Do you still get the "echo request too long" attack info msgs? If thats the case I would try to increase even higher. 256 maybe. (Or even turn this test off)
I've had issues with this earlier (not related to ftp though), and the solution for me was to increase allowed icmp size from 64 to 128. Regards, Torkel > -----Original Message----- > From: Duda, Nick [mailto:[EMAIL PROTECTED] > Sent: 4. april 2003 15:20 > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Passive FTP error , help > > > Brought it to 128, no luck > > -----Original Message----- > From: Torkel Mathisen [mailto:[EMAIL PROTECTED] > Sent: Friday, April 04, 2003 2:56 AM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Passive FTP error , help > > > Well.. Try to fix the icmp problem in SmartDefense. > > Regards, > Torkel > > > -----Original Message----- > > From: Duda, Nick [mailto:[EMAIL PROTECTED] > > Sent: 3. april 2003 16:38 > > To: [EMAIL PROTECTED] > > Subject: Re: [FW-1] Passive FTP error , help > > > > > > It's the following line from the destination server trying to come > > back to our firewall that generates the icmp after the > passive session > > > is attempted. > > > > Nick > > > > -----Original Message----- > > From: Torkel Mathisen [mailto:[EMAIL PROTECTED] > > Sent: Thursday, April 03, 2003 2:41 AM > > To: [EMAIL PROTECTED] > > Subject: Re: [FW-1] Passive FTP error , help > > > > > > I agree. This doesn't look like the line relating to the ftp. > > > > However; if you want to fix the icmp problem go to SmartDefense, IP > > and ICMP, Max Ping Size and increase that. You probably want to > > try with 128 > > or something. > > > > Regards, > > Torkel > > > > > > > -----Original Message----- > > > From: Reinhard Stich [mailto:[EMAIL PROTECTED] > > > Sent: 3. april 2003 08:12 > > > To: [EMAIL PROTECTED] > > > Subject: Re: [FW-1] Passive FTP error , help > > > > > > > > > hi, > > > > > > are you sure this is the correct log for ftp? > > > > > > if you look at the service in this line you will see that > this is an > > > > icmp packet, not tcp (as ftp is). > > > > > > please re-check your logs. > > > > > > does "normal" ftp work? do you use a special ftp-client? > > > > > > cheers > > > reinhard > > > > > > At 16:09 02.04.2003 -0500, you wrote: > > > >I have a rule for a user to go out to an Ftp server using > > passive-ftp > > > > > >service, accept and log. All of a sudden he cant connect > > anymore, and > > > > > >the log viewer > > > reports on > > > >that rule: > > > > > > > >Attack info: Echo request too long: icmp-type 8; imcp-code: 0; > > > > > > > >Any ideas? > > > > > > > >Nick Duda, CCSA > > > >Network Administrator > > > > > > > > > > > > > > > > > > > >================================================= > > > >To set vacation, Out Of Office, or away messages, > > > >send an email to [EMAIL PROTECTED] > > > >in the BODY of the email add: > > > >set fw-1-mailinglist nomail > > > >================================================= > > > >To unsubscribe from this mailing list, > > > >please see the instructions at > > > >http://www.checkpoint.com/services/mailing.html > > > >================================================= > > > >If you have any questions on how to change your subscription > > > >options, email [EMAIL PROTECTED] > > > >================================================= > > > > > > -- > > > Reinhard Stich, ASSIST [EMAIL PROTECTED] > > > Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33 > > > Tel: +43 1 370 94 40 RS784-RIPE Fax: +43 1 370 94 40-10 > > > > > > ================================================= > > > To set vacation, Out Of Office, or away messages, > > > send an email to [EMAIL PROTECTED] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > ================================================= > > > If you have any questions on how to change your subscription > > > options, email [EMAIL PROTECTED] > > > ================================================= > > > > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
