What are the File Transfer Protocol and FTP Proxy?
File Transfer Protocol (FTP) is a protocol used to move files on the Internet. It is unique in that it uses two different connections. The control connection is used to send commands between the FTP client and the FTP server. File transfers are sent on a separate connection called a data connection.
FTP packet filters can handle active and passive FTP sessions without any special client configuration. Inactive mode FTP, the FTP server establishes a data connection. In passive mode, the client establishes a connection. Generally speaking, FTP user agents use active mode, and Web user agents use passive mode.
Like the FTP packet filter, the FTP proxy handles active and passive FTP sessions, but it also protects your FTP server and restricts FTP protocol commands between the client and the server. You can use an FTP proxy to:
Restrict the commands sent on the control channel
Restrict the file name or file type according to the file extension
Prevent buffer overflow attacks caused by abuse of the FTP protocol
Abnormal use of FTP commands through WatchGuard intrusion prevention service to prevent unauthorized directory traversal
After adding the FTP proxy policy to the Firebox configuration, you can access the two proxy actions included in the product. You can use these rule sets without changing them, or you can use these rule sets as the basis for rule sets to meet the needs of your organization. This module shows you how to customize these two agent operations.
This proxy operation includes a rule set that controls FTP commands launched on computers on your trusted or optional network. The FTP client application uses specific commands that the Firebox can recognize and control. Use FTP-Client operations to control the outgoing FTP traffic.
This proxy operation includes a rule set for protecting and controlling FTP commands sent to your FTP server. Use FTP-Server operations to control incoming FTP traffic.