On Thu, Oct 1, 2009 at 10:41 AM, Vick Khera <vi...@khera.org> wrote: > I'm trying to figure out how to make my ftp service pass the PCI > security compliance (we take credit cards, so need the compliance). I > have pfSense 1.2.2 running the ftp proxy to my internal box, which is > a FreeBSD 7.2 server running the stock ftpd. > > A probe from the outside looks like this: > >>telnet 66.250.193.115 21 > USER anonymous > PASS word > PORT 66,250,193,115,21,178 > > and it responds > > 200 PORT command successful. > > In fact, it responds successful to connect to any IP and any port. >
There's quite a bit of irony in using FTP yet wanting to be PCI compliant. But to the point, what exactly is the setup you have here? NAT, public IPs routed, bridged? I get dropped when trying an invalid port. --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org