|
Camino: I donīt know anything about how to config Norton firewall, but I can put some basic thoughts here:
If you run a ftp-server at a nonstandard port then you actively has told the server to listen on that port. Thus the firewall should admit traffic for the serverapplication and this port. Duh. The more tricky part is that the server need one more port. If you run it at port 27015 that is the port it is listening at, waiting for ppl to connect. The data port should be port x-1, in this case 27014. If you config the server not to allow PASV port theese are the only ports the server needs to work. The protocol is TCP/IP.
Then there are different ways to increase the security. If you run your server for a few well-known users you can config it only to allow communication with thoose. This is set up in two different ways where the firts one of course is by username/password, and the other one only allowing connections from theese ppls ip-numbers. Depending on what server and what firewall there might be possibilites to block other ip-numbers either by configging the server or the firewall.
When you mention connections on other prots this might be because you allow PASV mode - then the server tells each user at each connection (or event, like dir-listing, retrieving, uploading and so on) to use a specifik port. Then you have to config the firewall in accordance to this: admit the server to use any port, or ports at the intervall that you tell the server to keep PASV mode connection inside (f eks 1400-1500).
Hope this help somewhat.
.unicorn
|