View Single Post
  #2   (View Single Post)  
Old 16th July 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

ftp uses two channels a command channel and a data channel. Each channel uses separate ports
The command channel uses port 21 as destination port. The data channel, uses a destination port >1023. For each data transfer, for example an ftp 'ls', 'get' or 'put' a new data channel is created.

The difference in active and passive ftp is is the data channel. For active ftp the server initiates a connection to the ftp client using source port 20. Because most firewalls don't allow external parties to initiate connections to the clients behind that firewall. passive ftp has been invented.
In passive ftp, the client connects to the server with a port >1023.

I don't know if you could use a proxy to get ftp working with socat and Tor.
Nowadays most ftp servers also provide httpd access so maybe that could be alternative.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote