Re: [SLUG] ftp security (was wu-ftpd)

From: Brad Smith (brad_stephenssmith@yahoo.com)
Date: Tue Jun 10 2003 - 09:05:08 EDT


Sounds like a passive vs non-passive FTP issue. Are you going through a firewall? Regardless, I'll
bet your CLI ftp client is set to PASV or auto mode whereas gftp isn't.

FTP is a wierd beast in that normally, instead of the client connecting to the server and just
grabbing a file (or directory listing), the client instead requests the file of the server, at
which point the _server connects to the client_ and sends it. Well, the client is invariably
listening on a high port (> 1024) and allowing inbound connections to be initiated on high ports
is bad security. Thus, regular FTP rarely works through a firewall. Whenever an ftp client is able
to connect, but not get a directory listing, 99% of the time this is what is happening.

The solution is 'passive mode' ftp. In passive mode, it's all done by the client, as one might
expect it to have worked in the first place. You'll find it somewhere in the options on your
client.

--Brad

--- John Clay <john.clay@lfr.com> wrote:
> I've got wu-ftpd running -- thanks Matt.
>
> given the following directory structure: /home/guest
> where: /home/guest has ~/bin ~/etc ~/lib and ~/files
> and:
> chmod 777 /home/guest/files (for testing only)
> chown -R guest.guest /home/guest/files
>
> 1. If I ftp in from the command line I can successfully:
> ftp> ls /home/guest/files
> ftp> get /home/guest/files/myfile
> ftp> put /home/guest/files/mifile
>
> 2. If I use gFTP I can only drill down as far as:
> /home/guest/files
> I can't see the files within ~/files and I can't see a subdirectory of
> ~/files.
>
> Any ideas why?
>
> Thanks
> John Clay
> Tallahassee
>
>
>



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:24:21 EDT