
http://www.unet.univie.ac.at/aix/aixbman/commadmn/tcp_scurity.htm
It could be that the audit added the userid to this file
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi,
Any progress / update?
Any progress / update?
ASKER
there is not /etc/ftpusers
Hi,
What ftp server are you using on that server? It could be that you are using 3rd party S/W that uses different authentication method.
can you capture and post your ftp login trial to see what error message are you getting?
What ftp server are you using on that server? It could be that you are using 3rd party S/W that uses different authentication method.
can you capture and post your ftp login trial to see what error message are you getting?
Hi,
ch13elpaso:
What was the problem ?
ch13elpaso:
What was the problem ?