LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 07-21-2004, 12:27 PM   #1
JamesF1
Member
 
Registered: Nov 2001
Location: Spain
Distribution: Mandrake 9.1
Posts: 48

Rep: Reputation: 15
Unhappy ProFTPd connections hanging - port 113?


Hi guys,

I've been pulling my hair out with a proftp problem for a few months now and I'm at a loss as to why it doesn't work.

Almost everyone globally have no problem connecting to Ftp in passive and active modes but a group of people within a particular external network only get as far as the inital login stages - or slightly further before their connection hangs and times out. But they have no problem with ftp connections to other sites.

I've read somewhere that this has to do with port 113 authentication. The administrator of the affected network has told me that he is seeing port 113 traffic to my server and this is being filtered out on their firewall which explains why the connection timing out.

The server is in standalone mode on a Cobalt Raq3 machine. I've set IdentLookups off as well as ReverseDNS lookups off. I would have expected this to sort out the problem but it's still failing. Is there something I'm forgetting to disable? Could xinetd/inetd be opening connections on port 113?

James

http://www.linuxquestions.org/questi...ead&forumid=3#
 
Old 07-21-2004, 10:17 PM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
Try putting firewall rules that will REJECT ident traffic... MAY help.
 
Old 07-22-2004, 04:17 AM   #3
JamesF1
Member
 
Registered: Nov 2001
Location: Spain
Distribution: Mandrake 9.1
Posts: 48

Original Poster
Rep: Reputation: 15
I'm not sure that will work - they don't have this problem with other ftp sites but at this stage I'll try anything. Hopefully the server will be smart enough to realize the thinking behind it.


http://www.linuxquestions.org/questi...readid=207932#
 
Old 07-22-2004, 11:31 AM   #4
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
OK .. after doing some rethinking about your problem ... this group of people within a particular external network ... do they use any of those ubiquitous old non-linux OS to connect to your ftp server?

Some of these old non-Linux OSes have ftp clients that do not support passive ftp. They may need to enable passive ftp on their browsers to get to the linux-based ftp servers.

Last edited by ppuru; 07-22-2004 at 11:32 AM.
 
Old 08-04-2004, 10:16 AM   #5
JamesF1
Member
 
Registered: Nov 2001
Location: Spain
Distribution: Mandrake 9.1
Posts: 48

Original Poster
Rep: Reputation: 15
I've tried to "REJECT" the auth packets - no luck :-(

The internal users have an ftp application that can do passive ftp.

The server is running in standalone mode rather than inetd - I think this is useful to know but what I'd like to know is how do I disable the auth completely - or at least for the proftp service.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Port 113 floppywhopper Linux - Security 7 02-07-2008 06:51 PM
Blocking Port 113 XaViaR Linux - Security 6 04-05-2005 08:18 AM
port 113 jthepro Linux - Networking 2 05-24-2004 12:52 PM
113 port spank Linux - Newbie 3 12-02-2003 03:54 PM
port 113 pangfai Linux - Security 7 06-06-2002 05:53 AM


All times are GMT -5. The time now is 06:41 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration