Firewall Wizards mailing list archives

Re: inbound port 20

From: Thorkild Stray <thorkild () linpro no>
Date: 29 Jun 1999 20:00:15 +0200

[Kaptain <kaptain () kaptain com>:]

Hi all.  We are having a live update issue with Symantec because our
firewall blocks inbound port 20 and that is the response port that opens
to receive their file via ftp.  We are considering opening the port
permenantly or semi-permenantly to alleviate the problem.  Can anyone
point to any security issues that might be associated with this and/or any
precautions we should take if we open the port?  Thanks in advance for any
advice.


As noted the reply from Frank Heinzius, this is because Symantec uses
active FTP. 

One of our firewall-customers also had this problem, but it seems that
the last version of Liveupdate has a option for fetching the updates
with the HTTP protocoll instead. I think this was added in response to
the problems with active ftp.

Symantec might know more.

-- 
Thorkild Stray                                  <thorkild () linpro no>
LinPro AS

Current thread:

inbound port 20 Kaptain (Jun 28)
- Re: inbound port 20 Frank Heinzius (Jun 29)
- Re: inbound port 20 Thorkild Stray (Jun 29)