Results 1 to 4 of 4

Thread: How to open ports in vsftp passive mode

  1. 19-05-2009 #1
    Maximilian5
    Maximilian5 is offline Member
    Join Date
    May 2009
    Posts
    47

    How to open ports in vsftp passive mode

    I am running vsftpd running on my Linux server. My vsftpd is configure under active mode to receive incoming connection. As a security issue it better to configure vsftpd server in passive mode. Now in passive mode firewall is also an issue. How can i configure my server under passive mode and open more number of ports on the firewall. I only want to configure some particular ports to the user to get access. Any used port can cause a security breach. Provide suggestions.
    Reply With Quote Reply With Quote
  2. 19-05-2009 #2
    Big Fish
    Big Fish is offline Member
    Join Date
    Jan 2006
    Posts
    3,792

    Re: How to open ports in vsftp passive mode

    It is a good decision to switch to passive mode from active mode. But firewall will block your incoming connections, so that your genuine users will also affected. Also under active mode of your server security risk inherit in an unsecure protocol like FTP. Eg. usernames and passwords are sent in plain text which can be capture by sniffer. You can use more secure file transfer method like scp or sftp. I am running Proftp, and shore firewall with the help of webmin. I can setup a range of ports on the server like for passive ports 60000 62000 which include a range in firewall rules | 60000:62000. You will also need a FTP client which can target those ports.
    Reply With Quote Reply With Quote
  3. 19-05-2009 #3
    Shen
    Shen is offline Member
    Join Date
    May 2008
    Posts
    2,945

    Re: How to open ports in vsftp passive mode

    Under passive mode your server is more secure as compare to active mode. The common issue will running a server in passive mode is firewall. You can specify the Passive Port Range in your server. On the other hand if Passive Port Range is not specified the server used the available ports.The Passive Port Range are specified in - /proc/sys/net/ipv4/ip_local_port_range file
    Configuration settings :
    • Set the port rang in /etc/sysctl.conf as, net.ipv4.ip_local_port_range <start_port> <end_port> by configuring sysctl
    • sysctl -p now can load the new kernel values.
    • Open the port range specified above in your firewall.
    Reply With Quote Reply With Quote
  4. 19-05-2009 #4
    Steve123
    Steve123 is offline Member
    Join Date
    Feb 2008
    Posts
    2,635

    Re: How to open ports in vsftp passive mode

    To open more ports in you vsftp server under passive mode do the following :

    1). The below function enable local user. So that your local can use vsftp server.
    local_enable=YES
    write_enable=YES

    2). The below function enable passive mode
    pasv_enable=YES

    3). The below function enable the number of ports.
    pasv_max_port=51000
    pasv_min_port=50000
    port_enable=YES

    Don't forget to save the file. Restart your vsftpd server.
    Reply With Quote Reply With Quote
« How do i open port 25 on Ubuntu | Can't connect mc70 activesync to network »

Similar Threads

  1. FTP passive mode in Windows Explorer
    By DaaruWala in forum Windows Software
    Replies: 4
    Last Post: 23-12-2010, 07:23 PM
  2. What ports do i open for vpn
    By M. Rafi in forum Networking & Security
    Replies: 3
    Last Post: 11-08-2009, 07:13 PM
  3. Passive mode of FTP Server not working under IPTAbles
    By Oren10 in forum Networking & Security
    Replies: 3
    Last Post: 18-05-2009, 08:27 AM
  4. What ports should I open and how
    By cobrakaun in forum Networking & Security
    Replies: 5
    Last Post: 03-02-2009, 11:26 PM
  5. How to open ports?
    By Yaropolk in forum Technology & Internet
    Replies: 3
    Last Post: 13-10-2008, 07:18 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Page generated in 1,713,478,399.05572 seconds with 17 queries