Thanks guys - got the picture now. Will IDP/IDS drop that traffic if it's under port 21? If my assumptions are correct... IDS will flag it, IDP will drop it and see it as an anomaly if it isn't profiled.
-Dave On 01/Nov/2005 13:59:13, Robert Hajime Lanning wrote: > > You can move your SSH service to port 21, but this means that all > clients will need to > specifiy to connect to port 21. Port 21 is allocated for FTP, not SSH. > Clients would have to "sftp -p 21 ...", instead of just "sftp ...". > > > > > -Does SFTP encrypt payload? > > Yes > > > > > -Does it use UDP/TCP? > > TCP only > > > > > -Can you fully utilize a given bandwidth (i.e. 512kbit circuit) with one > session? > > Yes, with the constraint that the endpoints need enough power to > handle the encryption > overhead. There are scaling issues for very high bandwidth (upwards > of DS3). This > deals with blocking issues within the SSH tunnel and TCP window issues. > > SFTP is not FTP. It is a File Transfer Protocol, not THE File > Transfer Protocol. > It works by connecting to the SSH server. Then once connected and > authenticated, it > requests a new channel with the SFTP service. Everything is tunneled > across a single > SSH connection. (A single TCP connection.) > > So, SFTP runs on top of SSH. > > The SFTP client mimics the look and feal of the standard FTP client > for ease of use. > > Do not get it mixed up with FTPS. FTPS is the legacy FTP with TLS > (Transport Layer Security) thrown in. FTPS uses two TCP connections. (Com > mand > and data) FTPS cannot go through a state based firewall. State based > firewalls look > into the command connection to find the negotiation for the data > connection. When > it sees this, it can precreate a state for the data connection to > pass. But, with FTPS > this negotiation is encrypted, so the firewall fails to allow the data > connection. > > -- > And, did Guloka think the Ulus were too ugly to save? > -Centauri > >
