Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firewall Settings to access FTP Site


  • Please log in to reply
2 replies to this topic

#1 cberger01

cberger01

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:45 AM

Posted 24 June 2015 - 12:10 PM

I am trying to connect to the FTP site of a client and need some help. From within our network IE will not allow me to open the FTP site. When trying to view files in file viewer the screen will just stay blank. When using Google Chrome I get a message stating the website it not available. When I use a computer at home - free of a network firewall - I am able to access the ftp site just fine. Could someone please tell me what settings need to be made, either on our server, or within our SONICWALL firewall to allow the connections.

 

When I try to use an FTP software such as filezilla or smart ftp I get this error:

[13:09:04] SmartFTP 6.0.2151.0
[13:09:04] 1>Resolving host name "ftp.oettleferber.com"
[13:09:04] 1>Connecting to 62.245.206.171 Port: 21
[13:09:04] 1>Connected to ftp.oettleferber.com.
[13:09:05] 1>220 welcome to bitminder FTP service
[13:09:05] 1>USER DetroitLV_2016
[13:09:05] 1>331 Password required for detroitlv_2016
[13:09:05] 1>PASS (hidden)
[13:09:05] 1>230 Logged on
[13:09:05] 1>SYST
[13:09:05] 1>215 UNIX emulated by FileZilla
[13:09:05] 1>Detected Server Type: UNIX
[13:09:05] 1>RTT: 124.521 ms
[13:09:05] 1>FEAT
[13:09:05] 1>211-Features:
[13:09:05] 1> MDTM
[13:09:05] 1> REST STREAM
[13:09:05] 1> SIZE
[13:09:05] 1> MLST type*;size*;modify*;
[13:09:05] 1> MLSD
[13:09:05] 1> AUTH SSL
[13:09:05] 1> AUTH TLS
[13:09:05] 1> PROT
[13:09:05] 1> PBSZ
[13:09:05] 1> UTF8
[13:09:05] 1> CLNT
[13:09:05] 1> MFMT
[13:09:05] 1>211 End
[13:09:05] 1>CLNT SmartFTP 6.0.2151.0
[13:09:05] 1>200 Don't care
[13:09:05] 1>OPTS UTF8 ON
[13:09:05] 1>200 UTF8 mode enabled
[13:09:05] 1>Detected Server Software: FileZilla Server
[13:09:05] 1>PWD
[13:09:06] 1>257 "/" is current directory.
[13:09:06] 1>TYPE A
[13:09:06] 1>200 Type set to A
[13:09:06] 1>PASV
[13:09:06] 1>500 The server returned invalid response for PASV command.

 

Thank you for any help!!



BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 24 June 2015 - 01:58 PM

I believe this means the FTP server does not support passive mode. PASV is the command to instruct the FTP server to use passive mode, and since this fails, I guess this is because passive mode is not supported.

 

Ask your client if their FTP server works exclusively in active mode.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 24 June 2015 - 02:21 PM

Yeah, must be that passive mode is not supported.

Look in the features replied by the server, PASV is not listed:

 

[13:09:05] 1>FEAT
[13:09:05] 1>211-Features:
[13:09:05] 1> MDTM
[13:09:05] 1> REST STREAM
[13:09:05] 1> SIZE
[13:09:05] 1> MLST type*;size*;modify*;
[13:09:05] 1> MLSD
[13:09:05] 1> AUTH SSL
[13:09:05] 1> AUTH TLS
[13:09:05] 1> PROT
[13:09:05] 1> PBSZ
[13:09:05] 1> UTF8
[13:09:05] 1> CLNT
[13:09:05] 1> MFMT
[13:09:05] 1>211 End

 

I double-checked on an FTP server with passive support, and there PASV appears in the feature list.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users