Cisco Firewalls > Application Inspection > FTP Inspection in the Zone Policy Firewall - Pg. : Safari Books Online

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

This Book

Cisco Firewalls

Cisco Firewalls

Search

Contents

Table of Contents

About the Author

About the Technical Reviewers

Acknowledgments

Icons Used in This Book

Command Syntax Conventions

Ch. 1. Firewalls and Network Security

Ch. 2. Cisco Firewall Families Overview

Ch. 3. Configuration Fundamentals

Ch. 4. Learn the Tools. Know the Firewall

Ch. 5. Firewalls in the Network Topology

Ch. 6. Virtualization in the Firewall World

Ch. 7. Through ASA Without NAT

Ch. 8. Through ASA Using NAT

Ch. 9. Classic IOS Firewall Overview

Ch. 10. IOS Zone Policy Firewall Overview

Ch. 11. Additional Protection Mechanisms

Ch. 12. Application Inspection

Inspection Capabilities in the Classic IOS Firewall

Application Inspection in the Zone Policy Firewall

DNS Inspection in the Zone Policy Firewall

FTP Inspection in the Zone Policy Firewall

HTTP Inspection in the Zone Policy Firewall

IM Inspection in the Zone Policy Firewall

Overview of ASA Application Inspection

DNS Inspection in ASA

FTP Inspection in ASA

HTTP Inspection in ASA

Inspection of IM and Tunneling Traffic in ASA

Botnet Traffic Filtering in ASA

Further Reading

Ch. 13. Inspection of Voice Protocols

Ch. 14. Identity on Cisco Firewalls

Ch. 15. Firewalls and IP Multicast

Ch. 16. Cisco Firewalls and IPv6

Ch. 17. Firewall Interactions

NAT and ACL Changes in ASA 8.3

URL

Help

FTP Inspection in the Zone Policy Firewall

Figure 12-4 revisits the two modes of operation for the File Transfer Protocol (FTP):

Active mode: The client opens a control connection on TCP port 21 and negotiates a data port using the PORT command. After accepting the port proposed by the client, the server opens a data connection to it (using TCP/20 as source port).
Passive mode: The client requests Passive mode operation by issuing the PASV command over the control connection on TCP port 21. The server suggests a data port, to which the client must connect (using a second source port, randomly selected).

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial