Re: FTP Server Not Accessable

---

• From: Kristian Rink <kristian@xxxxxxxxxxxxx>
• Date: Wed, 31 Jan 2007 13:29:35 +0100

---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

["Amichai Rotman" <amichai@xxxxxxxxxxx> @ Wed, 31 Jan 2007 14:12:33
+0200]

But when trying to access it from the outside it hangs on
"Connecting..."

What do you see in your /var/log/proftpd.log? Do these connection
attempts actually reach your FTP server?

Anywhere else I should enable port 21?

You need to make sure a couple of things:

* Your firewall needs to allow connections to port 21 of its public
interface.

* Indeed, port forwarding has to work to forward connections on port 21
to port 21 of the actual FTP server machine.

* You need to see whether to use active or passive FTP. Given active
FTP, you need to make sure your client-side firewall does allow inbound
connections on non-privileged port. Given passive FTP, you should
ensure having (a) configured a set of ports to be used for that in your
proftpd.conf (PassivePorts directive) and (b) set up your firewall to
allow connections to these ports as well as forwarding them to the
appropriate FTP server ports.

If you do have any more questions, check [1] for some basic details on
that and/or feel free to ask. Setting up FTP especially across
"consumer-class" firewall/router devices can be a pain...

Cheers,
Kristian


[1] http://slacksite.com/other/ftp.html



- --
Kristian Rink * http://zimmer428.net * http://flickr.com/photos/z428/
jab: kawazu@xxxxxxxxxxxxx * icq: 48874445 * fon: ++49 176 2447 2771
"One dreaming alone, it will be only a dream; many dreaming together
is the beginning of a new reality." (Hundertwasser)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFwIu8cxBAPOA1m6wRAnSbAKCagK5/1yNPAwkeH/lyIOxGu9k8HQCfYNKX
Iy8EVzOpWaU5+yMIm0sQ3mM=
=uQZb
-----END PGP SIGNATURE-----
--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

---

• References:
  • FTP Server Not Accessable
    • From: Amichai Rotman

• Prev by Date: FTP Server Not Accessable
• Next by Date: Re: Firewall question
• Previous by thread: FTP Server Not Accessable
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Hacked? External address knocks on internal private address... ... The important part of your message is that FTP is allowed out... ... You open a connection to an FTP Server and logon. ... When you ask the server for a file the server issues a "PORT" command ... so it can open a port on the firewall to allow the incoming Data ... (comp.security.firewalls) RE: FTP Window of opportunity? ... does it seemingly accept the connections and drop them once the response ... Subject: FTP Window of opportunity? ... blocked by the firewall. ... the FTP port shows up. ... (Pen-Test) Re: Iptables FTP question ... The -m helper "ftp" which was suggested by Cedric will propably do what I ... > source port of 20 if it is for port mode data connections(for a standard ... > it were for passive mode data connections. ... > rules directly to the forward chains. ... (comp.security.firewalls) Re: Iptables FTP question ... for secondary connections. ... Some ftp servers don't allow passive mode because it is less safe from ... algs that allow port mode for client machines. ... (comp.security.firewalls) Re: IPSwitch, Inc. WS_FTP Server ... > bounce attack as well as PASV connection hijacking. ... > The FTP bounce vulnerability allows a remote attacker to cause the ... > anonymously along with any internal addresses that the FTP server has ... That means it's got to handle a PORT ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Mailing-Lists  > Ubuntu  > 2007-01