FlashFXP is a Windows program which allows site to site transfers via the port bouncing technique described in rfc2577 (FTP Security Considerations [informational]). As a general rule allowing port bouncing is a bad idea and a major security hole.
Configuring Proftpd to allow port bouncing is simple, add "AllowForeignAddress on" in either the Global or Anonymous sections as appropriate and reloading the configuration will suffice. Without these directives the server will report "425 Passive PASV port theft" to syslog.
Example 4-4. Configuration fragment
ServerName "Frostbite FTPserver"
ServerType standalone
.
.
.
<Global>
.
.
.
ExtendedLog /var/spool/syslog/proftpd/fascist.log ALL default
ServerIdent on "Linux.co.uk server"
AllowForeignAddress on
PathDenyFilter "(\.htaccess)|(\.ftpaccess)$"
</Global>
.
.
.
<VirtualHost 195.200.4.15>
ServerAdmin zathras@linux.co.uk
ServerName "Linux.co.uk FTP Archive"
.
.
.
<Anonymous /ftp/ftp.linux.co.uk>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
AllowForeignAddress on
.
.
.| Prev | Zmey`s Home | Themes Wordpress | Home | Next |
| Log management | Up | Configuration |