| Thread Tools |
1st June 2003, 14:38 | #1 |
Member Join Date: May 2002
Posts: 3,711
| 550 list failed Re-installed my server completely. Re-installed bulletproof ftp-server. Login message on FlashFXP-client : Connecting to myserver Connected to myserver -> IP=199.199.199.199 PORT=9999 220 myserver USER superhero 331 Password required for superhero. PASS (hidden) 230 User superhero logged in. SYST 215 UNIX Type: L8 REST 100 350 REST supported. Ready to resume at byte offset 100. REST 0 350 REST supported. Ready to resume at byte offset 0. PWD 257 "/" is current directory. TYPE A 200 Type set to A. PORT 192,168,1,101,4,37 530 PORT command only accepts client IP address. LIST 550 List failed. No port specified. Toggled with passive / not passive Toggled with relative path Toggled everything Looked up 505 list error ... |
1st June 2003, 18:18 | #2 |
Member Join Date: May 2002
Posts: 3,711
| Turned of "block server to server transfer (FXP, ftp bounce attack)" it works ... grmbl
__________________ "Think of how stupid the average person is, and realize half of them are stupider than that." |
1st June 2003, 18:30 | #3 |
Madshrimp Join Date: May 2002 Location: 7090/Belgium
Posts: 79,021
| only used WS-FTPD and Serv-U , dont have any working experience with that ftp server otherwise I would have gladlike been of assistance!
__________________ |
1st June 2003, 19:06 | #4 |
Member Join Date: May 2002
Posts: 1,543
| i know **** about ftp but i think this is fuxxored PORT 192,168,1,101,4,37 530 PORT command only accepts client IP address. |
1st June 2003, 19:11 | #5 |
Member Join Date: May 2002
Posts: 3,711
| Problem was that the ftp-server receives two signals: 192,168,1,101,4,37 here ports: 4 and 37 Reading the docs specified that the "block server ..." is a protection against such "attacks", normally only one port is accepted. Server = completely configured now (swapped mobos, new HD's, new raid card, OS and tweaks + soft + sharing + ...) AND half of my personel administration is finished, what a boring & long day. Time for a welldeserved snackbreak after finishing the ghost- image
__________________ "Think of how stupid the average person is, and realize half of them are stupider than that." |
1st June 2003, 19:37 | #6 |
[M] Reviewer/HWBot ***** Join Date: May 2002
Posts: 3,344
| enable PASV mode?
__________________ HTPC (mac osx): Mac Mini | Core Duo 1.6Ghz | 2GB DDR2 | 26\" TFT Development (mac osx): Macbook | Core 2 2.0Ghz | 4GB DDR2 | 250GB HD Games (win xp): E2160 @ 2.4Ghz | HD3850 OC | Asrock 4coredual-vsta | 2GB DDR2 |
1st June 2003, 19:41 | #7 | |
Member Join Date: May 2002
Posts: 3,711
| Quote:
Enabling it on the server or enabling it on the client was no succes. No mather what i tried, even tried every permutation with firewall on/off. ... the "block server ..." is a protection against such "attacks", normally only one port is accepted ... PASV or not | |
1st June 2003, 20:41 | #8 |
Madshrimp Join Date: May 2002 Location: 7090/Belgium
Posts: 79,021
| hmmm; "block server to server transfer (FXP, ftp bounce attack)" means this : client 1 connects to server 1 with 1 port client 1 connects to server 2 with 1 port client 1 then opens a 2nd port on both servers and starts a direct transfer from server 1 to server 2 the so called "attack" means, someone can use it to do some DOS attacks when it lets multiple other FTP upload/download stuff from your FTP, thereby flooding your connection, while client 1 practically doesn't use any bandwidth FXP = ftp to ftp file transfers need that extra port open Serv-U has the same setting, as does most popular FTP proggies but sinc you are not running an anonymous FTP, the risk of people actually doing that "attack" is very very low
__________________ |
7th August 2003, 20:14 | #9 | |
Posts: n/a
| Quote:
the bounce attack is more like this: suppose you are running a service on that PC that only allows local connctions, for exemple MySQL. Sending a self-constructed PORT command, will connect the FTP server to MySQL. Now, if you first upload a file with MySQL commands to the ftp server, you can actually 'control' the MySQL service, by 'uploading' the commands file to the MySQL server (instead of sending the PORT command to your computer to download the file) MySQL receives the contents of that file, and if you know a valid account, you can edit the database contents. also applies to trusted (internal) networks | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Supercomputing superpowers: Top 500 supercomputer list has been released | jmke | WebNews | 1 | 1st June 2010 13:57 |
Does this list of parts physically fit together ? CPU cooler recommendations ? | ubuntu_demon | General Madness - System Building Advice | 25 | 20th August 2008 13:24 |
Antec NeoPower 550 Power Supply | jmke | WebNews | 0 | 9th February 2008 16:44 |
Antec Sonata Plus 550 Case Review | Sidney | WebNews | 0 | 30th November 2007 15:06 |
Sapphire Theatrix 550 Pro TV Tuner | Sidney | WebNews | 0 | 27th December 2005 20:43 |
INFO: List of RAM with Winbond UTT chips | jmke | FAQ / INFO / HOW-TO | 2 | 29th May 2005 17:16 |
Antec Titan 550 Server Case | Sidney | WebNews | 0 | 1st May 2005 20:33 |
ATI's Theater 550 PRO Video Processor - A First Look Over Breakfast | jmke | WebNews | 5 | 1st October 2004 07:36 |
IBM Unveils New POWER5 eServer 550 | Sidney | WebNews | 0 | 18th August 2004 01:56 |
List of fixes included in Windows XP Service Pack 2 | jmke | WebNews | 1 | 17th August 2004 15:03 |
Thread Tools | |
| |