Hello, I usualy permit TCP traffic on ports from 1025 to 65535 of the servers that I need to permit FTP access. Is there a more secure way to permit FTP access instead of to permit such ports? I have a FreeBSD gateway/router on a building with these ports open and I?m having some problems with users using softwares like Kasaa and eMule. Any help would be appreciated. Thank?s Ronan
Zitat von Ronan Lucio <ronan@melim.com.br>:> I usualy permit TCP traffic on ports from 1025 to 65535 of the servers > that I need to permit FTP access. > > Is there a more secure way to permit FTP access instead of to > permit such ports?What ftp server are you using? If I remember right ProFTPd allows you to define what passive ports to use, eg. 50000-50100 or something like that. Then you only open up that ports you defined in proftpd.conf in the firewall. Or did you mean outgoing ftp traffic? hth, Jan
Jan,> What ftp server are you using? If I remember right ProFTPd allows you todefine> what passive ports to use, eg. 50000-50100 or something like that. Thenyou only> open up that ports you defined in proftpd.conf in the firewall. > Or did you mean outgoing ftp traffic?My main problem is a Internet gateway to provide Internet access for a building where the clients need to access other FTP servers from other servers. For example: We provide Internet access for a building. If the clients of these network need to access the FreeBSD FTP server and Yahoo and etc... I?m permiting ports from 1025 to 65535 to make it possible. Is it right? Thank?s, Ronan