RE: redir y firewall
Hello,
FTP opens a data port from your NT back out to the outside machine. Is that
direction going to be masked properly for you?
BTW: Did you know that this can be snooped? Might be better to set up SSH.
NT has many security holes, who knows maybe somebody with ftp access can
get in and do horrible things..
Bill Suetholz
On 02-Dec-99 Iñaki Martínez wrote:
> HI!!!
>
> I have this network...
>
> router (fix IP ext) & (10.0.1.1 int)
> |
> firewall (10.0.1.2 ext) & (10.0.2.1 int)
> |
> NT server (10.0.2.2)
>
>
> Well, in router i have this rule:
> all incoming port 12345 redirect to 10.0.1.2 (debian firewall)
>
> In firewall i have ipchains with masquerade y redir with this:
> redir --lport 12345 --cport 21 --caddr 10.0.2.2 [--ftp]
>
> OK, then from outside (internet) i do:
>
> $ ftp fix_ip_route 12345
>
> OK.... go to NT server..... well
> Login..... ok
> Pass...... ok
>
> ls....... do nothing...... stalled...... :-(
>
>
> What's the problem??????
>
> Is masquerade the problem???
>
> Help....
>
>
> I need to access to nt server via ftp and upload/download files.
>
>
Reply to: