From owner-freebsd-security Sun Jul 8 13: 6:55 2001 Delivered-To: freebsd-security@freebsd.org Received: from avocet.mail.pas.earthlink.net (avocet.mail.pas.earthlink.net [207.217.121.50]) by hub.freebsd.org (Postfix) with ESMTP id 1748537B401 for ; Sun, 8 Jul 2001 13:06:51 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from blossom.cjclark.org (dialup-209.245.133.115.Dial1.SanJose1.Level3.net [209.245.133.115]) by avocet.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id NAA00386; Sun, 8 Jul 2001 13:06:44 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f68K6Zc00873; Sun, 8 Jul 2001 13:06:35 -0700 (PDT) (envelope-from cjc) Date: Sun, 8 Jul 2001 13:06:30 -0700 From: "Crist J. Clark" To: "tjk@tksoft.com" Cc: Axel Scheepers , freebsd-security@FreeBSD.ORG Subject: Re: Firewall and ftp service Message-ID: <20010708130630.A307@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20010707153247.A78448@surf.iae.nl> <200107081001.DAA07513@smtp3.tksoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200107081001.DAA07513@smtp3.tksoft.com>; from tjk@tksoft.com on Sun, Jul 08, 2001 at 03:01:54AM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Jul 08, 2001 at 03:01:54AM -0700, tjk@tksoft.com wrote: > > I wanted to point out that port 20 is for ftp data and port 21 is > for ftp commands. Yep. For PORT or "active" FTP. > When an ftp connection is made, the client connects to the server at > port 21. All communications occur on that channel. All command and control communications. > When the server needs to send data to the client, it opens a connection > to port 20 on the client. When it makes the connection, it allocates a > local port > 1024 for its local port. *sigh* NO. When the server needs to send data to the client, it opens a connection _from_ port 20 on the server to some ephemeral port, >1024, on the client. Think about it. On a UNIX system, is the client program running with root privs? How could it open port 20? > When a client requests passive ftp, the server opens a random port > > 1024 for listening. The client then opens a connection to that port. That's usually what happens in PASV. > With both passive and regular ftp data connections, the server has a > local port > 1024 open. The distinction is that with passive ftp the > server does a "listen()," opening a port for incoming connections. With > regular ftp, the server does a "connect()" and the client must open port > 20 with "listen()." Again, no. The server uses its port 20 for a PORT command. The client never uses port 20 in either mode. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message