RE: Allowing passive mode FTP through ISA
- From: tim S <tim724342@xxxxxxxxx>
- To: "\[ISAserver.org Discussion List\]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 12 Jan 2005 07:25:35 -0800 (PST)
Hi Tom,
Thanks for the reply. Sorry, when I said 'open ports', I was referring to
server publishing the ports (say 2000-2010). So you are saying if I server
publish the FTP server, FTP clients using PASV mode can initiate the connection
to data port on the server without ISA blocking the incoming traffic?
Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
http://www.ISAserver.org
Hi Tim,
How do you "open ports" on the ISA firewall? There is no open port button.
Why not just server publish the FTP server?
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
---------------------------------
From: tim S [mailto:tim724342@xxxxxxxxx]
Sent: Wednesday, January 12, 2005 8:57 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Allowing passive mode FTP through ISA
http://www.ISAserver.org I am trying to do this in a secure way. I have
ISA2000 and an IIS6.0 FTP server published behind ISA with web publishing
rule. Recently, one of our client started to use FTP clients in passive mode
only. This mean I will have to open up inbound ports >1024 for the internal
FTP server. This is, as you know, a big security risk. I would really really
appreciate if anyone has a workaround and/or suggestion.
Thanks
---------------------------------
Do you Yahoo!?
All your favorites on one personal page ? Try My Yahoo!
------------------------------------------------------ List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Other Internet Software
Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tim724342@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
---------------------------------
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
Other related posts:
