HPE Community
Operating System - HP-UX
1820566 Members
2130 Online
109626 Solutions
New Discussion юеВ

FTP Dropped by Fireweall

 
SOLVED
Go to solution
Andrew Pollard
Super Advisor

тАО09-10-2007 06:44 AM

тАО09-10-2007 06:44 AM

FTP Dropped by Fireweall

Hi,

Regularly we receive ftp's from different servers outside the firewall and the ftp sessions are successful, but once in a while the ftp is considered to be an attack and is dropped.

The Firewall type is:
Checkpoint Firewall-1 NGX R62

The firewall error is:
Product: SmartDefense
Action: Reject
Service: ftp-basic (21)
Protocol: tcp
Source Port: 41697
Attack Name: FTP Bounce
Attack Information: Port/227 command missing a newline character

This problem is happening between different server models and HPUX OS vesions.

Does anyone have any ideas what the cause might be?

Thanks

Andrew
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

тАО09-10-2007 07:27 AM

тАО09-10-2007 07:27 AM

Solution

Re: FTP Dropped by Fireweall

Shalom,

Something about the client is triggering Checkpoint to think this is an attack.

The only way to get information on this is from checkpoint or perhaps a checkpoint firewall admin here. This isn't really an HP-UX admin question.

I'm, guessing the source or destination port is triggering it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Andrew Pollard
Super Advisor

тАО09-13-2007 12:07 AM

тАО09-13-2007 12:07 AM

Re: FTP Dropped by Fireweall

Hi Steven,

Thanks for the info, I will pass it along.

Andrew
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.