Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Problems with FTP and AIX 4.3.3

Posted on 2007-10-12
13
Medium Priority
?
561 Views
Last Modified: 2013-12-19
We have a home brewed program that opens an ftp session into an AIX 4.3.3 box and uploads some files into an specified directory user : ch13ftp (/home/public/cimprt )   The programs was working fine until recently, we had an IT audit and the folks runnig the audit ran Nessus scan; somehow we had to reboot the AIX box, the only thing that is not working is the ftp portion of the program, we get an error saying not connected.  SO I know the problem has to do with the ftp portion of it.  NOw I have check the inetd, the hosts files and everything else I can think of (I am not an Unix expert, nor pretend to be).  THe name of my WIndows machine, the one running the program has not changed, the Unix box appears to be running the FTP deamon, as a matter of fact, sometimes the program appears to connect and uploads to files, other times it completely refuses to connect.  ANy ideas?
0
Comment
Question by:ch13elpaso
  • 8
  • 4
13 Comments
 
LVL 12

Expert Comment

by:Freya28
ID: 20065734
ii would check the route table on the AIX machine to make sure it has the route to the windows machine and check if the ftp is set to passive
0
 

Author Comment

by:ch13elpaso
ID: 20065755
How would I do that?
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 20065782
Hi,

Can you confirm that you can ftp and transfer files manually to the server (You need an account on the server for which you know the password, and an ftp client - MS Windows ftp will do)?

Also, do you have any firewall between the client and the server?

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 40

Expert Comment

by:omarfarid
ID: 20065856
Hi,

Do you have both AIX and Windows nodes on the same subnet, or they are on separate networks?

If you want to check reachability between the two nodes:

- On AIX server you may use traceroute IP (IP is the windows node ip address)

- On the windows node you can use tracert IP (IP is the AIX node ip address)

- One more possible reason for the problem is that you may have duplicate IPs  on the network. Have you added any new node to the network, or changed IP address of some other node?

you may use arp -a to check for the IPs and corresponding MAC addresses.

To see your AIX network setup, use ifconfig -a

0
 

Author Comment

by:ch13elpaso
ID: 20067141
omarfarid,

I can transfer files when the computers decide to connect!  When I do a tracert IP from my windows machine it finds the AIX instantly.  When I do the traceroute from my AIX to find anyhost on my network I get the following:
#traceroute 192.1.2.150
trying to get source for 192.1.2.150
source should be 192.1.2.1
traceroute to 192.1.2.150(192.1.2.150) from 192.1.2.1 (192.1.2.1), 30 hops max
1 * * *
2 * * *
3 * * *
4 * * *
5 .....18 and so on
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 20067651
Hi,

The results you see for the traceroute command from the AIX server could be due to firewall / network between you and the other side. It could be that ICMP is not allowed.

But since you can do tracert from the Windows node,  it means both nodes can reach each other.

Do you see any problem with FTP server running on the AIX box? Can you check the server logs?

Did you verify that you do not have duplicate IPs on the network?

0
 

Author Comment

by:ch13elpaso
ID: 20067955
I can ftp using the root account from any machine; now if I use the ch13ftp account(regular user) I can telnet without any problems, but when I try to ftp it will not accept my credentials, even though I know they are correct, I just telneted into the same box using those credentials!  What can be preventing access to the ftp but not to the telnet??  There is no Firewall between the Windows and the AIX, I disabled the Windows firewall just for arguments sake!
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 20068041
Hi,

Try this:

can you

ftp 0

and use the same user name & password? If not then check if the user name is in /etc/ftpusers

http://ist.uwaterloo.ca/security/howto/2001-01-15/misc.html
http://www.unet.univie.ac.at/aix/aixbman/commadmn/tcp_scurity.htm

It could be that the audit added the userid to this file
0
 
LVL 40

Accepted Solution

by:
omarfarid earned 1500 total points
ID: 20068053
Hi,

If this is the case just remove the userid from that file
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 20070391
Hi,

Any progress / update?
0
 

Author Comment

by:ch13elpaso
ID: 20071643
there is not /etc/ftpusers
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 20072657
Hi,

What ftp server are you using on that server? It could be that you are using 3rd party S/W that uses different authentication method.

can you capture and post your ftp login trial to see what error message are you getting?

0
 
LVL 40

Expert Comment

by:omarfarid
ID: 20149824
Hi,

ch13elpaso:

What was the problem ?

0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question