?
Solved

FTP Security Concern

Posted on 2009-04-13
6
Medium Priority
?
458 Views
Last Modified: 2013-12-09
I had an issue with someone trying to connect to my FTP site and was having a problem
They sent me a log of the transaction that took place but Im not sure what it all means
Here is a sample of what the log read
{=========================================================
---- Resolving host address...
---- 1 address found: 208.265.42.19
notice: cannot open /export/home/sassys/.netrc: No such file or directory
---- dns cache hit
---- Connecting to abcftp.net (208.265.42.19) port 21
<--- 220 abc-sysaid.abc.ad X2 WS_FTP Server 7.0(92055573)
---> FEAT
<--- 503 Command FEAT not accepted during Connected
---> AUTH TLS
<--- 234 SSL enabled and waiting for negotiation
---> USER ABC

Certificate: ABC
 Issued by:ABC
WARNING: Certificate verification: Not trusted
WARNING: Certificate verification: The certificate's owner does not match hostname 'abcftp.net'
<--- 331 Enter password
---> PASS abc
<--- 230 User logged in
---> FEAT
<--- 211-Extensions supported
<---     SIZE
<---     XMD5
<---     XSHA1
<---     XSHA256
<---     XSHA512
<---     XQUOTA
<---     LANG EN, ES, FR, GE
<---     MDTM
<---     MLST size*;type*;perm*;create*;modify*;
<---     REST STREAM
<---     TVFS
<---     UTF8
<---     AUTH SSL;TLS-P;
<---     PBSZ
<---     PROT C;P;
<--- 211 end
---> PWD
<--- 257 "/" is current directory
---> PBSZ 0
<--- 200 PBSZ=0
---> LANG
<--- 200 Default languages set to EN
Should they be seeing all of this?
0
Comment
Question by:ahmad1467
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 12

Expert Comment

by:nsx106052
ID: 24130073
Sounds like the certificate is being denied.  If your certificate is from a trusted 3rd party you will need the user to accept the cert.  Your best bet is to make sure the cert is good and that other users can log in to the FTP server.  You might also want to check and make sure they using an FTP client that will work.  
0
 

Author Comment

by:ahmad1467
ID: 24130093
Other users can connect to the FTP with no problem is this because their trying to make a SSL  connection
0
 
LVL 12

Expert Comment

by:nsx106052
ID: 24130104
Judging by the log you posted SSL cert doesn't seem be trusted by the user's computer.  I would start troubleshooting there.  
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 31

Accepted Solution

by:
Paranormastic earned 1500 total points
ID: 24130194
By the look of the error, I'm wondering if the @ didn't get in there, or you missed the . between abc and ftp.net...  

ftp://userid@site:port

(ftp://userid:password@site:port)
ftp://ABC:abc@abc.ftp.net:234
0
 

Author Comment

by:ahmad1467
ID: 24130222
One other thing once the make the connection
They get an IP redirect witch redirects to our internal IP address of the FTP Server.
Is that normal?
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24130902
oh.  that redirect could be the name mismatch.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Goal:  To set up a secure SSH server for your home computer to make it accessible anywhere AND to use it as a port forwarding proxy. Steps 1.  WinSSHD version 5 is free for personal use.  So download and install it.  You can download it from the…
Determining the an SCCM package name from the Package ID
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question