AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Is there a way to open these passive ports without opening them in the security group opn AWS, perhaps using ip configurations on the EC2 server like in this article ( )? I'm not familiar with these types of configurations and am not sure what to do here. We whitelist the IPs of all our customers who will connect to this server on port 21. Users can connect via port 21 if I open up TCP Ports 60000 through 65535 on the security group associated with this instance, but this doesn't feel secure to me (I'm not familiar with Passive FTP or opening up a range of ports like this). When the server has used up all passive ports (one per client doing passive data transfer), the next clients will have to wait for an available port. Any combination of specified values or ranges can be used. ![]() TLSRSACertificateKeyFile /etc/proftpd/ssl/ Open ended ranges start at 1 and end at 65535, that is, the range 60000- will allow all ports between 6005. TLSOptions NoCertRequest AllowClientRenegotiations ![]() I have enabled SSL (FTPS) on for ProFTPd and set passive ports in nf: port 21 I have installed ProFTPd on an Amazon EC2 running Amazon Linux.
0 Comments
Read More
Leave a Reply. |