I don’t understand this business of FTP ports for PASV mode. (Well, there’s a lot I don’t understand, but let’s stick to one thing at a time….) As my server will only have to deal with a small number of FTP connections, I understand that I can get away with only a relatively small number of open ports - say 4900 to 5000 – and I have seen advice that this is more secure… but why? If having 1000 ports open is insecure then surely so is 100, or even 10 for that matter. And how can it be that insecure anyway, or no FTP server anywhere would be safe…. And how can I ensure that these ports are ONLY available (open) for authenticated FTP traffic?
(I would happily not use PASV mode at all. But for some reason one user (using Filezilla on a Mac…) seems unable to connect – their log shows it keeps attempting to enter PASV mode, even though their settings do say to use Active. Strange.)
(I would happily not use PASV mode at all. But for some reason one user (using Filezilla on a Mac…) seems unable to connect – their log shows it keeps attempting to enter PASV mode, even though their settings do say to use Active. Strange.)
