Date: Tue, 19 Dec 2000 12:38:58 +0100 (MET) From: Peter Ross <petros@pps.de> To: freebsd-security@freebsd.org Cc: drew@planetwe.com Subject: Re: FTP and firewall Message-ID: <200012191138.MAA26842@jung9.pps.de>
next in thread | raw e-mail | index | archive | help
Hi, Drew Sanford answered to my question > > I see five different ways to solve the FTP firewall problem: > > 1. external FTP server and mirror through the firewall .. > > Can I use cpdup (ports collection)? > I speak typo - I assume you mean cvsup. No, I meant cpdup ( a mirror tool listed in the ports collection). cvsup.. thanks for the new idea. Yesterday I heard an opinion: "make and dependencies". Hmmh. --- I inherited an old FTP server (SUsE Linux 5.3 - Kernel 2.0.x). This server is protected fy firewall rules and uses NFS mounts. (My suggestion 4.) > > 4. firewall with FTP server and NFS access to the company network Every fortnight I have to reboot the machine.. I checked some articles and books about security and firewalls etc. I found "FTP is a problem" but not one good advise how to deal with it. So I decided to discuss the problem here. It would be nice to know how other administrators solve the problem and what safety-conscious people think about. --- Maybe someone did it in the way I tried (internal FTP server and redirect) and has a firewall rule set? That would be fine. --- Yesterday I checked the ftpd sources. Has someone used this sources to build a proxy? The external ftpd parse the command string and forward it to the internal ftpd. The external ftpd build requested data connections to the clients and receives or send data via a second port to the internal ftpd. Advantage: defined ports through the firewall. Thanks for every advice or opinion Peter Ross To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012191138.MAA26842>