Some ftp servers out there do not support or have fallback to passive ftp. On Wed, 2003-03-26 at 17:06, Kelly Setzer wrote: > On Wed, Mar 26, 2003 at 07:30:19AM +0200, Raymond Leach wrote: > > On Tue, 2003-03-25 at 23:27, paulc@xxxxxxxxxxx wrote: > > > The way I block Kazaa (and the other file sharing applications) is a > > > blanket ban on all ports by default. I then open the ports as I think is > > > appropriate at the firewall. These only include the port 23 for anyone > > > wishing to use telnet. All web and ftp style ports on 80, 21 and the like > > > are handled by a web-proxy to prevent using them for other purposes. All > > > incoming connects (and lots of ICMP messages) are dropped by the firewall also. > > > > > How do you get passive ftp to work and not allow file sharing networks? > > Do you mean active ftp? Passive ftp uses outbound connections for > both control (20) and data (21). Active ftp uses an inbound > connection on port 21. Force your users to use passive ftp only. > Most clients default to that anyway. > > Kelly > > -- > Kelly Setzer, System Administrator/Architect - Placemark Investments > 14180 Dallas Pkwy, Suite 200, Dallas, TX 75240 > kelly.setzer@xxxxxxxxxxxxx http://www.placemark.com > (972)404-8100x41 (work) (214) 287-3464 (cell) -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ( Raymond Leach ) ) Knowledge Factory ( ( ) ) Tel: +27 11 445 8100 ( ( Fax: +27 11 445 8101 ) ) ( ( http://www.knowledgefactory.co.za/ ) ) http://www.saptg.co.za/ ( ( http://www.mapnet.co.za/ ) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ o o o o .--. .--. | o_o| |o_o | | \_:| |:_/ | / / \\ // \ \ ( | |) (| | ) /`\_ _/'\ /'\_ _/`\ \___)=(___/ \___)=(___/
Attachment:
signature.asc
Description: This is a digitally signed message part
