On Wed, 22 Oct 2008 12:13:30 -0700
Jeremy Chadwick <[EMAIL PROTECTED]> wrote:
> Inbound: TCP port 21 (main ftpd daemon)
> Inbound: TCP ports 49152 to 65535 (used in FTP passive mode)
> Outbound: TCP port 20 (used in FTP active mode)
> Yes, you read that range correctly. And yes, it's quite large. Yes,
> there is a way to diminish it, but it will affect other programs on
> FreeBSD, so I do not recommend adjusting it. It's controlled by
> sysctls. See the -U option of ftpd, but note that it doesn't do
> anything for FreeBSD 5.0 or later.
as far as I remember, FTP servers (with the not so unexpected exception of MS
IIS' FTP service) can be configured to listen on specific ports for passive
If you don't have a busy server, a few ports ( 10 ? ) would do. Then you can
firewall it as needed.
This is, of course, an application (service ) configuration as opposed to what
Jeremy mentioned, I believe , which relies on the servers "high ports"
definition, which yes, will affect the whole tcp stack in the server.
I sense much NT in you.
NT leads to Bluescreen.
Bluescreen leads to downtime.
Downtime leads to suffering.
NT is the path to the darkside.
Powerful Unix is.
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"