Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Windows XP and FTP

from [Hamish Stanaway] Network Security [Permanent Link]
Subject: RE: Windows XP and FTP
Date: Wed, 18 Jan 2006 05:16:51 +0000 
Hi there Mike,

I have tried this, however get the same result - it tells me I do not have permission to access the folder.



Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com





From: Mike Fetherston <mike_sha@shaw.ca>
To: 'Hamish Stanaway' <koremeltdown@hotmail.com>, nick@mobilia.it, bugtraq@planetcobalt.net
CC: security-basics@securityfocus.com
Subject: RE: Windows XP and FTP
Date: Tue, 17 Jan 2006 08:50:57 -0500
MIME-Version: 1.0
Received: from pd7mo4no.prod.shaw.ca ([64.59.134.9]) by bay0-mc2-f14.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 17 Jan 2006 05:51:37 -0800
Received: from pd6mr7no.prod.shaw.ca (pd6mr7no-qfe2.prod.shaw.ca [10.0.144.220]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IT800B1ZP5YMY60@l-daemon> for koremeltdown@hotmail.com; Tue, 17 Jan 2006 06:51:34 -0700 (MST)
Received: from pn7ml1no.prod.shaw.ca ([10.0.149.110]) by pd6mr7no.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IT8002KKP5YPH00@pd6mr7no.prod.shaw.ca> for koremeltdown@hotmail.com; Tue, 17 Jan 2006 06:51:34 -0700 (MST)
Received: from mike ([24.109.18.214]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IT80002VP5N5CA0@l-daemon> for koremeltdown@hotmail.com; Tue, 17 Jan 2006 06:51:33 -0700 (MST)
X-Message-Info: JGTYoYF78jHBMs6cVUM9z++oiyoeo8b9wHwFmUx7wWI=
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-Mailer: Microsoft Outlook, Build 10.0.6626
X-MSMail-priority: Normal
Return-Path: mike_sha@shaw.ca
X-OriginalArrivalTime: 17 Jan 2006 13:51:37.0925 (UTC) FILETIME=[23005F50:01C61B6D]

Why not just use IE's built-in ftp capabilities? You can set it to passive
mode by going to Tools > Options > Advanced and ticking off "Use Passive
FTP". Then it's just a simple matter of typing in ftp://ftp.host.com in the
address bar and supplying your credentials.

Mike Fetherston

> -----Original Message-----
> From: Hamish Stanaway [mailto:koremeltdown@hotmail.com]
> Sent: Monday, January 16, 2006 3:37 AM
> To: nick@mobilia.it; bugtraq@planetcobalt.net
> Cc: security-basics@securityfocus.com
> Subject: Re: Windows XP and FTP
>
> Thanks so much Nick,
>
> This is too what I thought - however I was hoping for a work around, or
> patch to fix this issue - it is going to be hard to explain to every
> client
> I have using XP that they will have to disable their firewalls - hopefully
> someone can shed some light on this issue for both of us.
>
>
>
> Kindest of regards,
>
> Hamish Stanaway, CEO
>
> Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
> Auckland, New Zealand
>
> http://www.webhosting.net.nz
> http://www.buywebhosting.co.nz
> http://www.koreworks.com
>
>
>
>
>
> >From: nick <nick@mobilia.it>
> >To: Ansgar -59cobalt- Wiechers <bugtraq@planetcobalt.net>
> >CC: security-basics@securityfocus.com
> >Subject: Re: Windows XP and FTP
> >Date: Fri, 13 Jan 2006 09:58:26 +0100
> >MIME-Version: 1.0
> >Received: from outgoing.securityfocus.com ([205.206.231.27]) by
> >bay0-mc2-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Sun,
> 15
> >Jan 2006 10:12:39 -0800
> >Received: from outgoing.securityfocus.com by outgoing.securityfocus.com
> > via smtpd (for mail.hotmail.com [65.54.244.40]) with ESMTP; Sun, 15
> >Jan 2006 09:49:36 -0800
> >Received: from lists.securityfocus.com (lists.securityfocus.com
> >[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid
> >C9D8023D7FD; Fri, 13 Jan 2006 11:04:54 -0700 (MST)
> >Received: (qmail 1928 invoked from network); 13 Jan 2006 08:37:39 -0000
> >X-Message-Info: JGTYoYF78jGdnwFcx9O+QyGqy8tZRvhafgQ3ZaoooPs=
> >Mailing-List: contact security-basics-help@securityfocus.com; run by
> ezmlm
> >Precedence: bulk
> >List-Id: <security-basics.list-id.securityfocus.com>
> >List-Post: <mailto:security-basics@securityfocus.com>
> >List-Help: <mailto:security-basics-help@securityfocus.com>
> >List-Unsubscribe: <mailto:security-basics-unsubscribe@securityfocus.com>
> >List-Subscribe: <mailto:security-basics-subscribe@securityfocus.com>
> >Delivered-To: mailing list security-basics@securityfocus.com
> >Delivered-To: moderator for security-basics@securityfocus.com
> >User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
> >X-Accept-Language: en-us, en
> >References: <20060110011058.12554.qmail@securityfocus.com>
> ><20060111144644.A8561@planetcobalt.net>
> >X-Virus-Scanned: amavisd-new at mobilia.it
> >Return-Path:
> >security-basics-return-37743-koremeltdown=hotmail.com@securityfocus.com
> >X-OriginalArrivalTime: 15 Jan 2006 18:12:39.0317 (UTC)
> >FILETIME=[4517A450:01C619FF]
> >
> >Ansgar -59cobalt- Wiechers wrote:
> >>On 2006-01-10 koremeltdown@hotmail.com wrote:
> >>
> >>>I have Windows XP (as do many of my clients) and have noticed
> >>>something strange. When trying to access my server(s) via FTP, when
> >>>Windows (XP Pro) Firewall is turned on, you cannot perform this task.
> >>>Sometimes it has problems resolving the hostname, sometimes it just
> >>>doesn't connect at all. When disabling Windows Firewall FTP works
> >>>fine, however when just enabling FTP Access via the firewall
> >>>configuration it doesn't seem to want to work. My XP using clients
> >>>seem to be having the same problem.
> >>
> >>
> >>Looks like you (and your clients) are using FTP in active mode. In that
> >>case the FTP server tries to establish the data connection to the client
> >>which is then intercepted by the Windows Firewall. Try using passive
> >>mode.
> >>
> >>If you use the commandline FTP client: ftp.exe from Windows does only
> >>support active mode IIRC, so use something like ncftp [1] instead.
> >>
> >>[1] http://www.ncftp.com/
> >>
> >>Regards
> >>Ansgar Wiechers
> >I just dealt with a user who was unable to connect with XP and FTPX, but
> if
> >they used the command line, it worked just fine. PASV mode didn't seem to
> >make any difference. It's almost like the XP firewall doesn't keep ftp
> >states. I use an iptables firewall to connect to the server (proftpd) and
> >have 0 problems. When I had the user disable the windows firewall, it
> >connected immediately. It's a recent problem, I have a feeling that MS
> >changed the behaviour of the firewall recently, perhaps inadvertantly?
> >
> >I recommended that the user try another firewall, but this seems like an
> >MS problem...
> >
> >
> >
> >-------------------------------------------------------------------------
> --
> >EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> >The Norwich University program offers unparalleled Infosec management
> >education and the case study affords you unmatched consulting experience.
> >Tailor your education to your own professional goals with degree
> >customizations including Emergency Management, Business Continuity
> >Planning, Computer Emergency Response Teams, and Digital Investigations.
> >
> >http://www.msia.norwich.edu/secfocus
> >-------------------------------------------------------------------------
> ---
> >
>
>
>
> --------------------------------------------------------------------------
> -
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting experience.
> Tailor your education to your own professional goals with degree
> customizations including Emergency Management, Business Continuity
> Planning,
> Computer Emergency Response Teams, and Digital Investigations.
>
> http://www.msia.norwich.edu/secfocus
> --------------------------------------------------------------------------
> --






---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: University Degree or CISSP, shyaam
Next by Date:  New Tool: Windows Permission Identifier v1.0, [at]
Previous by Thread:  RE: Windows XP and FTP, Mike Fetherston
Next by Thread:  RE: Windows XP and FTP, Daniel Jimenez
Indexes:  [Date] [Thread] [Top] [All Lists]