Hello dear friends... I have a trouble. My FTP server must have an active ftp connection. It means what in ipfw rules I must allow outgoing connections(like ipfw add allow tcp from me to any keep-state). But I don't want use this rule. I want to restrict my outgoing connections. Is FreeBSD have a feature for this situation? P.S. Only for test we developed little root-kit, which can use only outgoing connections. example: 1. rootkit gets a command from remote machine 2. do this command. 3. connects to remote machine and returns result. So we havn't got connections to my server, only outgoing.. Best regards..
Hello wsx, Saturday, December 18, 2004, 1:18:55 PM, si napisal:> Hello dear friends...> I have a trouble. My FTP server must have an active ftp connection. > It means what in ipfw rules I must allow outgoing connections(like ipfw add > allow tcp from me to any keep-state). > But I don't want use this rule. I want to restrict my outgoing connections. Is > FreeBSD have a feature for this situation?what about allowing these outgoing connection only for ftpd's port?> P.S. > Only for test we developed little root-kit, which can use only outgoing > connections. example: > 1. rootkit gets a command from remote machine > 2. do this command. > 3. connects to remote machine and returns result. > So we havn't got connections to my server, only outgoing..> Best regards..-- CU soon +----------==/\/\==----------+ (__) FreeBSD | DanGer <danger@wilbury.sk> | \\\'',) The | DanGer@IRCnet ICQ261701668 | \/ \ ^ Power | http://danger.homeunix.org | .\._/_) To +----------==\/\/==----------+ Serve
On Sat, 18 Dec 2004, wsx wrote:> Hello dear friends... > > I have a trouble. My FTP server must have an active ftp connection. > It means what in ipfw rules I must allow outgoing connections(like ipfw add > allow tcp from me to any keep-state). > But I don't want use this rule. I want to restrict my outgoing connections. IsActive FTP-data goes from server IP:port 20 to client IP:random port. You don't need to open ALL ourgoing traffic, just those coming from port 20 on your ftp server. Fer