|
Home > Archive > IIS Server Security > January 2004 > Windows command line FTP
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Windows command line FTP
|
|
|
| Problem: Command line FTP returns this message when
trying to create a sub-directory using the commands mkd or
mkdir. "500 command not permitted through gateway"
I am running through a Gateway. I can send files, delete
files even rename files but can not create sub directories.
What is the problem
| |
| Karl Levinson [x y] mvp 2004-01-28, 9:36 pm |
| Try the MD command?
Look at the permissions on the folder? [if you're logging in anonymously,
the default account used is IUSR]
Enable NTFS file auditing for all failure types and check the windows
security event log?
http://securityadmin.info/faq.asp#auditing
Try the FTP locally on the FTP server or on another machine that doesn't go
through the gateway to see whether the gateway is the problem?
What kind of "gateway?" Contact the gateway admin and have her search or
contact the manufacturer of the gateway for support, and/or look at the
gateway's documentation, logs and settings?
BTW, you have one or another potential security problems on your FTP server:
if you're doing this anonymously, the IUSR anonymous user should never be
able to both read and write to any folder. This is especially true on
internet-facing FTP servers, but is also wise for internal FTP servers as
well. OR, if you're logging in as a different user ID to FTP, the ID and
password is passed in clear text across the network and can possibly be
sniffed by an attacker. This may or may not be a concern to you. Encrypted
alternatives include PuTTY / SSH / SCP [free versions available] from
www.networksimpicity.com or http://www.openssh.com/windows.html or
www.sf.net
"Al" <albert.siefkas@pw.utc.com> wrote in message
news:58c101c3e511$bd943f80$a601280a@phx.gbl...quote:
> Problem: Command line FTP returns this message when
> trying to create a sub-directory using the commands mkd or
> mkdir. "500 command not permitted through gateway"
> I am running through a Gateway. I can send files, delete
> files even rename files but can not create sub directories.
>
> What is the problem
>
>
| |
| Paul Lynch 2004-01-29, 1:47 am |
| On Tue, 27 Jan 2004 12:11:25 -0800, "Al" <albert.siefkas@pw.utc.com>
wrote:
quote:
>Problem: Command line FTP returns this message when
>trying to create a sub-directory using the commands mkd or
>mkdir. "500 command not permitted through gateway"
>I am running through a Gateway. I can send files, delete
>files even rename files but can not create sub directories.
>
>What is the problem
>
Your proxy server or gateway is using a technique designed to prevent
script kiddies from creating warez directories and uploading the
Matrix Revolutions DVD ;-)
In other words certain FTP commands are being denied by your network
boundary device.
The only way to 'fix' this is to ask your network admin to put you on
the access list of people who can issue said commands.
Regards,
Paul Lynch
MCSE
|
|
|
|
|