{"id":6,"date":"2011-04-22T09:05:05","date_gmt":"2011-04-22T09:05:05","guid":{"rendered":"http:\/\/plugged.in\/?p=6"},"modified":"2011-04-22T09:05:05","modified_gmt":"2011-04-22T09:05:05","slug":"ephemeral-port-range-for-ftp","status":"publish","type":"post","link":"https:\/\/www.veriteknik.net.tr\/en\/ephemeral-port-range-for-ftp\/","title":{"rendered":"Ephemeral port range for FTP"},"content":{"rendered":"<p>The standart linux distrubition calls that the ephemeral port range be between 1024 and 4999. We we all know that some of these ports are used for other more importand applications than FTP. So security is an issue because leaving those original ports open leads to major security holes. Rather than openning ports that need higher security for FTP we will change the port range. With this modified port range you can open your firewall to ports that do not have any use but PASV FTP.<\/p>\n<p>First find out what the defined port range is<\/p>\n<blockquote><p># cat \/proc\/sys\/net\/ipv4\/ip_local_port_range<br \/>\n1024 4999<\/p><\/blockquote>\n<p>Know select the port range that you wan, I will define a port range of my desire but this is up to the network admin.<br \/>\nTo change the port range you have two option<\/p>\n<p>Edit with nano or vi \/proc\/sys\/net\/ipv4\/ip_local_port_range<br \/>\nOr<\/p>\n<blockquote><p>echo &#8220;55001 65535&#8221; &gt; \/proc\/sys\/net\/ipv4\/ip_local_port_range<\/p><\/blockquote>\n<p>These will both change the port, chech this with # cat \/proc\/sys\/net\/ipv4\/ip_local_port_range<\/p>\n<p>To make these changes permanent as these definitions will vanish on every reboot you need to put a script in \/etc\/sysctl.conf<\/p>\n<p>Nano or vi \/etc\/sysctl.conf<br \/>\nAdd<\/p>\n<blockquote><p># Controls Ephemeral Port Range (this is for the admin to remember what it is)<br \/>\nnet.ipv4.ip_local_port_range = 55001 65535<\/p><\/blockquote>\n<p>Save<br \/>\nExit<br \/>\nReboot (if you like)<br \/>\nAnd you are done!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The standart linux distrubition calls that the ephemeral port range be between 1024 and 4999. We we all know that some of these ports are used for other more importand applications than FTP. So security is an issue because leaving those original ports open leads to major security holes. Rather than openning ports that need [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","footnotes":""},"categories":[372],"tags":[393,390,394],"yst_prominent_words":[1616,1618,1619,1620,1614,1621,1171,1613,1178,1609,1608,1622,1612,1610,1617,1623,1611,1624,1615,144],"class_list":["post-6","post","type-post","status-publish","format-standard","hentry","category-linux_help","tag-ephemeral","tag-ftp","tag-port"],"jetpack_featured_media_url":"","uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"ckaraca","author_link":"https:\/\/www.veriteknik.net.tr\/en\/author\/ckaraca\/"},"uagb_comment_info":0,"uagb_excerpt":"The standart linux distrubition calls that the ephemeral port range be between 1024 and 4999. We we all know that some of these ports are used for other more importand applications than FTP. So security is an issue because leaving those original ports open leads to major security holes. Rather than openning ports that need&hellip;","_links":{"self":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/posts\/6","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/comments?post=6"}],"version-history":[{"count":0,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/posts\/6\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/media?parent=6"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/categories?post=6"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/tags?post=6"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/www.veriteknik.net.tr\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=6"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}