You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by Simon Kelly <Si...@Aviatnet.com> on 2016/06/20 22:43:27 UTC

Restrict PORT to connect to original client only

Hi,

I'm looking at securing our embedded ftp server from port bounce attacks (CA-1997-27) and following the advice at https://www.cert.org/historical/advisories/CA-1997-27.cfm? I have removed the anonymous user, but I want to configure the server to only allow the PORT command to connect back to the originating client.

Is there a setting for this or is this the default behaviour?

Kind regards

Simon