Web Appliance (Read Only)

Discussions FTP downloads

Web Appliance (Read Only) requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 7 replies
Subscribers 0 subscribers
Views 20563 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FTP downloads

jongers over 13 years ago

Hi,

Just a quick post regarding FTP downloads on a WS1000. Does the web appliance scan the download like it does with http downloads?

Thanks

Jonathan

This thread was automatically locked due to age.

Parents

0 TomA over 13 years ago

Hi Ryan,
Unfortunately it's a bit more complicated than that because the appliance can't intercept native FTP traffic. It's not really the port thats the problem - it's the protocol.
An FTP program like FileZilla by default won't use a HTTP proxy - it will do native FTP. Even if this native FTP traffic went through the web appliance we wouldn't know how to filter it - so downloads won't be scanned. Of course programs like FileZilla can be configured to use a HTTP proxy for FTP downloads, but this would be a manual change.
This isn't usually such a problem with a web browser. For example, if you check your proxy settings in Internet Explorer (Tools > Internet Options > Connections > Lan Settings > Advanced) you'll notice there is an FTP setting. If you have a proxy configured, this FTP setting will also usually be setup for you.
The result is that when you type 'ftp://example.somewhere.tld/directory/file.txt' in Internet Explorer the download is scanned. This is becasuse it isn't really downloaded via the native FTP protocol - it's actually downloaded via HTTP.
So if you want FTP downloads scanned it's a good idea to use a web browser for downloads. Alternatively you would need to make sure the FTP program (eg. FileZilla) is correctly setup.
I hope this helps to clear things up - feel free to call our support teams if you need more specific help with this.
Thanks,
Tom.
:16115
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 TomA over 13 years ago

Hi Ryan,
Unfortunately it's a bit more complicated than that because the appliance can't intercept native FTP traffic. It's not really the port thats the problem - it's the protocol.
An FTP program like FileZilla by default won't use a HTTP proxy - it will do native FTP. Even if this native FTP traffic went through the web appliance we wouldn't know how to filter it - so downloads won't be scanned. Of course programs like FileZilla can be configured to use a HTTP proxy for FTP downloads, but this would be a manual change.
This isn't usually such a problem with a web browser. For example, if you check your proxy settings in Internet Explorer (Tools > Internet Options > Connections > Lan Settings > Advanced) you'll notice there is an FTP setting. If you have a proxy configured, this FTP setting will also usually be setup for you.
The result is that when you type 'ftp://example.somewhere.tld/directory/file.txt' in Internet Explorer the download is scanned. This is becasuse it isn't really downloaded via the native FTP protocol - it's actually downloaded via HTTP.
So if you want FTP downloads scanned it's a good idea to use a web browser for downloads. Alternatively you would need to make sure the FTP program (eg. FileZilla) is correctly setup.
I hope this helps to clear things up - feel free to call our support teams if you need more specific help with this.
Thanks,
Tom.
:16115
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data