[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipchains-list
Subject:    Re: ipchains with 2.4 kernel and ftp
From:       Ian Mortimer <ian () physics ! uq ! edu ! au>
Date:       2001-10-16 2:47:31
[Download RAW message or body]

Hi Alan

> OK, that seems pretty clear.   But how does one control whether
> active or passive ftp is used by an application?

Most web applications these days will automatically try
to start in passive mode and fall back to active mode if
the server doesn't comply.
 
> For instance, a Windoze 98 system on my internal network
> wants to install some Hewlett-Packard printer software.
> The CDROM installation procedure has an option to do an
> "Internet install".   This procedure displays a dialog
> box that gives the user the opportunity to change the port
> number from 21 to something else.   From this, I assume
> that it is using ftp.   But is it using active or passive
> ftp?   Is it even possible (without examining a packet log)
> to tell?

You could look at what ports are connecting with tcpdump.
If there's an attempt to connect from port 20 on the remote
server to an unprivileged port on the W98 system it's using
active ftp.


Ian

[prev in list] [next in list] [prev in thread] [next in thread]