Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using the FTP-server vsftpd and the client gFTP.
Now, the ftp-server is running on port 738 and that port is open. So I can connect to my own ftp, other can connect to it and there is no problem for me to connect to others ftps.
But when try to list the content in a dir there are two ways of doing this (afaik): either in passive mode or not.
If I or other people use passive when connecting to my ftp I need to open up a port in the firewall for the ftpd, right?
And if I don't use passive mode then I have to open a port when *I* connect to another ftp?
It seems to me that one port is not enough for FTPs. I have it running on one and only one: 738? But how can I control the "other" port that is being used?
I want to configure the firewall (and ftpd) so I can have my ftp-server running for other to use and so I can connect with my own client to other ftp-servers. But I still want to have a pretty closed firewall.
I am getting confused about what ports ftp-servers and ftp-clients are using. Can anyone help me out here?
FTPs? you mean sftp? SFTP is controlled by SSH and runs on whatever port ssh is running on, as far as PASV and vsftpd there are statements for the config file to specify what PASV ports will be used for data transmission.
pasv_max_port
The maximum port to allocate for PASV style data connections. Can be used to specify a narrow port range to assist firewalling.
Default: 0 (use any port)
pasv_min_port
The minimum port to allocate for PASV style data connections. Can be used to specify a narrow port range to assist firewalling.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.