Passive FTP does not pass through ?
-
allowed ports : 20, 21, 80, 443, mail ports
deny: all portsftp://x.x.x.x
not connecting….
test1:
Jan 17 15:59:01 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49673 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59987 TCP:S
Jan 17 15:59:02 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49673 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59987 TCP:S
Jan 17 15:59:04 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49673 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59987 TCP:Stest2:
Jan 17 15:59:44 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49682 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:49485 TCP:S
Jan 17 15:59:45 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49682 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:49485 TCP:Stest3:
Jan 17 16:00:20 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49694 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:64034 TCP:S
Jan 17 16:00:21 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49694 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:64034 TCP:S
Jan 17 16:00:23 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49694 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:64034 TCP:Stest4:
Jan 17 16:01:31 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49701 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59199 TCP:S
Jan 17 16:01:32 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49701 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59199 TCP:S
Jan 17 16:01:34 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49701 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59199 TCP:Stest5:
Jan 17 16:02:05 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49704 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:7689 TCP:S
Jan 17 16:02:06 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49704 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:7689 TCP:Stest6:
Jan 17 16:04:02 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49718 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:37155 TCP:S
Jan 17 16:04:03 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49718 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:37155 TCP:S
Jan 17 16:04:05 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49718 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:37155 TCP:Stest7:
Jan 17 16:05:08 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49721 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:12484 TCP:S
Jan 17 16:05:09 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49721 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:12484 TCP:S
Jan 17 16:05:12 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49721 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:12484 TCP:S -
Passive FTP requires having ports open for the data connection as well, just allowing 21 isn't enough. There is no reason to allow 20 there.
-
I open other ports? in terms of security? ( torrent vb) specific passive ftp ports? :(
thank you.
-
Yes you'll need ports open for the data connection. Problem is passive FTP ports are server-defined, and could be any of a wide range (1024 through 65535). So where you want to keep egress rules tight, you'll probably want to force FTP use through a proxy (like Squid) only.