Re: [twsocket] SSL FTP problem?
> The server is the one that site5.com gives, with real IP. I don't > know if they use any firewalls. It may still be behind NAT even if you see a public, I have another public ICS FTP server that is behind NAT but still works fine with normal FTP (the firewall router is intelligent) but which will be harder to make work with SSL. If you are getting the same error as my server, almost certainly it's the same firewall issue. > Anyway, I don't have any other FTPS servers to try... Build the \sslinternet\OverbyteIcsSslFtpServ demo, although you will have to create SSL certificates to make it work. Or install FileZilla FTP server. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello Angus, Saturday, February 26, 2011, 12:20:00 PM, you wrote: ARMSL> Upload to what server, where? Your own, on your own LAN? Or behind ARMSL> another firewall, like mine? Are you using NAT on both client and server, ARMSL> or do both have public IP addresses? No, this time I did not use the router, and I don't have firewall. The computer has real internet IP. The server is the one that site5.com gives, with real IP. I don't know if they use any firewalls. Anyway, I don't have any other FTPS servers to try... -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
> I unplugged the network cable from the router and plugged it > directly to notebook. The notebook doesn't have antivirus > and firewall software. > > Now, when I upload the file using FTP SSL, FileZilla has the > same problem with directory listing hangup. Upload to what server, where? Your own, on your own LAN? Or behind another firewall, like mine? Are you using NAT on both client and server, or do both have public IP addresses? FTP always has problems with firewalls and NAT routers, due to data connections being opened on random ports, with the IP address and port being listed on the control channel using the PORT and PASV commands. Firewalls and routers have to 'read' the control channel to either open the data port specified, or for NAT to 'modify' the command to change the IP address from internal or external, or vice versa. With SSL, the control channel is encrypted so the firewall can not read the PORT or PASV commands and so can not automatically open the ports and translate IP addresses. Some FTP clients like FileZilla, and some FTP servers try to get around this by using the external IPs instead of the internal ones, but ICS does not do this automatically. I will look at getting SSL working on ics.ftptest.org, but I need to change the FTP server to restrict the data ports used, and open those on the firewall, and I'm too busy until later next week. > Unfortunately, I couldn't upload to ics.ftptest.org, it says > Error 501 Permission denied. I did say in the original email that anonymous is read only, uploading needs an account. Y > The following servers don't seem to like anonymous users. At least I > cannot log in. They all need the same account, and some may not be running all the time, for instance Microsoft FTP Server has no hacking protection so people will attempt hundreds of thousands of passwords. My servers are targets for heavy hacking, hundreds of attempts to break by firewall last week. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
It timed out from here with FileZilla. SZ On Sat, Feb 26, 2011 at 10:53 AM, Antol wrote: > > FTPS Server test: > > If anyone can test PureFTPd for ftps compatlbility, please use this > info and let me know if you can upload files in FTPS mode. Maybe the > problem is that the FTP server software is not completely compatible > with FTPS? > > ftp://174.132.5.68 > l: ftptest > p: ftptest > > > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be > -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
FTPS Server test: If anyone can test PureFTPd for ftps compatlbility, please use this info and let me know if you can upload files in FTPS mode. Maybe the problem is that the FTP server software is not completely compatible with FTPS? ftp://174.132.5.68 l: ftptest p: ftptest -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello Angus, I unplugged the network cable from the router and plugged it directly to notebook. The notebook doesn't have antivirus and firewall software. Now, when I upload the file using FTP SSL, FileZilla has the same problem with directory listing hangup. If I upload a file to my server using ICS FTP SSL module, it waits for some time and then says: Disconnected with error 425 Could not open data connection to port 56353: Connection timed out [!] So, there is a strange port involved... I have no idea what this port means, I didn't specify it anywhere. I also tried FileZilla on another computer connected directly to the network (without router), and got exactly the same result, so the problem is not computer-specific. The question is: is there anyone who saw FTP SSL client in real work? Am I the only one who has problems with FTPS or this is a known problem? Unfortunately, I couldn't upload to ics.ftptest.org, it says Error 501 Permission denied. The following servers don't seem to like anonymous users. At least I cannot log in. ARMSL> filezilla.ftptest.org ARMSL> wsftp.ftptest.org ARMSL> servu.ftptest.org ARMSL> gene6.ftptest.org ARMSL> msftp7.ftptest.org -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello Arno, Friday, February 25, 2011, 2:13:54 PM, you wrote: AG> FileZilla client supports both SFTP (over SSH using putty) and FTPS. AG> FileZilla server supports FTPS. Filezilla: Works with FTP, SFTP. Implicit FTPS doesn't work. Connects and hangs on directory listing with FTPES (explicit FTPS): Status: Resolving address of *** Status: Connecting to ***... Status: Connection established, waiting for welcome message... Response: 220-- Welcome to Pure-FTPd [privsep] [TLS] -- Response: 220-You are user number 3 of 50 allowed. Response: 220-Local time is now 05:38. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command:AUTH TLS Response: 234 AUTH TLS OK. Status: Initializing TLS... Status: Verifying certificate... Command:USER *** Status: TLS/SSL connection established. Response: 331 User *** OK. Password required Command:PASS * Response: 230-User *** has group access to: *** Response: 230 OK. Current restricted directory is / Command:PBSZ 0 Response: 200 PBSZ=0 Command:PROT P Response: 200 Data protection level set to "private" Status: Connected Status: Retrieving directory listing... Command:PWD Response: 257 "/" is your current location Command:TYPE I Response: 200 TYPE is now 8-bit binary Command:PASV Response: 227 Entering Passive Mode (*,*,*,*,202,48) Command:MLSD Error: Connection timed out Error: Failed to retrieve directory listing PS: I replaced private data with "*". -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hmmm, maybe Gmail (that I use) is at fault. SubZero On Fri, Feb 25, 2011 at 1:09 PM, Francois PIETTE wrote: > BTW, to Francois: The list has begun adding private email addresses of >> the >> senders to CC!! >> > > This is probably you mail client which does that because I don't see it > from other senders. Do you ? > > -- > francois.pie...@overbyte.be > http://www.overbyte.be > > > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be > -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Antol wrote: > Hello Francois, > > Friday, February 25, 2011, 1:26:33 PM, you wrote: > >> SFTP and FTPS are NOT the same thing ! >> SFTP use SSH (Old system implemented above telnet) >> FTPS use SSL (New system implemented using SSL/TLS) > >> ICS only implements FTPS. > > > OK, what free ftps software can you recommend to test with my server? FileZilla client supports both SFTP (over SSH using putty) and FTPS. FileZilla server supports FTPS. > As I see, the demo application connects and authenticates with SSL > fine, so it surely supports FTPS as well as SFTP. The only thing to > find out is will an alternative client execute PUT command or not. SFTP also might be "Simple File Transport Protocol" which had nothing to do with both SSL/TLS nor with SSH :) -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
BTW, to Francois: The list has begun adding private email addresses of the senders to CC!! This is probably you mail client which does that because I don't see it from other senders. Do you ? -- francois.pie...@overbyte.be http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
What about FileZilla? BTW, to Francois: The list has begun adding private email addresses of the senders to CC!! Regards, SZ On Fri, Feb 25, 2011 at 12:40 PM, Antol wrote: > Hello Francois, > > Friday, February 25, 2011, 1:26:33 PM, you wrote: > > FP> SFTP and FTPS are NOT the same thing ! > FP> SFTP use SSH (Old system implemented above telnet) > FP> FTPS use SSL (New system implemented using SSL/TLS) > > FP> ICS only implements FTPS. > > > OK, what free ftps software can you recommend to test with my server? > As I see, the demo application connects and authenticates with SSL > fine, so it surely supports FTPS as well as SFTP. The only thing to > find out is will an alternative client execute PUT command or not. > > -- > Best regards, > Antolmailto:spama...@mail.ru > > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be > -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello Francois, Friday, February 25, 2011, 1:26:33 PM, you wrote: FP> SFTP and FTPS are NOT the same thing ! FP> SFTP use SSH (Old system implemented above telnet) FP> FTPS use SSL (New system implemented using SSL/TLS) FP> ICS only implements FTPS. OK, what free ftps software can you recommend to test with my server? As I see, the demo application connects and authenticates with SSL fine, so it surely supports FTPS as well as SFTP. The only thing to find out is will an alternative client execute PUT command or not. -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Antol wrote: > Hello Francois, > > Friday, February 25, 2011, 12:24:14 PM, you wrote: > > >> Have you tried to connect the the same server from the same computer >> using another FTPS client ? > > I tried 2 FTP servers with SFTP compatibility. The first one is > as I described, the other one shows "SSH-2.0-mod_sftp/0.9.7" and > hangs. SFTP (http://en.wikipedia.org/wiki/SFTP) is not supported by the TFtpCli only FTPS (http://en.wikipedia.org/wiki/FTPS). -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
FP> Have you tried to connect the the same server from the same computer using FP> another FTPS client ? I tried 2 FTP servers with SFTP compatibility. The first one is as I described, the other one shows "SSH-2.0-mod_sftp/0.9.7" and hangs. That is the issue ! SFTP and FTPS are NOT the same thing ! SFTP use SSH (Old system implemented above telnet) FTPS use SSL (New system implemented using SSL/TLS) ICS only implements FTPS. -- francois.pie...@overbyte.be The author of the freeware multi-tier middleware MidWare The author of the freeware Internet Component Suite (ICS) http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello Francois, Friday, February 25, 2011, 12:24:14 PM, you wrote: FP> Have you tried to connect the the same server from the same computer using FP> another FTPS client ? I tried 2 FTP servers with SFTP compatibility. The first one is as I described, the other one shows "SSH-2.0-mod_sftp/0.9.7" and hangs. I tried another free SFTP client called WinSCP. It understandsh 3 protocols, FTP, SCP and SFTP. It works with both servers fine with all 3 protocols, so I can connect and upload files without any problems. -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
LastResponse was : 'Unable to establish data connection - Winsock - Connection timed out (#10060)' FP> Is your router blocking outgoing connections to all non standard ports ? The router doesn't block anything as far as I know. All FTP connections (active and passive) work when I disable ssl feature in the demo application. OK, but given the error message, the first basic thing to happen, independent of SSL doesn't occur: the connection. Since your router let the connection pass, are you sure that the remote site let the connection request pass ? Have you tried to connect the the same server from the same computer using another FTPS client ? -- francois.pie...@overbyte.be The author of the freeware multi-tier middleware MidWare The author of the freeware Internet Component Suite (ICS) http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello Francois, The router doesn't block anything as far as I know. All FTP connections (active and passive) work when I disable ssl feature in the demo application. Friday, February 25, 2011, 11:38:53 AM, you wrote: >> Actually, this is the first thing I tried, but the demo application >> hangs in passive mode when SSL is enabled. It shows the following: >> >> < 227 Entering Passive Mode (174,132,5,68,209,134) >> ! Upload Size 34.5K >> >> then it waits for a certain period of time and shows: >> >>> PASV >> >> Request 18 Done. >> StatusCode = 550 >> LastResponse was : 'Unable to establish data connection - Winsock - >> Connection timed out (#10060)' >> Error = 550 (Unable to establish data connection - Winsock - Connection >> timed out (#10060)) >> >> I don't use antiviruses and firewalls, so the result is even worse than in >> active mode. FP> Is your router blocking outgoing connections to all non standard ports ? FP> -- FP> francois.pie...@overbyte.be FP> The author of the freeware multi-tier middleware MidWare FP> The author of the freeware Internet Component Suite (ICS) FP> http://www.overbyte.be FP> -- FP> To unsubscribe or change your settings for TWSocket mailing list FP> please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket FP> Visit our website at http://www.overbyte.be -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Actually, this is the first thing I tried, but the demo application hangs in passive mode when SSL is enabled. It shows the following: < 227 Entering Passive Mode (174,132,5,68,209,134) ! Upload Size 34.5K then it waits for a certain period of time and shows: PASV Request 18 Done. StatusCode = 550 LastResponse was : 'Unable to establish data connection - Winsock - Connection timed out (#10060)' Error = 550 (Unable to establish data connection - Winsock - Connection timed out (#10060)) I don't use antiviruses and firewalls, so the result is even worse than in active mode. Is your router blocking outgoing connections to all non standard ports ? -- francois.pie...@overbyte.be The author of the freeware multi-tier middleware MidWare The author of the freeware Internet Component Suite (ICS) http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello Francois, >>> PORT 192,168,10,170,233,24 >> < 500 I won't open a connection to 192.168.10.170 (only to 95.27.199.164) >> >> How to solve this problem? FP> Use passive mode. FP> You router is probably smart enough to handle active connections but it FP> can't be smart with SSL because it can't understand the commands sent by the FP> client: they are encrypted. No problem with passive mode as all connections FP> are outgoing (Active mode has an incomming connection for data). Actually, this is the first thing I tried, but the demo application hangs in passive mode when SSL is enabled. It shows the following: < 227 Entering Passive Mode (174,132,5,68,209,134) ! Upload Size 34.5K then it waits for a certain period of time and shows: > PASV Request 18 Done. StatusCode = 550 LastResponse was : 'Unable to establish data connection - Winsock - Connection timed out (#10060)' Error = 550 (Unable to establish data connection - Winsock - Connection timed out (#10060)) I don't use antiviruses and firewalls, so the result is even worse than in active mode. -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
I use a router, so 192.168.10.170 is my local IP and 95.27.199.164 is my external IP. When I connect to my ftp server using NO SSL, everything is fine, but if I enable SslTypeAuthTls, it connects fine, but when I use PUT, I always get the following error: PORT 192,168,10,170,233,24 < 500 I won't open a connection to 192.168.10.170 (only to 95.27.199.164) How to solve this problem? Use passive mode. You router is probably smart enough to handle active connections but it can't be smart with SSL because it can't understand the commands sent by the client: they are encrypted. No problem with passive mode as all connections are outgoing (Active mode has an incomming connection for data). -- francois.pie...@overbyte.be The author of the freeware multi-tier middleware MidWare The author of the freeware Internet Component Suite (ICS) http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] SSL FTP problem?
Hello, I use a router, so 192.168.10.170 is my local IP and 95.27.199.164 is my external IP. When I connect to my ftp server using NO SSL, everything is fine, but if I enable SslTypeAuthTls, it connects fine, but when I use PUT, I always get the following error: > PORT 192,168,10,170,233,24 < 500 I won't open a connection to 192.168.10.170 (only to 95.27.199.164) How to solve this problem? -- Best regards, Antolmailto:spama...@mail.ru -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
