Re: FTP Client support with default block all
This is a discussion on Re: FTP Client support with default block all within the IPFilter forums, part of the System Security and Security Related category; Hmmm...different approach... How about using a FTP proxy instead? > From: Amadeus Stevenson <amadeus.stevenson@gmail.com> &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-15-2004
|
|||
|
|||
Re: FTP Client support with default block all
Hmmm...different approach...
How about using a FTP proxy instead? > From: Amadeus Stevenson <amadeus.stevenson@gmail.com> > Reply-To: Amadeus Stevenson <amadeus.stevenson@gmail.com> > Date: Wed, 15 Dec 2004 17:00:17 +0000 > To: ipfilter@coombs.anu.edu.au > Subject: FTP Client support with default block all > > Hello All, > > I am using a "block all" firewall which then selectively allows > certain connections out and back in from a natted lan (ie. http, smtp > etc.). > > The problem arises with FTP. > > I read up on Active and Passive transfers from: > http://slacksite.com/other/ftp.html > > I had to block ports > 1024 because of various file sharing programs > which would use whatever ports they could to share files and suck up > the bandwidth of the internet connection. > > This also blocked FTP working properly. > > Reading the above information it would seem that there's no way to > block file sharing while letting FTP clients work properly, as both > rely on random port numbers > 1024. > > Is my thinking correct? Can anyone think of a solution to this problem? > > Many thanks > > Amadeus 
|
Linear Mode
