On Tue, May 28, 2002 at 07:17:38AM +0200, Raymond Leach wrote: > Neither active nor passive ftp is secure... both use (by default) plain text > passwords when authenticating. > > Active ftp requires the least number of ports to be opened through your > firewall, i.e 2 (20 and 21). > Passive ftp requires (potentially) all 'high' ports, 1024 upwards both > incoming and outgoing ...
Yes, but with Passive you get two connections opened outbound, which the ftp module should be able to keep track of anyway so you won't need to open all the high ports; which IMHO is better than Active, when a connection is opened back into the client from the server. <HUGE snip> -- FunkyJesus System Administration Team
