On 10:21:49 am 02/10/06 Trinh Hoai Tri <[EMAIL PROTECTED]> wrote:
> To^i du`ng ethereal kie^?m tra thi` tha^'y VLTK du`ng passive FTP
> dde^? update, Lo^~i pha't sinh ta.i package PORT cu?a Client khi du`ng
> qua tu+o+`ng lu+?a. So sa'nh:
>
> -- Khi kho^ng co' tu+o+`ng lu+?a:
>
> Src: client, Dest: Upd server
> port: 4712  to port: 21
> Request command: PORT
> Request arg: 192,168,200,64,18,105
> Active IP address: 192.168.200.64
> Active port 4713
>
> Src: Upd Server, Dest: client
> port 21 to port 4712
> Response code: Command okay (200)
> Response arg: PORT command successful. Consider using PASV.
>
> -- Khi co' tu+o+`ng lu+?a
>
> Src: client, Dest: Upd server
> port: 2223  to port: 21
> Request command: PORT
> Request arg: 192,168,100,126,8,176
> Active IP address: 192.168.100.126
> Active port 2224
>
> Src: Upd Server, Dest: client
> port 21 to port 2223
> Response code: Syntax error, command unrecognized (500)
> Response arg: Illegal PORT command
>
> Xin ca'c ba'c va`i ve'.
>
> DDa ta.
>
> Tri
>

Ne^'u default policy forward cu?a ba'c la` DROP thi`

1. Load ip_conntrack_ftp module
2. Cho phe'p ma'y clients no^'i to+'i ftp server
3. DDu+o+`ng no^'i na`o la` RELATED,ESTABLISHED cho phe'p no' va`o tro+?
La.i (using -m state --state....-j ACCEPT).

Ne^n nho+' LAN access la` na(`m trong FORWARD chain.

O+? dda^y co' ba`i gia?i thi'ch ra^'t ro~.

http://slacksite.com/other/ftp.html#intro

o+? dda^y co' 1 ngu+o+`i ho?i nhu+ng la` cho ftp server side. Ba'c ne^n
ddo.c qua luo^n cho vui

http://www.talkaboutsoftware.com/group/linux.debian.maint.firewall/messages/3061.html

-Larry



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
VietLUG-users mailing list
VietLUG-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vietlug-users

Trả lời cho