[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] secFTP not working on Qube2

Subject: Re: [cobalt-security] secFTP not working on Qube2
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Thu, 26 Oct 2000 15:03:15 +0100 (BST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Tue, 24 Oct 2000, Jeff Lovell wrote:

> Mike Vanecek wrote:
> > 
> > Active and passive work if using non-secure session.
> > 
> > Both passive and active are broken for me if I do a ssh1 session (using the
> > openssh 2.1.1 install from Cobalt). Using the latest version of SecureCRT to
> > establish the port forwarding. I have not tried a ssh2 session.
> > 
> > I have sent you the logs in a private message.
> > 
> > I would be a happy camper if either one worked via ssh.
> 
> This is working for me.
> 
> Add the following directive to your /etc/proftpd.conf file:
> 
> AllowForeignAddress             on
> 
> Here are the details from proftpd:
> http://www.proftpd.net/docs/configuration.html#AllowForeignAddress

Note that by doing this you allow 'bounce' attacks (but then, if you deny
anonymous access this shouldn't really be much of a problem), and at any
rate forwarding ftp thru ssh leaves the actual data
unencrypted.  Passwords are exchanged over a secure channel, though.

Follow-Ups:
- Re: [cobalt-security] secFTP not working on Qube2
  - From: Mike Vanecek

References:
- Re: [cobalt-security] secFTP not working on Qube2
  - From: Jeff Lovell

Prev by Date: Re: [cobalt-security] [RaQ3i] mysql question
Next by Date: Re: [cobalt-security] secFTP not working on Qube2
Previous by thread: Re: [cobalt-security] secFTP not working on Qube2
Next by thread: Re: [cobalt-security] secFTP not working on Qube2

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index