fc3 ftp connects but not working (Solved)
Jim Cornette
fc-cornette at insight.rr.com
Mon Feb 21 05:11:02 UTC 2005
Barry Yu wrote:
> Craig White wrote:
>
>> On Sun, 2005-02-20 at 08:57 +0800, Barry Yu wrote:
>>
>>
>>> I connect to an XP ftp server the connection is made but can't go on
>>> further to do anything, below are what happened;
>>>
>>> ***************
>>> [root at station-3 ~]# ftp 192.168.1.111
>>> Connected to 192.168.1.111.
>>> 220-Microsoft FTP Service
>>>
>>> ----------------------------------------------------------------------------
>>>
>>> This is XP FTP server
>>> 220
>>> ----------------------------------------------------------------------------
>>>
>>> 500 'AUTH GSSAPI': command not understood
>>> 500 'AUTH KERBEROS_V4': command not understood
>>> KERBEROS_V4 rejected as an authentication type
>>> Name (192.168.1.111:root): myname
>>> 331 Password required for myname.
>>> Password: mypassword
>>> 230-Welcom to The XP FTP server
>>> 230 User myname logged in.
>>> Remote system type is Windows_NT.
>>> ftp> passive
>>> Passive mode off.
>>> ftp> ls
>>> 200 PORT command successful.
>>> 150 Opening ASCII mode data connection for /bin/ls.
>>>
>>> (The cursor just hangs for ever and not responding)
>>>
>>> *******************
>>> In my machine I have multiboot system, XP, fc1, fc3, except fc3 other
>>> 2 O/S can connect to that ftp server and download file from it.
>>> Any advice is appreciated.
>>>
>>
>> ----
>> seems like a firewall issue...
>>
>> insmod ipconntrack
>> insmod inconntrack_ftp
>>
>> see if those commands help
>>
>> Craig
>>
>>
>>
> Craig you are right, it is a security issue, when I check the System
> setting->Security Lever, the Trusted device eth0 was not checked. After
> I check it, the ftp is working now.Tks.
>
I believe that selecting eth0 as a trusted device opens your computer to
a state that is like having no firewall at all. If it goes to the
outside world, it would not be good. To go to a local network where
trust is not an issue, it might be safe enough to allow.
You might want to check into what allowing a device does. I believe the
issue was discussed either on one of the early redhat lists or on our
local lug. (About a year back).
Regarding ftp it would be great if everything was setup to work when you
choose ftp in the securitylevel. I stop iptables myself, ftp the files
over, then restart iptables. (computer to computer, no external
network). I never tried adding the modules suggested above. This is
probably the best solution for long term ftp usage.
Alexander had a good explanation regarding how the modules worked and
references to ports about a month back.
Jim
--
Politics and the fate of mankind are formed by men without ideals and
without
greatness. Those who have greatness within them do not go in for politics.
-- Albert Camus
More information about the fedora-list
mailing list