Re: 2003 FTP with IIS
From: Paul Baker [MVP, Windows - SDK] (paulb_at_online.rochester.rr.com)
Date: 10/20/04
- Next message: davee: "FTP over ad"
- Previous message: dlbjr: "Re: Changing .asp extension"
- In reply to: Alun Jones [MSFT]: "Re: 2003 FTP with IIS"
- Next in thread: Bernard: "Re: 2003 FTP with IIS"
- Reply: Bernard: "Re: 2003 FTP with IIS"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 20 Oct 2004 12:18:19 -0400
Alun,
I agree that the behaviour of the firewall is appropriate. I meant only to
document it for those who are wondering.
Perhaps the FTP command line tool should support PASV FTP. Command line FTP
is useful in debugging tricky FTP servers and available to a Telnet session,
and so I believe it warrants further development if appropriate and is not
just a "there for backwards compatibility only and obsolete" thing. I am not
sure if it would use the Internet Options setting or something else. Some
users probably percieve this as an Internet Explorer only setting and would
be puzzled by its used in the FTP command line tool, whereas others would
probably expect it to be system wide, especially those who use other
applications that implement FTP using WinInet. If it used something else, it
would probably be nice to go the same route as with Telnet in Windows 2000.
That is, implement commands to set the local options.
Keep up the good work!
Paul
"Alun Jones [MSFT]" <alunj@online.microsoft.com> wrote in message
news:eZ3gPKitEHA.1296@TK2MSFTNGP10.phx.gbl...
> "Paul Baker [MVP, Windows - SDK]" <paulb@online.rochester.rr.com> wrote in
> message news:%23e7PRshtEHA.3984@TK2MSFTNGP09.phx.gbl...
> > Passive FTP is compatible with the Windows XP Service Pack 2 firewall.
> > However, the default in Windows XP is active FTP and installing Service
> > Pack
> > 2 preserves the setting. Therefore the Service Pack 2 firewall breaks
FTP
> > in
> > Internet Explorer by default.
>
> This is by design on the firewall's part - after all, you'd hate to have
all
> those ports open for incoming traffic unless you actually used them, yes?
> Secure by Default is one of the goals we're working hard on keeping to -
and
> that means that the firewall generally isn't opened up for everything that
> could be running on the machine. It is the work of moments to tell the
> firewall to allow Internet Explorer to open up whatever ports it likes, or
> (more secure) to switch Internet Explorer into using PASV mode.
>
> I can't comment on the defaults for Internet Explorer in different
versions
> of Windows XP - I don't have a fresh install handy to check right now.
>
> > Does the FTP command uses that setting?
>
> The command line ftp.exe tool only supports active mode FTP.
>
> > But either way, someone has to open a random port.
> >
> > What are you suggested solutions? I would like to hear them.
>
> My suggested solutions at present are not suitable for publication.
>
> Alun.
> ~~~~
>
>
>
- Next message: davee: "FTP over ad"
- Previous message: dlbjr: "Re: Changing .asp extension"
- In reply to: Alun Jones [MSFT]: "Re: 2003 FTP with IIS"
- Next in thread: Bernard: "Re: 2003 FTP with IIS"
- Reply: Bernard: "Re: 2003 FTP with IIS"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
