Solved

FTP Security Concern

Posted on 2009-04-13
6
445 Views
Last Modified: 2013-12-09
I had an issue with someone trying to connect to my FTP site and was having a problem
They sent me a log of the transaction that took place but Im not sure what it all means
Here is a sample of what the log read
{=========================================================
---- Resolving host address...
---- 1 address found: 208.265.42.19
notice: cannot open /export/home/sassys/.netrc: No such file or directory
---- dns cache hit
---- Connecting to abcftp.net (208.265.42.19) port 21
<--- 220 abc-sysaid.abc.ad X2 WS_FTP Server 7.0(92055573)
---> FEAT
<--- 503 Command FEAT not accepted during Connected
---> AUTH TLS
<--- 234 SSL enabled and waiting for negotiation
---> USER ABC

Certificate: ABC
 Issued by:ABC
WARNING: Certificate verification: Not trusted
WARNING: Certificate verification: The certificate's owner does not match hostname 'abcftp.net'
<--- 331 Enter password
---> PASS abc
<--- 230 User logged in
---> FEAT
<--- 211-Extensions supported
<---     SIZE
<---     XMD5
<---     XSHA1
<---     XSHA256
<---     XSHA512
<---     XQUOTA
<---     LANG EN, ES, FR, GE
<---     MDTM
<---     MLST size*;type*;perm*;create*;modify*;
<---     REST STREAM
<---     TVFS
<---     UTF8
<---     AUTH SSL;TLS-P;
<---     PBSZ
<---     PROT C;P;
<--- 211 end
---> PWD
<--- 257 "/" is current directory
---> PBSZ 0
<--- 200 PBSZ=0
---> LANG
<--- 200 Default languages set to EN
Should they be seeing all of this?
0
Comment
Question by:ahmad1467
  • 2
  • 2
  • 2
6 Comments
 
LVL 12

Expert Comment

by:nsx106052
ID: 24130073
Sounds like the certificate is being denied.  If your certificate is from a trusted 3rd party you will need the user to accept the cert.  Your best bet is to make sure the cert is good and that other users can log in to the FTP server.  You might also want to check and make sure they using an FTP client that will work.  
0
 

Author Comment

by:ahmad1467
ID: 24130093
Other users can connect to the FTP with no problem is this because their trying to make a SSL  connection
0
 
LVL 12

Expert Comment

by:nsx106052
ID: 24130104
Judging by the log you posted SSL cert doesn't seem be trusted by the user's computer.  I would start troubleshooting there.  
0
Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 24130194
By the look of the error, I'm wondering if the @ didn't get in there, or you missed the . between abc and ftp.net...  

ftp://userid@site:port

(ftp://userid:password@site:port)
ftp://ABC:abc@abc.ftp.net:234
0
 

Author Comment

by:ahmad1467
ID: 24130222
One other thing once the make the connection
They get an IP redirect witch redirects to our internal IP address of the FTP Server.
Is that normal?
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24130902
oh.  that redirect could be the name mismatch.
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

Goal:  To set up a secure SSH server for your home computer to make it accessible anywhere AND to use it as a port forwarding proxy. Steps 1.  WinSSHD version 5 is free for personal use.  So download and install it.  You can download it from the…
With the withdrawal of support for Windows Server 2003 this summer, many clients face the issue of moving away from their 2003 installs. There are a few options out there that many people/companies are selling. But the clients I have, haven't wanted…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now