Le ven 12/07/2002 à 11:59, SB CH a écrit :
> I would like to forward ftp request to other server's other port to improve
> the security. Is it possible?
Yes it is.
> for example,
> I would like to forward ftp request using port 26 to 211.1.1.1 port 100 or
> same port(26).
> So, I configured like this(xinetd.conf) .But this is not work
> service ftp-proxy
> {
> flags = REUSE
> socket_type = stream
> protocol = tcp
> wait = no
> user = root
> groups = yes
> server = /usr/sbin/tcpd
> redirect = 211.1.1.1 26
> }
> Surely, any service which use just one port works well,
> but FTP use two port as you know.
That's why you have to be smarter than this, using some NAT stuff (DNAT
using iptables) or FTP proxy, such as the one included in TIS.
--
Cédric Blancher
Consultant sécurité systèmes et réseaux - Cartel Sécurité
Tél: 01 44 06 97 87 - Fax: 01 44 06 97 99
PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
