Firewall Wizards mailing list archives
Re: Active to Passive FTP translator?
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Wed, 27 Nov 2002 10:17:16 +0100
Whoops. Tobias Reckhard caught a slip-up here: Mikael Olsson wrote:
- The java applet connects out through the firewall, to a fake FTP server under the attacker's control, and sends "PASV 192,168,0,1,5,153" (connect to me on port 1433) and then "RETR whatever.bin" (i want to receive data)
This should be "PORT 192,168,0,1,5,153", not "PASV". "PASV" is, of course, used in passive mode, like this: Client: "PASV" Server: "227 Entering Passive Mode (1,2,3,4,5,6)" ... which is safe for the client, but not for the server. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Active to Passive FTP translator? Dawes, Rogan (ZA - Johannesburg) (Nov 25)
- Re: Active to Passive FTP translator? Mikael Olsson (Nov 25)
- Re: Active to Passive FTP translator? Magosányi Árpád (Nov 25)
- <Possible follow-ups>
- RE: Active to Passive FTP translator? Scott, Richard (Nov 26)
- Re: Active to Passive FTP translator? David Pick (Nov 26)
- Re: Active to Passive FTP translator? Mikael Olsson (Nov 26)
- Re: Active to Passive FTP translator? Mikael Olsson (Nov 27)