Date: Mon, 3 Apr 2000 10:15:51 -0600 (MDT) From: Paul Hart <hart@iserver.com> To: Michael McHugh <mchugh@actv.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Firewall rules for an internet FTP server? Message-ID: <Pine.BSF.4.21.0004031009530.13866-100000@anchovy.orem.iserver.com> In-Reply-To: <38E8A393.D492BB3B@actv.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Apr 2000, Michael McHugh wrote: > Also, ftp can be run in two modes - passive and active. Passive > involves pure port 21, active involves the ftp server opening a > connection from port 20 to a high numbered port on the client. Uhh, not quite. Passive mode DOES involve the client connecting to a high numbered port on the server (chosen by the server). Both active and passive modes require a separate data channel and are troublesome to firewall. The difference is only in who picks the ports and who contacts who. Paul Hart -- Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc. hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0004031009530.13866-100000>