« NFS Stinks (initial experience) | Main | Slight Shift in Responsibilities »

June 18, 2003

Tracking FTP Ports

After installing the firewall on a machine I decided I needed just one more package from CPAN so I fired up the CPAN shell. Of course ftp is blocked, so I decided to open it temporarily to get the package and then close it. What followed is a long string of looking at the firewall logs to see what was preventing my packets from going through. I thought it was interesting, have listed the unique machine.port entries in the firewall logs.

ourmachine.35110 -> cpanmirror.21
cpanmirror.21 -> ourmachine.35110
cpanmirror.59077 -> ourmachine.113
ourmachine.113 -> cpanmirror.59077
cpanmirror.5 -> ourmachine.35111
cpanmirror.4 -> ourmachine.35113

So what I don't understand is why the remote machine is trying to communicate with port 4 and 5, it appears to be something dynamic. I can ftp to a number of other machines and successfully pull files via ftp, but for some reason this CPAN mirror is trying to use other ports. Why? I don't know, I did a search on Google to see what might turn up for "ftp port 4" but nothing significant.

Not willing to open those ports I guess I'm left in the dark about FTP and how it works, not that it's important to understand a protocol I rarely use and always block.

Posted by mike at June 18, 2003 6:00 PM