FTP- All you need to know
First whether it is passive or active
from PC>ftp
username:-xxxxxx
password:-xxxxxxx
Till here it is same all these (including syn,syn/ack,ack)uses dest port as 21 from PC and src prt=21 from server
If user is not getting that it means there is no reachability or problem with server.
PC>LS -al <--------------now actual FTP (active/passive)comes here and explained below
Now we we need passive we need to type passive
PC>passive
Passive using Nat:
===========
PC(10.2.0.1)------------(10.2.0.128)SERVER
PC---------PA--------------ISP=================SERVER
PC>passive
PC--------cmd,src=PAT,dest=21,---------------------------->SERVER
<--------------------ACK-------------------------------SERVER(it tells client> try to connect to port which is >1024)
PC------,srcport=PAT,destport=( random port=32771))-------->SERVER
PC<--------------------ACK, srcport=21,dest port=PAT------------------SERVER
===============================================================
Active:-
====
==========
control channel-------------------port 21
data channel communications---port 20
PC(10.2.0.1)------------(10.2.0.128)SERVER
PC---------PA--------------ISP=================SERVER
PC-----------cmd,src=PAT,dest=21,active(ip of PA + random port_59860)-------->SERVER
Now
paloalto do L7 inspection has capability to read active(ip of PA +
random port_100) L7 header and opens next connection with random
port_100
<-----------ACK-------src=21,dest=40504------------------------------------------------SERVER
<------------------------source=20,dest port=59860---------------------------SERVER
Paloalto already opened dynamically by doing L7 inspection.(ALG)
PC------------------------ACK=src=40504 dest=21================>
This
is not Firewall friendly because there are two connections one from PC
to SERVER and other connection seperately from server to PC
0 Response to "FTP- All you need to know"
Post a Comment