martin f krafft <madduck@debian.org> [2002-09-06 20:30:36 +0200]: > anyone have an answer why security.debian.org sends active FTP > transfers from a high port rather than port 20? IIRC there is nothing particularly interesting in that. The ftpd will open a connection back to your port and will use a randomly assigned port on its end. Remember that root access is needed to open a port below 1024. But having every program run as root opens up many possibilities for security attacks against it. Therefore there has been a big movement to run as much of daemon code as possible non-root. Which means that more and more you will see use of privileged ports diminish in order to accomplish that. I am guessing any change in behavior is due to this. If you open up a "passive" ftp connection you should see all connections from your end to the server and then all of them should go to the published incoming port numbers in /etc/services. But they will be high port numbers on your end instead since you are the originator. Most browsers use passive ftp by default. To open a passive connection in ftp use "passive" as a command. The wget program has a --passive-ftp option. Bob
Attachment:
pgpIJ2QCTKjO5.pgp
Description: PGP signature