Commands Ftp" Tab - Stormshield SN series Configuration Manual

Authorized transfer modes
Between the client and
the proxy
Between the proxy and
the server

"Commands FTP" tab

Proxy
Main commands
Modify write commands button: This button allows you to Pass without scanning, Block or Scan
the syntax and check that the command complies with the RFCs in force, for write commands.
Modify all commands button: This button allows you to Pass without scanning, Block or Scan
the syntax and check that the command complies with the RFCs in force, for generic commands
as well as modification commands.
Command
Action
Command type
Other commands allowed
Additional commands, limited to 21 characters, can be added and deleted when necessary.
IPS
Authorized FTP commands
FTP commands, limited to 115 characters, can be defined in the intrusion prevention module, by
clicking on Add. They are limited to 115 characters and can be deleted when needed.
Prohibited FTP commands
FTP commands, limited to 115 characters, can be prohibited in the intrusion prevention module.
Page 267/448
When the FTP client sends a request to the server, the proxy will first intercept the
request in order to analyze it. From the FTP "client"'s point of view, the proxy
corresponds to the server. This option allows defining the authorized transfer mode.
If Active only is specified, the FTP client will determine the connection port to use for
transferring data. The FTP server will then initialize the connection from its data port
(port 20) to the port specified by the client.
If Passive only is specified, the FTP server will determine the connection port to use for
transferring data (data connection) and will transmit it to the client.
If Active and passive is specified, the FTP client will be able to choose between both
transfer modes when configuring the firewall.
When the proxy has finished scanning the client request, it will transfer it to the FTP
server, which will then interpret the proxy as the FTP client. Since the proxy has an
intermediary role, it is transparent.
The authorized transfer modes are the same as for the previous option.
Name of the command.
3 authorizations possible from "Pass without scanning", "Scan" and "Block".
Indicates the type of command. "Writing" FTP commands defined in the RFCs can
cause changes in the server, such as the deletion of data or even the creation of
folders. These commands operate in the same way as for "generic" commands – you
can authorize or prohibit a command or check that the command syntax complies with
the RFC in force.
SNS - USER CONFIGURATION MANUAL V.3
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
PROTOCOLS