FTP- All you need to know

First whether it is passive or active
from PC>ftp
username:-xxxxxx
password:-xxxxxxx
Till here it is same all these (including syn,syn/ack,ack)uses dest port as 21 from PC and src prt=21 from server
If user is not getting that it means there is no reachability or problem with server.
PC>LS -al   <--------------now actual FTP (active/passive)comes here and explained below

Now we we need passive we need to type passive
PC>passive

Passive using Nat:
===========
PC(10.2.0.1)------------(10.2.0.128)SERVER

PC---------PA--------------ISP=================SERVER

PC>passive
PC--------cmd,src=PAT,dest=21,---------------------------->SERVER


<--------------------ACK-------------------------------SERVER(it tells client> try to connect to port which is >1024)


PC------,srcport=PAT,destport=( random port=32771))-------->SERVER

PC<--------------------ACK, srcport=21,dest port=PAT------------------SERVER

===============================================================
Active:-
====

Active using nat:
==========
 control channel-------------------port 21
 data channel communications---port 20 

PC(10.2.0.1)------------(10.2.0.128)SERVER

PC---------PA--------------ISP=================SERVER

PC-----------cmd,src=PAT,dest=21,active(ip of PA + random port_59860)-------->SERVER

Now paloalto do L7 inspection has capability to read active(ip of PA + random port_100) L7 header and opens next connection with random port_100

<-----------ACK-------src=21,dest=40504------------------------------------------------SERVER

<------------------------source=20,dest port=59860---------------------------SERVER

Paloalto already opened dynamically by doing L7 inspection.(ALG)

PC------------------------ACK=src=40504 dest=21================>

This is not Firewall friendly because there are two connections one from PC to SERVER and other connection seperately from server to PC






0 Response to "FTP- All you need to know"

Post a Comment

Powered by Blogger