secure ftp

Is it possible to establish a secure ftp (SSL 3) session from a compliant 
ftp client inside a Bordermanager (3.5, Netware 5.1) firewall running an 
ftp proxy to a non Novell secure FTP server on the internet.
0
brian
7/25/2004 11:38:16 AM
novell.bordermanager.proxies 3217 articles. 0 followers. Follow

6 Replies
608 Views

Similar Articles

[PageSpeed] 11
Get it on Google Play
Get it on Apple App Store

hi Brian,

as far as I know the FTP proxy only supports standard FTP. You'll have to
either use NAT or a generic proxy for Secure FTP.

-- 
Caterina Luppi
Novell Support Connection Volunteer Sysop


0
Caterina
7/27/2004 2:21:41 PM
Caterina Luppi wrote:

> hi Brian,
> 
> as far as I know the FTP proxy only supports standard FTP. You'll
> have to either use NAT or a generic proxy for Secure FTP.

Hi Caterina,
I tried it, but don?t get data, I need to setup two generic proxies ?
One on port 21 and one on port 20 ?

David

0
Bambid
8/4/2004 2:13:08 PM
hi David,

is your program using port 20 and 21? Are you sure these are the only two
ports you use?
ANyway, you should configure a generic proxy for every port used by the
program.
Honestly, I think that NAT would be a better solution anyway for you.

-- 
Caterina Luppi
Novell Support Connection Volunteer Sysop


0
Caterina
8/4/2004 3:25:01 PM
Caterina Luppi wrote:

> hi David,
> 
> is your program using port 20 and 21? Are you sure these are the only
> two ports you use?
> ANyway, you should configure a generic proxy for every port used by
> the program.
> Honestly, I think that NAT would be a better solution anyway for you.

I have configured NAT dynamic and static. Should I make filter
exception ? Which ? In another thread advice Craig Johnson to use
ftp-port-pasv-st exception

David
0
Bambid
8/5/2004 11:32:17 AM
yes,  you can use that exception.
If you're using SSL for FTP, you'll also have to have an exception for TCP
port 443.

-- 
Caterina Luppi
Novell Support Connection Volunteer Sysop
"Bambid" <bambid@email.cz> wrote in message
news:5VoQc.3176$8%5.2397@prv-forum2.provo.novell.com...
> Caterina Luppi wrote:
>
> > hi David,
> >
> > is your program using port 20 and 21? Are you sure these are the only
> > two ports you use?
> > ANyway, you should configure a generic proxy for every port used by
> > the program.
> > Honestly, I think that NAT would be a better solution anyway for you.
>
> I have configured NAT dynamic and static. Should I make filter
> exception ? Which ? In another thread advice Craig Johnson to use
> ftp-port-pasv-st exception
>
> David


0
Caterina
8/5/2004 4:19:16 PM
The solution was static NAT accompanied by non stateful filters on ports 20
and 21. The problem was complicated however by the fact that it required
passive ftp rather than the active that I had expected.

Thanks for the help

Regards

Brian

"Caterina Luppi" <cat@not-here.com> wrote in message
news:86tQc.3541$8%5.2438@prv-forum2.provo.novell.com...
> yes,  you can use that exception.
> If you're using SSL for FTP, you'll also have to have an exception for TCP
> port 443.
>
> -- 
> Caterina Luppi
> Novell Support Connection Volunteer Sysop
> "Bambid" <bambid@email.cz> wrote in message
> news:5VoQc.3176$8%5.2397@prv-forum2.provo.novell.com...
> > Caterina Luppi wrote:
> >
> > > hi David,
> > >
> > > is your program using port 20 and 21? Are you sure these are the only
> > > two ports you use?
> > > ANyway, you should configure a generic proxy for every port used by
> > > the program.
> > > Honestly, I think that NAT would be a better solution anyway for you.
> >
> > I have configured NAT dynamic and static. Should I make filter
> > exception ? Which ? In another thread advice Craig Johnson to use
> > ftp-port-pasv-st exception
> >
> > David
>
>


0
Brian
9/2/2004 7:16:47 PM
Reply:

Similar Artilces:

proxies, FTP, and security risks ("analogx proxy", specifically....)
Hi Folks, thanks to all of you for posting interesting and useful information. been a 'lurker' for a while and have learned lots of cool and useful facts from the wisdom you all share! i recently downloaded a "proxy" app from the www.analogx.com website (they've got lots of very wonderful, very FREE, and very useful tools there, do check it out if you're interested. Nice site design as well.) My reason for using a proxy is to let my winNT machine (lan'd to my XP/adsl machine) see the internet, or share my ADSL as well. For http, it seems to work ...

Bordermanager FTP Proxy and Users with @ in Name
Hi, We are using the BM 3.91 FTP proxy which of course uses the FTP proxy user@host (if @ is set as the separator which we set ours to) when using FTP client software. We've just had a company give us a piece of software that requires FTP access but uses @ symbol in the username of user that accesses the FTP site. I'd rather not change from using @ as the separator - lots of FTP software plays nicely with this and I don't want to give direct access as we operate a DMZ that limits traffic between internal and external hosts except via the proxy (which acts as an endp...

Active FTP over FTP Proxy
Hi All Is it at all possible to have Active FTP going over a bordermanager 3.8 FTP Proxy . . ?? cheers Joel Hi, joel@radio929.fm wrote: > > Hi All > > Is it at all possible to have Active FTP going over a bordermanager 3.8 FTP Proxy . . ?? AFAIK, no. CU, -- Massimo Rosen Novell Support Connection Sysop No emails please! http://www.cfc-it.de ...

FTP Proxy/Clntrust/FTP Authentication
I am trying to get the FTP Proxy to use Clntrust.exe and SSO. One thing I noticed in the Proxycfg console screen is that the FTP Authentication is listed as DISABLED. I have FTP Proxy checked, SSO is checked, Clntrust is running. Everything else is running fine, except FTP Proxy. I must be missing a setting or something. If I try to FTP to a site, I can see during a netstat output that it is making a connection to the BM Server via FTP. (ex. BMSERVER:ftp ESTABLISHED) But nothing happens. Any help would be greatly appreciated. Thanks for your time and considerations. ...

KLASSP Secure Proxy for password security
http://research.microsoft.com/pubs/69368/acsac06.pdf Hi All, See link above. Anyone know if this system has actually been implemented anywhere? I did some googling and didn't find anything. Appears to be a nice solution to thwart keyloggers on public computers. Cheers, Tom Tom C wrote: > http://research.microsoft.com/pubs/69368/acsac06.pdf > > Hi All, > > See link above. Anyone know if this system has actually been implemented > anywhere? I did some googling and didn't find anything. Interesting document. A few points that occur to me:...

FTP proxy & Transparent Proxy setup
--____VXWHOENWUJCUWAOOUIOM____ Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable I have done a fresh install of BorderManager 3.7 SP1 on a server and I am = trying to get the proxies working. I currently have the packet forwarding = filters turned off and everyone can HTTP, FTP and Telnet to their heart's = content. When I turn on the filters, I believe that the proxies are = suppose to take this traffic and work with it. But it doesn't,=20 Can anyone help me out here? --____VXWHOENWUJCUWAOOUIOM____ Content-Type: multipart/rel...

Reverse FTP proxy on Primary FTP address not working
I am using Border Manager 3.6 Sp2a and placed all the reverse proxy filters in from Craig Johnsons Filter book for FTP (Great book!). Our ISP had moved our FTP address to another IP address and I had them put it back only after screwing with many different settings, to many to remember. If I use the reverse proxy from a secondary Public IP Address it works fine without filters loaded. If I reverse proxy from the primary address without filters it does not work. Anyway, this is how I would like for the system to be setup. Let me know if it is wrong. Server "A" Bo...

Secure FTP
Is there any options for secure FTP on Netware 5.1 or do I need to be running Netware 6.5 for Secure FTP services. WH wrote: > Is there any options for secure FTP on Netware 5.1 > or do I need to be running Netware 6.5 for Secure FTP services. > http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966658.htm -andy ...

to proxy or not to proxy that is the ?
ok, i had jconect on NT and my AIX Sybase database on an RS/6000, so i used the proxy...fine. i have installed jconnect on the rs/6000, installed netscape fasttrack and i STILL have to use the proxy to avoid those -1 erro messages. does this mean that jConect always has to use that proxy no matter where anything lives? i am confused.... please enlighten me This is a multi-part message in MIME format. --------------6A7C6750A66874EBD6E2677A Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit If you remove the "proxy" connection property fro...

FTP Security
Please accept my apologies if this question has been asked and answered in another thread. If it has, my search failed to turn it up. D-Link makes a NAS product (DNS-323) which allows for the use of an FTP server. I desire to use this built-in functionality; however, after enabling it and making all of the security adjustments (i.e. creating groups/users with permissions, establishing passwords, etc.) I am concerned that a Shields Up scan of my IP shows the port that this server is assigned as being OPEN. :( Is there any way to enable this FTP server functionality without h...

when is secure, secure?
Lo everyone, I wrote a custom authentication handler for PureFTPD, using a combination of authentication methods, for about 4 different types of users. So far, from testing it, it does look to work properly, and does it's job pretty well (and fast). I use #!/usr/bin/perl -W as well as use Strict, and use warnings, and the code returns no errors or warnings when run. I am right to presume that this basically only really tells me the my syntax and structure of the application is right? What's a good way to see whether it is actually SECURE... There is a couple of lines of...

How secure is secure?
Thanks to this group and all the high tech individuals who frequent it I have learned how to protect my PC from the inside out. But what about security risks to my info 'before' it gets to my computer? Like my mail box on the server. Could someone hack into that and thumb through my mail? If so, how would I ever know? (The short story) We have a rogue employee at my work who one day decided to run the web site, she got in tight with the ISP, got tools to set and delete passwords on a protected directory on the server. Who knows if she has telnet access to other things, li...

Secure FTP
--____QMGLJBGZCYJEERCIPOMM____ Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; modification-date="Tue, 2 Oct 2006 05:19:55 -0500" Is there a way to do SSL for Secure FTP on a NetWare 6.5 SP5 FTP server? If so, how? ________________________________________=F0W=F0W=F0W=F06=F0W=F0W=F0W=F0=F0W= =F0W=F0W=F06=F0W=F0W=F0W=F0Delon E. Weuve=F0W=F0W=F0W=F06=F0W=F0W=F0W=F0Sen= ior Network Engineer=F0W=F0W=F0W=F06=F0W=F0W=F0W=F0Office of Auditor of = State=F0W=F0W=F0W=F06=F0W=F0W=F0W=F0State of Iowa=F0W=F...

Web resources about - secure ftp - novell.bordermanager.proxies

Secure Digital - Wikipedia, the free encyclopedia
Secure Digital or ( SD ) is a non-volatile memory card format for use in portable devices, such as mobile phones , digital cameras , GPS navigation ...

Facebook To Users: ‘Add Your Phone Number To Help Secure Your Account’
Some Facebook users are seeing alerts above the Graph Search bars on their News Feeds , prompting them to “Add your phone number to help secure ...

Jamie Donaldson wins in Thailand to secure Open berth
Welshman Jamie Donaldson completed a memorable debut at the Thailand Golf Championship on Sunday, winning the Asian Tour event with a three-shot ...

MIT researchers create ‘untraceable’ text messaging that’s even more secure than Tor
Given recent news that popular online anonymity tool Tor might not be as completely secure as many of us had assumed , we were intrigued to see ...

Can the K-1 fiancé visa system be made more secure?
Revelations that one of the San Bernardino shooters was radicalized before coming to U.S.

SoftBank-led Joint Venture Secures First Solar Power Project In India At Record-low Tariff
... Pradesh through atender which was floated by India’s largest power generation company, NTPC Limited, [&hellip SoftBank-led Joint Venture Secures ...

Secure? Yes, usually but with enough effort...
Boss calls this sysadmin/network admin pilot fish into his office with bad news: A machine under someone's desk has been hacked. "Now, this ...

Facebook Warns That The Internet Could Get A Lot Less Secure
... be used next year, it could make the Internet less safe for a lot of people. The algorithm offered access to encrypted sites—think more secure ...

Who Says They're Very Good Parents? Millennial Moms And The Financially Secure
Between balancing careers, children, housework, finances and free time, does anyone actually feel like they’re doing a great job raising their ...

The Latest: Police: Madison Mall Now Secure
The Latest: Police: Madison mall now secure

Resources last updated: 12/20/2015 7:06:57 PM