AtGuard/NIS Application Setting/Rules
FTP Client
| Rule xx |
Your FTP Client FTP File Transfer |
| Category: |
File Transfer |
| Rule in use: |
Yes |
| Logging: |
No |
| Protocol: |
TCP |
| Action: |
Permit |
| Direction: |
Outbound |
| Application: |
(Your FTP Client) |
| ..........Path: |
c:\program files\yourftpclient\xxxxx.exe |
| .......SHA1: |
xx xx xx xx xx xx xx |
| Local Service: |
(1024 - 5000) |
| ...Range Begin: |
1024 |
| .....Range End: |
5000 |
| Local Address: |
Any Address |
| Remote Service: |
|
| ..........Port: |
21 |
| Remote Address: |
(IPGroup xx) |
| ............IP: |
xxx.xxx.xxx.xxx |
| ............IP: |
xxx.xxx.xxx.xxx |
| Rule xx |
Your FTP Client FTP Data Transfer |
| Category: |
File Transfer |
| Rule in use: |
Yes |
| Logging: |
No |
| Protocol: |
TCP |
| Action: |
Permit |
| Direction: |
Inbound |
| Application: |
(Your FTP Client) |
| ..........Path: |
c:\program files\yourftpclient\xxxxx.exe |
| .......SHA1: |
xx xx xx xx xx xx xx |
| Local Service: |
(1024 - 5000) |
| ...Range Begin: |
1024 |
| .....Range End: |
5000 |
| Local Address: |
Any Address |
| Remote Service: |
|
| ..........Port: |
20 |
| ..........Port: |
|
| Remote Address: |
(IPGroup xx) |
| ............IP: |
xxx.xxx.xxx.xxx |
| ............IP: |
xxx.xxx.xxx.xxx |
***Note: Example of required rules for an FTP client. These examples for active FTP restrict the client to specific remote addresses. Because this rule permits inbound traffic, it is best to restrict it to specific trusted remote addresses.
| Rule xx |
Your FTP Client Data Transfer |
| Category: |
File Transfer |
| Rule in use: |
Yes |
| Logging: |
No |
| Protocol: |
TCP |
| Action: |
Permit |
| Direction: |
Outbound |
| Application: |
(Your FTP Client) |
| ..........Path: |
c:\program files\yourftpclient\xxxxx.exe |
| .......SHA1: |
xx xx xx xx xx xx xx |
| Local Service: |
Any Service |
| Local Address: |
Any Address |
| Remote Service: |
(1024 - 65535) |
| ...Range Begin: |
1024 |
| .....Range End: |
65535 |
| Remote Address: |
(IPGroup xx) |
| ............IP: |
xxx.xxx.xxx.xxx |
| ............IP: |
xxx.xxx.xxx.xxx |
***Note: Example of additional rule that may be required for an FTP client using passive mode. This rule could be logged to determine exactly what range your client uses. This example also restricts the client to specific remote addresses. All these FTP rules could also be used for your browser if you use it for file transfer. Be aware if you use this rule that it allows the application outbound to a wide range of remote ports and why it is best to restrict it specific trusted remote addresses. (NIS uses this rule by default in automatic rules for FTP clients and browsers to any remote address)
| Rule xx |
Your FTP Client Auth/Ident |
| Category: |
File Transfer |
| Rule in use: |
Yes |
| Logging: |
No |
| Protocol: |
TCP |
| Action: |
Permit |
| Direction: |
Inbound |
| Application: |
(Your FTP Client) |
| ..........Path: |
c:\program files\yourftpclient\xxxxx.exe |
| .......SHA1: |
xx xx xx xx xx xx xx |
| Local Service: |
|
| ..............Port: |
113 |
| Local Address: |
Any Address |
| Remote Service: |
Any Service |
| Remote Address: |
(IPGroup xx) |
| ......................IP: |
xxx.xxx.xxx.xxx |
| ......................IP: |
xxx.xxx.xxx.xxx |
***Note: Some FTP servers will use Authentication/Ident when connecting to their service. Not allowing (blocking) this will usually slow down the connection to the service. Allow this service to those specific sites (addresses) that require it. This service can alternately be permitted globally in System Wide Settings .
| Top |
Contributors: CrazyM
Last updated: 2003-04-25
|