Your best friend for file transfer.Fetch
Does Fetch automatically do a "port scan"? (4 posts)
- Started 4 years ago by Karen
- Latest reply 4 years ago from Karen
One of our programmers was using Fetch to upload files from her Mac to our Mac server. In the middle of the upload, our virus checking software (Intego Virus Barrier) cancelled the upload because it caught a "port scan" (sign of a potential hacker). She had been uploading files before this without problem. No one else was on the server.
Does Fetch automatically do anything like a "port scan" when it's uploading a directory?
Jim Matthews Administrator
The short answer is that no, Fetch does not scan ports, but that the nature of the FTP protocol is such that uploading lots of files in a short period could be mistaken for a port scan.
The normal way that FTP works involves having the client (Fetch) open a connection to the server for each file being uploaded. The server picks which TCP port the client will connect to, picking a different port for each transfer, and often picking them in sequence (e.g. ports 49623, 49624, 49625, …). From the point of view of Intego Virus Barrier that may look like a systematic effort by a hacker to look for open ports.
I would ask Intego to see if they have a way to turn off port scan detection. Alternatively, you could see whether the programmer could use SFTP rather than FTP; it's more secure, and does not involve creating a new connection on a new port for every transfer. Finally, if none of that works, the programmer could uncheck "Use passive mode transfers (PASV)" in the General section of Fetch preferences. That reverses the direction of the FTP data connections, so the server connects back to Fetch, and therefore should avoid this issue.
Thanks for the explanation! I did write Intego about this. They told me how to restore the user's connection. I waiting to hear about how to prevent this in the future.
We'll try your suggestions!
It worked! She unchecked "Use passive mode transfers (PASV)" in Fetch, and she uploaded another directory. No problem with Virus Barrier!
- Page 1