HPE Community
Operating System - HP-UX
1849418 Members
8385 Online
104044 Solutions
New Discussion

Re: ftpd

 
A.G.M. Velthof
Valued Contributor

‎06-20-2006 07:50 PM

‎06-20-2006 07:50 PM

ftpd

Hello all,

Once in a while (weekly) I get this error in my syslog:
ftpd(6715) refused PORT 0,0 from 128.40.60.128 (client)
I already put -m 999 in inetd.conf, but it didn't help

Anyone any idea?
0 Kudos
Reply
6 REPLIES 6
Marcel Boogert_1
Trusted Contributor

‎06-20-2006 08:08 PM

‎06-20-2006 08:08 PM

Re: ftpd

Hi there,

Can you reach the IP-address?
If so, what is the client trying to do?

MB.
0 Kudos
Reply
totoperdu
Frequent Advisor

‎06-20-2006 08:39 PM

‎06-20-2006 08:39 PM

Re: ftpd

hello,

have you this error with put or get command from client?
what is your hpux version (uname -a)?
what is your ftpd version (what /usr/lbin/ftpd)?
if you can reboot your server, it's a solution otherwise, you can try to configure your tcp parameters with ndd(1M).

0 Kudos
Reply
A.G.M. Velthof
Valued Contributor

‎06-20-2006 11:10 PM

‎06-20-2006 11:10 PM

Re: ftpd

I can reach the ip-address and the client performs a get an put action.
The ftpd version is 1.22.
The hpux version is 11.11.
The server can not be rebooted every week.
0 Kudos
Reply
Marcel Boogert_1
Trusted Contributor

‎06-20-2006 11:18 PM

‎06-20-2006 11:18 PM

Re: ftpd

Hi there,

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=919993&admit=-682735245+1150888613730+28353475

Try this link.

MB.
0 Kudos
Reply
totoperdu
Frequent Advisor

‎06-20-2006 11:26 PM

‎06-20-2006 11:26 PM

Re: ftpd

i found a problem like your in kmine, can you test this solution?:
PROBLEM
The following message appears in the /var/adm/syslog/syslog.log file:

refused PORT 123,4,567,8,9,012
RESOLUTION
This problem was resolved by enabling privileged mode for ftpd(1M),
however, this raises a security issue.

The default action of ftpd(1M) does not allow usage of reserved ports
as the originating port on the client's system. The PORT command
cannot specify a reserved port. The "-p" option allows the client
to specify a reserved port.

Note that allowing the use of reserved ports can result in the misuse
of ftpd. The security ramifications should be understood before the
option is turned on. Since the client is opening ftp through a
particular port in this application, any person who knows the
privileged port can have access to the system details.

A safer course would be to modify the port number through which
this particular client is calling the host. The application vendor
may be able to help in this.

To enable privileged mode for ftpd(1M), edit the /etc/inetd.conf file
and add the "-p" option to the ftpd entry. It is necessary to
restart the inetd daemon after editing this file. Example syslog
entries below indicate a successful connection:

Jun 29 15:54:32 hostname ftpd[25474]: FTP LOGIN FROM
123.4.567.890,
Jun 29 15:54:32 hostname ftpd[25474]: PORT
Jun 29 15:54:32 hostname ftpd[25474]: Client port is a
privileged port. ftpd option 'p' overrides default.
Jun 29 15:54:32 hostname ftpd[25474]: User logged out
0 Kudos
Reply
A.G.M. Velthof
Valued Contributor

‎06-21-2006 12:37 AM

‎06-21-2006 12:37 AM

Re: ftpd

Thanks to both of You.
For now I put in the -i and -L parameter to get some more information.
Have to wait however until it goes wrong.....
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.