RE: FTP Reset on Checkpoint

Tue, 06 Feb 2001 18:16:09 -0800 

hi -

all you need to do is tell them to enter the pass command first then it will
work in passive mode.

Regards
Bill Lavalette
Chief Security Officer
CyberBase7 Security Services METRO-SOC
Email:[EMAIL PROTECTED]
Web:http://www.cyberbase7.com
Phone:upon request
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Martin H
> Hoz-Salvador
> Sent: Tuesday, February 06, 2001 4:37 PM
> To: Michael Efrusy
> Cc: '[EMAIL PROTECTED]'
> Subject: Re: FTP Reset on Checkpoint
>
>
> > Michael Efrusy wrote:
> >
> > I am running Checkpoint FW-1 ver. 4.1 on a Windows NT server
> (SP 6).  Our
> > clients are running Win NT 4.0.  We are having an issue with ftp in that
> > clients are able to connect to a remote ftp server but are disconnected
> > (connection terminated by remote host) upon entering an ls or
> get command.
>
> Let me understand  a bit more? Is the FTP server behind the firewall?
> If so, how was the allowing-ftp rule declared? Do you have NAT working
> over there?
>
> > Apparently the remote server is sending an RST packet and
> disconnecting the
> > client.  This occurs when using PASV ftp as well (through the quote PASV
>
> How do you detected this? Did you use a sniffer or something?
>
> > command).  PASV is enabled in the properties box and the rules
> appear to be
> > ok (this problem occurs even when high tcp ports are enabled).
> Does anyone
> > have any suggestions how to resolve this?
>
> Some possibilities:
> - Wrong service declared (check the FTP service is allowed and declared as
>   "FTP" in the protocol type drop-down menu.
> - Check for PASV support: policy-> properties -> services ->
> enable FTP PASV
>   connections.
>
> Hummm.. with the info you provide, that's the only that comes to
> my mind...
>
> Hope this helps. Regards.
>
> --
> Martin Humberto Hoz Salvador
> Information Security Consultant (ISS ICU, Check Point CCSE)
> C   I   T   I
> Sendero Sur  285  Col. Contry,  Monterrey,  Nuevo Leon 64860, MEXICO
> Phone: +(52)(8) 357-2267 x139   Fax: +(52)(8) 357-8047
> E-mail: [EMAIL PROTECTED]        WWW:  http://www.citi.com.mx
> PGPKey ID: 0x0454E8D9           ICQ Number: 31631540
> GIT d- s:(+:+) a-- C+(++++)>$ SILH++++ P++ L+++ E W++ N+ o-- K- w
> O M V PS+ PE++ Y+ PGP++ t 5 X+ R tv- b+ DI+ D++ G++ e++ h-- r+ y++
>
> "The software said it requires Windows 95 or *better*, so I installed
> GNU/Linux"
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to