| Author |
Message |
QV
Guest
|
 Posted:
Sun Nov 27, 2005 9:22 am Post subject:
Strange port 20/21 problem with Netgear RT314 Router |
|
|
I'm trying to configure a relatively secure home FTP server that will only
accept connections from my work PC.
On my home network, I'm running the FTP service on a Linux (Mandriva 2005)
box. In my Netgear router, I forwarded port 21 to the Linux box and created
a filter rule that drops any port 21 packets NOT originating from my work IP
address.
Things appeared to work well in that I could connect to the FTP server from
my work PC and not from any other external PC. However, when I ran GRC's
ShieldsUP test and Sygate's Security Scan from my home network, both tests
showed that while my port 21 was stealthed, my port 20 was NOT stealthed (it
was closed).
Why the heck is my port 20 unstealthed when port 21 is the one and only port
forwarded to the Linux PC? I realize that I can create a filter rule to
block unwanted port 20 traffic as well, but how is it getting through in the
first place if I'm not forwarding port 20 and port 21 is stealthed? It
almost seems like the Netgear router is port-forwarding 20 and 21, even
though I only specied port 21. This really has me scratching my head.
Any insight would be appreciated. Thanks. |
|
| Back to top |
|
 |
Triffid
Guest
|
| Posted:
Sun Nov 27, 2005 9:22 am Post subject:
Re: Strange port 20/21 problem with Netgear RT314 Router |
|
|
QV wrote:
| Quote: | I'm trying to configure a relatively secure home FTP server that will only
accept connections from my work PC.
On my home network, I'm running the FTP service on a Linux (Mandriva 2005)
box. In my Netgear router, I forwarded port 21 to the Linux box and created
a filter rule that drops any port 21 packets NOT originating from my work IP
address.
Things appeared to work well in that I could connect to the FTP server from
my work PC and not from any other external PC. However, when I ran GRC's
ShieldsUP test and Sygate's Security Scan from my home network, both tests
showed that while my port 21 was stealthed, my port 20 was NOT stealthed (it
was closed).
Why the heck is my port 20 unstealthed when port 21 is the one and only port
forwarded to the Linux PC? I realize that I can create a filter rule to
block unwanted port 20 traffic as well, but how is it getting through in the
first place if I'm not forwarding port 20 and port 21 is stealthed? It
almost seems like the Netgear router is port-forwarding 20 and 21, even
though I only specied port 21. This really has me scratching my head.
|
The router probably assumes you're running an ftp server when you tell
it to forward port 21, so you'll be needing port 20 for the data
connections.
http://slacksite.com/other/ftp.html
| Quote: | Any insight would be appreciated. Thanks.
|
Use scp.
http://www.openssh.com/windows.html
Triffid |
|
| Back to top |
|
|
QV
Guest
|
| Posted:
Mon Nov 28, 2005 5:15 am Post subject:
Re: Strange port 20/21 problem with Netgear RT314 Router |
|
|
"Triffid" <triffid@nebula.net> wrote in message
news:ztcif.36605$gK4.1183753@news20.bellglobal.com...
It seems dangerous for a router to "assume" anything, but the Netgear
appears to be doing just that in the case of port 20. It makes me wonder
what else it assumes.
Thanks for the OpenSSH link - it looks like I'll be exploring some
alternatives to plain FTP. |
|
| Back to top |
|
|
Alun Jones
Guest
|
| Posted:
Tue Nov 29, 2005 9:22 am Post subject:
Re: Strange port 20/21 problem with Netgear RT314 Router |
|
|
QV wrote:
| Quote: | "Triffid" <triffid@nebula.net> wrote in message
news:ztcif.36605$gK4.1183753@news20.bellglobal.com...
The router probably assumes you're running an ftp server when you tell
it to forward port 21, so you'll be needing port 20 for the data
connections.
http://slacksite.com/other/ftp.html
It seems dangerous for a router to "assume" anything, but the Netgear
appears to be doing just that in the case of port 20. It makes me wonder
what else it assumes.
|
If it really is assuming that port 20 needs to be open for inbound TCP
connections, then it's dopey. 20 is the source port for _outbound_ FTP data
connections on TCP. It's not the destination port.
Of course, if it's working as a straight IP packet filter, it has to allow
for traffic in both directions to and from port 20.
Alun.
~~~~
[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at http://www.wftpd.com or email
23921 57th Ave SE | alun@wftpd.com.
Washington WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer. |
|
| Back to top |
|
|
Jeff B
Guest
|
| Posted:
Mon Dec 12, 2005 9:21 am Post subject:
Re: Strange port 20/21 problem with Netgear RT314 Router |
|
|
QV wrote:
| Quote: | "Triffid" <triffid@nebula.net> wrote in message
news:ztcif.36605$gK4.1183753@news20.bellglobal.com...
The router probably assumes you're running an ftp server when you tell
it to forward port 21, so you'll be needing port 20 for the data
connections.
|
default ports for FTP are 20+21. Commands on one and data on the other
if you connect to a site (using the default port 21), as soon as you
login, issue 'passive'. Port 20 will no longer be used and the firewall
will only need to have port 21 open.
A better solultion than FTP is SSH, which also gives you Telnet support
over a secured connection.
--
---
Jeff B (remove the No-Spam to reply) |
|
| Back to top |
|
|
Jeff B
Guest
|
| Posted:
Wed Dec 14, 2005 4:55 am Post subject:
Re: Strange port 20/21 problem with Netgear RT314 Router |
|
|
| Quote: | Of course, if it's working as a straight IP packet filter, it has to allow
for traffic in both directions to and from port 20.
|
before transferring in either direction, issue 'passive'
the data port 20 will not be used and something above 1024 will be
---
Jeff B (remove the No-Spam to reply) |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in