Security Basics mailing list archives

Re: Windows XP and FTP

From: nick <nick () mobilia it>
Date: Fri, 13 Jan 2006 09:58:26 +0100

Ansgar -59cobalt- Wiechers wrote:

On 2006-01-10 koremeltdown () hotmail com wrote:

I have Windows XP (as do many of my clients) and have noticed
something strange. When trying to access my server(s) via FTP, when
Windows (XP Pro) Firewall is turned on, you cannot perform this task.
Sometimes it has problems resolving the hostname, sometimes it just
doesn't connect at all. When disabling Windows Firewall FTP works
fine, however when just enabling FTP Access via the firewall
configuration it doesn't seem to want to work. My XP using clients
seem to be having the same problem.



Looks like you (and your clients) are using FTP in active mode. In that
case the FTP server tries to establish the data connection to the client
which is then intercepted by the Windows Firewall. Try using passive
mode.

If you use the commandline FTP client: ftp.exe from Windows does only
support active mode IIRC, so use something like ncftp [1] instead.

[1] http://www.ncftp.com/

Regards
Ansgar Wiechers

I just dealt with a user who was unable to connect with XP and FTPX, butif they used the command line, it worked just fine. PASV mode didn'tseem to make any difference. It's almost like the XP firewall doesn'tkeep ftp states. I use an iptables firewall to connect to the server(proftpd) and have 0 problems. When I had the user disable the windowsfirewall, it connected immediately. It's a recent problem, I have afeeling that MS changed the behaviour of the firewall recently, perhapsinadvertantly?

I recommended that the user try another firewall, but this seems like anMS problem...




---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE

The Norwich University program offers unparalleled Infosec managementeducation and the case study affords you unmatched consulting experience.Tailor your education to your own professional goals with degreecustomizations including Emergency Management, Business Continuity Planning,Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------

Current thread:

Windows XP and FTP koremeltdown (Jan 10)
- Re: Windows XP and FTP Mark Owen (Jan 11)
  - Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- Re: Windows XP and FTP Fabien Degouet (Jan 12)
- Re: Windows XP and FTP Ansgar -59cobalt- Wiechers (Jan 12)
  - Re: Windows XP and FTP Hamish Stanaway (Jan 15)
    - Re: Windows XP and FTP Patrick Benson (Jan 17)
  - Re: Windows XP and FTP nick (Jan 15)
    - Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- Re: Windows XP and FTP Shadow Mlists (Jan 14)
  - Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- <Possible follow-ups>
- Re: Windows XP and FTP unimportant (Jan 11)
- RE: Windows XP and FTP Roger A. Grimes (Jan 11)
- Re: Windows XP and FTP Hamish Stanaway (Jan 16)
  - Re: Windows XP and FTP PCSC Information Services (Jan 16)
    - Re: Windows XP and FTP Hamish Stanaway (Jan 17)
- RE: Windows XP and FTP Mike Fetherston (Jan 17)
  - RE: Windows XP and FTP Hamish Stanaway (Jan 20)

(Thread continues...)