litmic
asked on
Ftp/Sftp port connection issue
Can't ftp & sftp to external ftp server, want to check which parts block the port connection. How can I simply check it? How can I check it at router, internal firewall, internal proxy?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I am definitely in agreement with David regarding pain FTP. The only situation where I would ever use it is on a private network where I control everything and don't care about details being harvested. It is an old protocol and completely insecure. Even on a private network, a sniffer can easily obtain authentication details and could interfere with or monitor the data stream. I answered a question before about this and was told a fortune 500 company still used FTP. All I thought was... wow... amazing. This was of course in a negative sense.
1) Never, ever, ever use FTP.
2) If there's any FTP server running anywhere, shut it down + delete the entire codebase.
3) Focus on SFTP + debug every connection step. Likely best way to approach this is to use tshark (or equivalent) + see what IP is blocking your connection.
4) Even more important, always consider everything to be broken... which means... first scan your external machine with NMAP or post the external machine name here so someone else can do a scan, to determine if there's an SFTP server running + if it will answer public connections without an ACL being setup by this machine's administrator.