It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Hardware Madness > Hardware/Software Problems, Bugs
550 list failed 550 list failed
FAQ Members List Calendar Search Today's Posts Mark Forums Read


550 list failed
Closed Thread
 
Thread Tools
Old 1st June 2003, 15:38   #1
Member
 
Bosw8er's Avatar
 
Join Date: May 2002
Posts: 3,711
Bosw8er Freshly Registered
Default 550 list failed

Re-installed my server completely.

Re-installed bulletproof ftp-server.

Login message on FlashFXP-client :

Connecting to myserver
Connected to myserver -> IP=199.199.199.199 PORT=9999
220 myserver
USER superhero
331 Password required for superhero.
PASS (hidden)
230 User superhero logged in.
SYST
215 UNIX Type: L8
REST 100
350 REST supported. Ready to resume at byte offset 100.
REST 0
350 REST supported. Ready to resume at byte offset 0.
PWD
257 "/" is current directory.
TYPE A
200 Type set to A.
PORT 192,168,1,101,4,37
530 PORT command only accepts client IP address.
LIST
550 List failed. No port specified.



Toggled with passive / not passive
Toggled with relative path
Toggled everything
Looked up 505 list error
...

Bosw8er is offline  
Old 1st June 2003, 19:18   #2
Member
 
Bosw8er's Avatar
 
Join Date: May 2002
Posts: 3,711
Bosw8er Freshly Registered
Default

Turned of
"block server to server transfer (FXP, ftp bounce attack)"

it works ... grmbl
__________________
"Think of how stupid the average person is, and realize half of them are stupider than that."
Bosw8er is offline  
Old 1st June 2003, 19:30   #3
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 79,001
jmke has disabled reputation
Default

only used WS-FTPD and Serv-U , dont have any working experience with that ftp server
otherwise I would have gladlike been of assistance!
__________________
jmke is offline  
Old 1st June 2003, 20:06   #4
Member
 
Join Date: May 2002
Posts: 1,543
DUR0N Freshly Registered
Default

i know **** about ftp but i think this is fuxxored

PORT 192,168,1,101,4,37
530 PORT command only accepts client IP address.
DUR0N is offline  
Old 1st June 2003, 20:11   #5
Member
 
Bosw8er's Avatar
 
Join Date: May 2002
Posts: 3,711
Bosw8er Freshly Registered
Default

Problem was that the ftp-server receives two signals:
192,168,1,101,4,37
here ports: 4 and 37
Reading the docs specified that the "block server ..." is a protection against such "attacks", normally only one port is accepted.

Server = completely configured now (swapped mobos, new HD's, new raid card, OS and tweaks + soft + sharing + ...) AND half of my personel administration is finished, what a boring & long day.

Time for a welldeserved snackbreak after finishing the ghost- image
__________________
"Think of how stupid the average person is, and realize half of them are stupider than that."
Bosw8er is offline  
Old 1st June 2003, 20:37   #6
[M] Reviewer/HWBot *****
 
Join Date: May 2002
Posts: 3,344
RichBa5tard Freshly Registered
Default

enable PASV mode?
__________________
HTPC (mac osx): Mac Mini | Core Duo 1.6Ghz | 2GB DDR2 | 26\" TFT
Development (mac osx): Macbook | Core 2 2.0Ghz | 4GB DDR2 | 250GB HD
Games (win xp): E2160 @ 2.4Ghz | HD3850 OC | Asrock 4coredual-vsta | 2GB DDR2
RichBa5tard is offline  
Old 1st June 2003, 20:41   #7
Member
 
Bosw8er's Avatar
 
Join Date: May 2002
Posts: 3,711
Bosw8er Freshly Registered
Default

Quote:
Originally posted by RichBa5tard
enable PASV mode?
Didn't work.
Enabling it on the server or enabling it on the client was no succes. No mather what i tried, even tried every permutation with firewall on/off.

... the "block server ..." is a protection against such "attacks", normally only one port is accepted ... PASV or not
Bosw8er is offline  
Old 1st June 2003, 21:41   #8
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 79,001
jmke has disabled reputation
Default

hmmm;

"block server to server transfer (FXP, ftp bounce attack)"

means this :

client 1 connects to server 1 with 1 port
client 1 connects to server 2 with 1 port

client 1 then opens a 2nd port on both servers and starts a direct transfer from server 1 to server 2

the so called "attack" means, someone can use it to do some DOS attacks when it lets multiple other FTP upload/download stuff from your FTP, thereby flooding your connection, while client 1 practically doesn't use any bandwidth

FXP = ftp to ftp file transfers need that extra port open
Serv-U has the same setting, as does most popular FTP proggies

but sinc you are not running an anonymous FTP, the risk of people actually doing that "attack" is very very low
__________________
jmke is offline  
Old 7th August 2003, 21:14   #9
BuiZe
 
Posts: n/a
Default

Quote:
Originally posted by Bosw8er
Problem was that the ftp-server receives two signals:
192,168,1,101,4,37
here ports: 4 and 37
Reading the docs specified that the "block server ..." is a protection against such "attacks", normally only one port is accepted.
4 & 37 make 1 port : 4 * 256 + 37 = 1061

the bounce attack is more like this: suppose you are running a service on that PC that only allows local connctions, for exemple MySQL. Sending a self-constructed PORT command, will connect the FTP server to MySQL. Now, if you first upload a file with MySQL commands to the ftp server, you can actually 'control' the MySQL service, by 'uploading' the commands file to the MySQL server (instead of sending the PORT command to your computer to download the file)
MySQL receives the contents of that file, and if you know a valid account, you can edit the database contents.
also applies to trusted (internal) networks
 
Closed Thread


Similar Threads
Thread Thread Starter Forum Replies Last Post
Supercomputing superpowers: Top 500 supercomputer list has been released jmke WebNews 1 1st June 2010 14:57
Does this list of parts physically fit together ? CPU cooler recommendations ? ubuntu_demon General Madness - System Building Advice 25 20th August 2008 14:24
Antec NeoPower 550 Power Supply jmke WebNews 0 9th February 2008 17:44
Antec Sonata Plus 550 Case Review Sidney WebNews 0 30th November 2007 16:06
Sapphire Theatrix 550 Pro TV Tuner Sidney WebNews 0 27th December 2005 21:43
INFO: List of RAM with Winbond UTT chips jmke FAQ / INFO / HOW-TO 2 29th May 2005 18:16
Antec Titan 550 Server Case Sidney WebNews 0 1st May 2005 21:33
ATI's Theater 550 PRO Video Processor - A First Look Over Breakfast jmke WebNews 5 1st October 2004 08:36
IBM Unveils New POWER5 eServer 550 Sidney WebNews 0 18th August 2004 02:56
List of fixes included in Windows XP Service Pack 2 jmke WebNews 1 17th August 2004 16:03

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 00:30.


Powered by vBulletin® - Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO