Professional Web Applications Themes

ftp problems - SCO

Ken Benson wrote (on Fri, Jul 04, 2003 at 03:45:31AM +0000): > I have an interesting problem that I'm hoping someone out there can offer > some insight into ... > > We have a client using OpenServer 5.0.5 - this machine is connected to the > Internet via a DSL/Cable modem/router. This client is one of several > clients that have a similar configuration. The difference here is the > inability to complete an ftp session. > > We have a firewall in our company, but ftp outbound is open for a select > group of individuals. These individuals ...

  1. #1

    Default Re: ftp problems

    Ken Benson wrote (on Fri, Jul 04, 2003 at 03:45:31AM +0000):
    > I have an interesting problem that I'm hoping someone out there can offer
    > some insight into ...
    >
    > We have a client using OpenServer 5.0.5 - this machine is connected to the
    > Internet via a DSL/Cable modem/router. This client is one of several
    > clients that have a similar configuration. The difference here is the
    > inability to complete an ftp session.
    >
    > We have a firewall in our company, but ftp outbound is open for a select
    > group of individuals. These individuals can (and often do) ftp files to and
    > from customer sites - but not to this customer site.
    >
    > In experimenting, I tried an ftp session from my home PC (no firewall) and
    > the session seemed to work okay - I transferred a small file. This would be
    > an ftp INBOUND to the machine in question from a Windows box.
    >
    > So .. I tried another experiment - another OpenServer customer on the
    > Internet - I pushed a file from that other customer to the machine in
    > question - again INBOUND to the machine in questions from an OpenServer
    > 5.0.6 machine and this worked just fine.
    >
    > It would be easy to jump to the conclusion that the firewall is at fault -
    > however, this same firewall allows ftp traffic to and from machines all the
    > time - just not this particular machine.
    >
    > I'm really at a loss where to begin on this issue ... any ideas?
    Start with the brand/model of the firewall router.

    Continue with a disclosure of whether you are using active or passive ftp.
    (If you don't know the difference, you are in for a learning experience! They
    are *very* different. One hint: passive ftp is much more easier to accomplish
    over a firewall).

    Finish by describing, in more detail, what went wrong. "... the inability to
    complete an ftp session."

    --
    _________________________________________
    Nachman Yaakov Ziskind, EA, LLM [email]awacsegps.com[/email]
    Attorney and Counselor-at-Law [url]http://yankel.com[/url]
    Economic Group Pension Services [url]http://egps.com[/url]
    Actuaries and Employee Benefit Consultants
    Nachman Yaakov Ziskind Guest

  2. #2

    Default Re: ftp problems


    "Nachman Yaakov Ziskind" <awacsegps.com> wrote in message
    news:20030704120503.A7001egps.egps.com...
    > Ken Benson wrote (on Fri, Jul 04, 2003 at 03:45:31AM +0000):
    > > I have an interesting problem that I'm hoping someone out there can
    offer
    > > some insight into ...
    > >
    > > We have a client using OpenServer 5.0.5 - this machine is connected to
    the
    > > Internet via a DSL/Cable modem/router. This client is one of several
    > > clients that have a similar configuration. The difference here is the
    > > inability to complete an ftp session.
    > >
    > > We have a firewall in our company, but ftp outbound is open for a select
    > > group of individuals. These individuals can (and often do) ftp files to
    and
    > > from customer sites - but not to this customer site.
    > >
    > > In experimenting, I tried an ftp session from my home PC (no firewall)
    and
    > > the session seemed to work okay - I transferred a small file. This
    would be
    > > an ftp INBOUND to the machine in question from a Windows box.
    > >
    > > So .. I tried another experiment - another OpenServer customer on the
    > > Internet - I pushed a file from that other customer to the machine in
    > > question - again INBOUND to the machine in questions from an OpenServer
    > > 5.0.6 machine and this worked just fine.
    > >
    > > It would be easy to jump to the conclusion that the firewall is at
    fault -
    > > however, this same firewall allows ftp traffic to and from machines all
    the
    > > time - just not this particular machine.
    > >
    > > I'm really at a loss where to begin on this issue ... any ideas?
    >
    > Start with the brand/model of the firewall router.
    Our firewall is a Windows based software firewall - I'm not sure what flavor
    it is, but it is probably not the problem - we can and VERY often ftp
    through it in both directions to other OpenServer machines. I'm not aware
    of a firewall router at all at the customer site, but will try to find that
    out tomorrow.
    >
    > Continue with a disclosure of whether you are using active or passive ftp.
    > (If you don't know the difference, you are in for a learning experience!
    They
    > are *very* different. One hint: passive ftp is much more easier to
    accomplish
    > over a firewall).
    Active ftp - I've tried to switch to passive and the ftp client returns an
    error - it doesn't understand the command "passive".
    >
    > Finish by describing, in more detail, what went wrong. "... the inability
    to
    > complete an ftp session."
    The detail is variable. Often we can connect via ftp from the customer's
    machine to an OpenServer machine on our DMZ - provide the login and
    password, issue commands (such as "bin" or "asc") .. but as soon as a
    command is given which would require actual data exchange - the system
    responds with "421 Service not available, remote server has closed
    connection".

    If we initiate the ftp session in the reverse - from a machine inside our
    network TO the customer's machine - the difference is that it appears to be
    working - no error is generated. But, the file size stays at zero
    indicating the file is not actually being transferred. Often this process
    just appears to be hung and must be broken out of - occasionally, the ftp
    client will actually indicate that the remote has timed out.


    >
    > --
    > _________________________________________
    > Nachman Yaakov Ziskind, EA, LLM [email]awacsegps.com[/email]
    > Attorney and Counselor-at-Law [url]http://yankel.com[/url]
    > Economic Group Pension Services [url]http://egps.com[/url]
    > Actuaries and Employee Benefit Consultants

    Ken Benson Guest

  3. #3

    Default Re: ftp problems

    Ken Benson wrote (on Mon, Jul 07, 2003 at 01:50:34AM +0000):
    >
    > "Nachman Yaakov Ziskind" <awacsegps.com> wrote in message
    > news:20030704120503.A7001egps.egps.com...
    > > Ken Benson wrote (on Fri, Jul 04, 2003 at 03:45:31AM +0000):
    > > > I have an interesting problem that I'm hoping someone out there can
    > offer some insight into ...
    > > >
    > > > We have a client using OpenServer 5.0.5 - this machine is connected to
    > the Internet via a DSL/Cable modem/router. This client is one of several
    > > > clients that have a similar configuration. The difference here is the
    > > > inability to complete an ftp session.
    > > >
    > > > We have a firewall in our company, but ftp outbound is open for a select
    > > > group of individuals. These individuals can (and often do) ftp files to
    > and from customer sites - but not to this customer site.
    > > >
    > > > In experimenting, I tried an ftp session from my home PC (no firewall)
    > and the session seemed to work okay - I transferred a small file. This
    > would be an ftp INBOUND to the machine in question from a Windows box.
    > > >
    > > > So .. I tried another experiment - another OpenServer customer on the
    > > > Internet - I pushed a file from that other customer to the machine in
    > > > question - again INBOUND to the machine in questions from an OpenServer
    > > > 5.0.6 machine and this worked just fine.
    > > >
    > > > It would be easy to jump to the conclusion that the firewall is at
    > fault - however, this same firewall allows ftp traffic to and from machines
    > > all
    > the time - just not this particular machine.
    > > >
    > > > I'm really at a loss where to begin on this issue ... any ideas?
    > >
    > > Start with the brand/model of the firewall router.
    >
    > Our firewall is a Windows based software firewall - I'm not sure what flavor
    > it is, but it is probably not the problem - we can and VERY often ftp
    > through it in both directions to other OpenServer machines. I'm not aware
    > of a firewall router at all at the customer site, but will try to find that
    > out tomorrow.
    >
    > >
    > > Continue with a disclosure of whether you are using active or passive ftp.
    > > (If you don't know the difference, you are in for a learning experience!
    > They are *very* different. One hint: passive ftp is much more easier to
    > accomplish over a firewall).
    >
    > Active ftp - I've tried to switch to passive and the ftp client returns an
    > error - it doesn't understand the command "passive".
    >
    > >
    > > Finish by describing, in more detail, what went wrong. "... the inability
    > to complete an ftp session."
    >
    > The detail is variable. Often we can connect via ftp from the customer's
    > machine to an OpenServer machine on our DMZ - provide the login and
    > password, issue commands (such as "bin" or "asc") .. but as soon as a
    > command is given which would require actual data exchange - the system
    > responds with "421 Service not available, remote server has closed
    > connection".
    >
    > If we initiate the ftp session in the reverse - from a machine inside our
    > network TO the customer's machine - the difference is that it appears to be
    > working - no error is generated. But, the file size stays at zero
    > indicating the file is not actually being transferred. Often this process
    > just appears to be hung and must be broken out of - occasionally, the ftp
    > client will actually indicate that the remote has timed out.
    I would turn up debugging on the ftp daemon, and employ a packet sniffer to
    yze further. I had a problem with one version of wu-ftp (that's what SCO
    uses); it barfed and hung on an obscure command ('site help') that IE (5.5?)
    sent - could not browse with IE, but could with command line or Opera. SCO had
    a newer binary, and that did the trick.

    Of course, this may not be your problem (you're really using a Windows
    firewall?), but if you want details on which server I had trouble with, I'll
    try to dig them up. The problem is that I have two or three floating around
    (security patches, maybe?)

    Good luck!

    --
    _________________________________________
    Nachman Yaakov Ziskind, EA, LLM [email]awacsegps.com[/email]
    Attorney and Counselor-at-Law [url]http://yankel.com[/url]
    Economic Group Pension Services [url]http://egps.com[/url]
    Actuaries and Employee Benefit Consultants
    Nachman Yaakov Ziskind Guest

Similar Threads

  1. SQL Problems - can this be right?
    By bmyers in forum Coldfusion Database Access
    Replies: 6
    Last Post: November 16th, 03:31 PM
  2. PDF problems
    By Doug in forum Macromedia Freehand
    Replies: 6
    Last Post: April 21st, 09:41 PM
  3. 2 problems
    By pBarrelas in forum Macromedia Flash Sitedesign
    Replies: 4
    Last Post: December 4th, 09:35 PM
  4. Replies: 0
    Last Post: September 22nd, 02:18 PM
  5. scp problems - again
    By Dr. David Kirkby in forum AIX
    Replies: 7
    Last Post: August 1st, 02:00 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139