[Lancaster] Firewall problem

Ken Hough kenhough at btinternet.com
Tue Sep 22 14:01:50 UTC 2009 

On Tuesday 22 September 2009 12:53:47 Mike Livsey wrote:
> Does your firewall have application level monitoring?

Not that I've discovered.

>
> It may be that you need to specifically allow the application to be
> accessed, as well as opening the relevant ports.

Actually I've solved the problem, sort of!

After many trials, I've discovered that at least two ports are being accessed 
within the range 51000 to 65000.

On checking with <http://www.iana.org/assignments/port-numbers>, I see that 
ports in the range 49152 to 65535 are defined as "DYNAMIC AND/OR PRIVATE 
PORTS".

The vsftpd server is protected from the Internet by my Netgear DG834GT router, 
and I get a clean bill of health from "Shields Up" at www.grc.com. ie a 
report of "True Stealth Mode" for some of the open upper range ports.

Also, I will only enabled vsftpd when I wish to upload/download files to 
another PC on my LAN.

So, until I can find more definative info, I will simply open the whole of 
this upper port range. 

Thanks all for support and comments.

Regards

Ken hough

>
>
>
> 2009/9/22 Ken Hough <kenhough at btinternet.com>
>
> > On Monday 21 September 2009 16:13:50 Richard Robinson wrote:
> > > On Mon, Sep 21, 2009 at 02:45:38PM +0100, andy baxter wrote:
> > > > Sorry I'm confused too. Did you try my suggestion of using wireshark
> > > > to look at what's happening over the network when you try to connect?
> > >
> > > This is probably a stupid comment, I'm not a expert at this stuff & I
> > > haven't really been paying much attention ... but :- it's not a
> > > question
> >
> > of
> >
> > > packet type, is it ? Does the firewall select for TCP / UDP ?
> >
> > I've tried enabling UDP on the firewall, but this didn't help.
> >
> > Recent tests as follows:
> >
> > 1. Accessed vsftpd locally as ftp://localhost (with the firewall enabled)
> > without any problems. This confirms that vsftpd is working as I intended.
> >
> > 2. Accessing the vsftpd server remotely (with firewall enabled) via my
> > laptop
> > running Firefox under winXP again failed. On dropping the firewall on the
> > server machine, again all was well.
> >
> > Clearly:
> >
> > --  there is a problem with the firewall on the server machine.
> >
> > --  the setup on the laptop PC is working!
> >
> >
> > As Andy recommended, I installed 'wireshark' on the laptop machine. This
> > runs
> > OK, but before commenting on what I found, I'd like to spend a bit of
> > time figuring out all of what it told me.
> >
> > It does seem that with the firewall running, I get a connection, but this
> > is
> > then dropped.
> >
> > Ho hum! Life is fun!  :-)
> >
> > Further investigation has shown that one or more TCP ports in the range
> > 50000
> > to 55000 is/are being accessed. ie if I enable this range, I get full
> > access.
> >
> > A bit more experimentation should allow me to home in of the ports
> > needed.  :-)
> >
> > Ken Hough
> >
> > _______________________________________________
> > Lancaster mailing list
> > Lancaster at mailman.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/lancaster

More information about the Lancaster mailing list