| Bernard 2004-01-24, 1:53 am |
| Not too sure, but it make little sense -
This entry is disabled by default to prevent a security problem in the FTP
protocol specification. Because EnablePortAttack is disabled by default, you
should enable this flag if you want users to connect by using other ports as
specified in the FTP RFC. The FTP service specification allows passive
connections to be established based on the port address given by the client.
This can allow malicious users to execute destructive commands in the FTP
service. The problem occurs when the FTP service makes a connection to a
client using a port other than FTP Data port (20) and that port number is
less than IP_PORT_RESERVED (1024). EnablePortAttack controls whether or not
such an attack should be allowed. By default, the service does not make any
connections to port numbers lower than IP_PORT_RESERVED (other than 20).
For 'invalid port command' refer -
FTP Error: 500 Invalid PORT Command
http://support.microsoft.com/?id=281193
you might get this if you using NAT and change the default port other than
21.
I have a box running without NAT, and it work perfectly for both modes.
--
Regards,
Bernard Cheah
http://support.microsoft.com/
Please respond to newsgroups only ...
"Charles28871763" <anonymous@discussions.microsoft.com> дÈëÏûÏ¢
news:EDD0A997-A046-4E87-9D36-56D51DF1914F@microsoft.com...quote:
> I changed the EnablePortAttack's value to 1.
> This fixed the conflict occuring outside my network. Recently, external
clients were getting a FTP Folder Errorquote:
> and it says "....Invalid PORT command.....".
> I enabled EnablePortAttack and it fixed it.
> Is it true that enabling this entry could cause problems to my server?
|