Bosw8er

Re-installed my server completely.

Re-installed bulletproof ftp-server.

Login message on FlashFXP-client :

Connecting to myserver
Connected to myserver -> IP=199.199.199.199 PORT=9999
220 myserver
USER superhero
331 Password required for superhero.
PASS (hidden)
230 User superhero logged in.
SYST
215 UNIX Type: L8
REST 100
350 REST supported. Ready to resume at byte offset 100.
REST 0
350 REST supported. Ready to resume at byte offset 0.
PWD
257 "/" is current directory.
TYPE A
200 Type set to A.
PORT 192,168,1,101,4,37
530 PORT command only accepts client IP address.
LIST
550 List failed. No port specified.



Toggled with passive / not passive
Toggled with relative path
Toggled everything
Looked up 505 list error
...

Bosw8er

Turned of
"block server to server transfer (FXP, ftp bounce attack)"

it works ... grmbl

__________________
"Think of how stupid the average person is, and realize half of them are stupider than that."

jmke

only used WS-FTPD and Serv-U , dont have any working experience with that ftp server
otherwise I would have gladlike been of assistance!

__________________

DUR0N

i know **** about ftp but i think this is fuxxored

PORT 192,168,1,101,4,37
530 PORT command only accepts client IP address.

Bosw8er

Problem was that the ftp-server receives two signals:
192,168,1,101,4,37
here ports: 4 and 37
Reading the docs specified that the "block server ..." is a protection against such "attacks", normally only one port is accepted.

Server = completely configured now (swapped mobos, new HD's, new raid card, OS and tweaks + soft + sharing + ...) AND half of my personel administration is finished, what a boring & long day.

Time for a welldeserved snackbreak after finishing the ghost- image

__________________
"Think of how stupid the average person is, and realize half of them are stupider than that."

RichBa5tard

enable PASV mode?

__________________
HTPC (mac osx): Mac Mini | Core Duo 1.6Ghz | 2GB DDR2 | 26\" TFT
Development (mac osx): Macbook | Core 2 2.0Ghz | 4GB DDR2 | 250GB HD
Games (win xp): E2160 @ 2.4Ghz | HD3850 OC | Asrock 4coredual-vsta | 2GB DDR2

Bosw8er

Didn't work.
Enabling it on the server or enabling it on the client was no succes. No mather what i tried, even tried every permutation with firewall on/off.

... the "block server ..." is a protection against such "attacks", normally only one port is accepted ... PASV or not

jmke

hmmm;

"block server to server transfer (FXP, ftp bounce attack)"

means this :

client 1 connects to server 1 with 1 port
client 1 connects to server 2 with 1 port

client 1 then opens a 2nd port on both servers and starts a direct transfer from server 1 to server 2

the so called "attack" means, someone can use it to do some DOS attacks when it lets multiple other FTP upload/download stuff from your FTP, thereby flooding your connection, while client 1 practically doesn't use any bandwidth

FXP = ftp to ftp file transfers need that extra port open
Serv-U has the same setting, as does most popular FTP proggies

but sinc you are not running an anonymous FTP, the risk of people actually doing that "attack" is very very low

__________________

BuiZe

4 & 37 make 1 port : 4 * 256 + 37 = 1061

the bounce attack is more like this: suppose you are running a service on that PC that only allows local connctions, for exemple MySQL. Sending a self-constructed PORT command, will connect the FTP server to MySQL. Now, if you first upload a file with MySQL commands to the ftp server, you can actually 'control' the MySQL service, by 'uploading' the commands file to the MySQL server (instead of sending the PORT command to your computer to download the file)
MySQL receives the contents of that file, and if you know a valid account, you can edit the database contents.
also applies to trusted (internal) networks