FTP/SSL: Difference between revisions

From Prolixium Wiki
Jump to navigation Jump to search
(New page: FTP/SSL (FTPS) is essentially File Transter Protocol over TLS/SSL. Both the control and data connections are encrypted, unlike normal FTP where both are in the clear. IANA ha...)
 
No edit summary
 
Line 12: Line 12:
== External Links ==
== External Links ==


[http://tools.ietf.org/html/rfc4217 RFC 4217 - Securing FTP with TLS]
* [http://tools.ietf.org/html/rfc4217 RFC 4217 - Securing FTP with TLS]
[http://www.iana.org/assignments/port-numbers IANA Port Assignments]
* [http://www.iana.org/assignments/port-numbers IANA Port Assignments]

Latest revision as of 19:28, 21 August 2008

FTP/SSL (FTPS) is essentially File Transter Protocol over TLS/SSL. Both the control and data connections are encrypted, unlike normal FTP where both are in the clear. IANA has assigned the following port numbers to FTPS:

ftps-data	989/tcp    ftp protocol, data, over TLS/SSL
ftps-data	989/udp    ftp protocol, data, over TLS/SSL
ftps		990/tcp    ftp protocol, control, over TLS/SSL
ftps		990/udp    ftp protocol, control, over TLS/SSL

Firewall Problems

As Wikipedia states, FTPS causes several problems with firewalls, since the ALGs cannot glean the port number issued in the PORT command to dynamically open up a child session for the data connection. Normally passive mode will work around this, if outbound connectivity to all ports above 1024 are allowed to the server. If this is not the case, passive mode will not work, either, and all TCP ports above 1024 will need to be opened.

External Links