Re: [squid-users] Unsafe PASV reply

From: Marc Elsen <[email protected]>
Date: Thu, 28 Nov 2002 14:01:08 +0100

-JhAzEr- wrote:
>
> I got this on my log file:
>
> [squid] Unsafe PASV reply from "IP ADDRESS": Entering Passive Mode (192,168,1,1,9,177).
>
> What does it mean?

 I haven't reasoned this one through completely.
 It is related to security issues around the FTP protocol.

 In normal passive ftp the ftp server will instruct the
 client to use a certain port for the data transfer, instead
 of the server itself initiating a connection to the client
 which was originally done in ftp.
 From a server view point this was considered unsafe and later
 the concept of passive ftp was introduced.

 Now in the case of SQUID and a remote ftp server, SQUID is
 server (service) too and probably wants to protect it's security
 interests, thereby perhaps itself not wanting to make connections
 to ports in the context of passive ftp which it is not sure
 about.

 But I am lacking the final clue, as to the real meaning of
 this message...

 M.

>
> Slackware 9.0 Beta
> ------------------------------
> pub 1024D/04BAE461 2002-10-22 -JhAzEr- <catsedp@cats.com.ph>
> sub 1024g/63BA0ABD 2002-10-22 Mobile Phone: 0920-2625725
>
> Window Manager ---> Ratpoison-1.1.1
> Email Client ---> Pygmy-0.6.0
> Web Browser ---> Phoenix-0.3 (Lucia)
>
> [gcc-3.2] [gnupg-1.2.0] [gpgme-0.3.9]

-- 
 'Time is a consequence of Matter thus
 General Relativity is a direct consequence of QM
 (M.E. Mar 2002)
Received on Thu Nov 28 2002 - 06:01:12 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:37 MST