From owner-freebsd-questions@FreeBSD.ORG Mon Jan 2 15:26:46 2006 Return-Path: X-Original-To: questions@FreeBSD.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1808016A41F for ; Mon, 2 Jan 2006 15:26:46 +0000 (GMT) (envelope-from fbsd_user@a1poweruser.com) Received: from mta11.adelphia.net (mta11.adelphia.net [68.168.78.205]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9428343D58 for ; Mon, 2 Jan 2006 15:26:45 +0000 (GMT) (envelope-from fbsd_user@a1poweruser.com) Received: from barbish ([69.172.31.117]) by mta11.adelphia.net (InterMail vM.6.01.05.02 201-2131-123-102-20050715) with SMTP id <20060102152644.FQGP5278.mta11.adelphia.net@barbish>; Mon, 2 Jan 2006 10:26:44 -0500 From: "fbsd_user" To: "zhane H" , Date: Mon, 2 Jan 2006 10:26:43 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <54103ab80601011739u1c7deb6as330b65208011424d@mail.gmail.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Importance: Normal Cc: Subject: RE: IPFW> FTP X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: fbsd_user@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jan 2006 15:26:46 -0000 Because the FTP protocol is very primitive and was created before security was a concern. native FTP in active mode requires you to open all the high order ports. This is a well known security hole and its used to penetrate your system. IPFW does not have way to close this hole so the handbook IPFW examples do not include FTP. IPFW was design to force users to use scp command (secure shell) protocol for FTP & Telnet. Read the handbook for Ipfilter it has way to secure native FTP. -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of zhane H Sent: Sunday, January 01, 2006 8:39 PM To: questions@FreeBSD.org Subject: IPFW> FTP hello i had a minor question/concern i was wondering why does the firewall rulesets have permissions for everything, and help for running almosty anything and how to open and wich port to open but yet it has no exmpale ruleset or any help for using a FTP while using a firewall such as IPFW. it has no help in the handbook period. on how to use ftp while using IPFW i think someone must check this and try to add it in. please _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"