Leave the port settings on the PC alone, in other words leave the FTP port set to 21 on the PC. On your router / firewall open whatever port you want to use, and set it to "port forward" to port 21 on the PC behind the firewall / router. Thats how I got people to quit banging on my open SSH port, I just changed my router / firewall to listen on some port other than 22 and forward that port to port 22 on the local network. It works great for me and I haven't had a single login attempt show up in my logs since. Jim On Tue, 2007-03-27 at 07:51 -0400, Ray Costanzo wrote: > Hi group, > > > > I have a W2K server behind a home-style D-Link router at home, and I > had it setup such that port 21 was forwarded to this server so that I > could ftp files between work and home. At the IIS level, I had the > FTP site set to only allow connections from my work IP address. This > worked fine as far as keeping other people out, but my event logs > would still be filled up by all the failed attempts from those > bastards out there who are trying to get into any FTP site they can. > > > > So, what I did was changed the FTP port to some other arbitrary port > number (2025) in IIS and updated my router accordingly. But now, when > I ftp in, I can connect, but I can’t transfer any data. I think this > may have something to do with that active vs. passive thing where the > FTP command communication uses one port and data uses another or > something like that. Would anyone know what I can do to get this > working again? I tried reforwarding port 21 to the server again in > case IIS still needed that port for actual data transfer, but that > didn’t help. Previously, I had only port 21 forwarded, not 21 & 22 or > anything like that. > > > > Sample FTP session: > > > > ftp> open home 2025 > > Connected to home. > > 220 server Microsoft FTP Service (Version 5.0). > > User (home:(none)): SomeUserAccount > > 331 Password required for SomeUserAccount. > > Password: > > 230 User SomeUserAccount logged in. > > ftp> dir > > 500 Invalid PORT Command. > > 150 Opening ASCII mode data connection for /bin/ls. > > --Never finishes and just sits here forever; when I break out, this is > the error: > > 425 Can't open data connection. > > > > Thanks for anything, > > > > Ray at work > >