FTP connection timedout when Vista Windows Defender active

October 20, 2008

Hi,

Since few years, I'm developping a professionnal software.

I want to make it work on Vista SP1, with Windows Defender active.

WITHOUT windows defender, it's OK.

With Windows Defender active, I've got a FTP error (error nÂ°10060: The

current connection has timedout).

With Windows Defender active, FTP commands are working in a command

console

I've add an inbound and an outbound rule in windows defender to open port 20

& 21 but nothing change...

My application is using a COM object to do FTP.

Please can you help me to make my application work ???

October 20, 2008

"Golard" wrote:

> Hi,

> Since few years, I'm developping a professionnal software.

> I want to make it work on Vista SP1, with Windows Defender active.

>

> WITHOUT windows defender, it's OK.

> With Windows Defender active, I've got a FTP error (error nÃ‚Â°10060: The

> current connection has timedout).

> With Windows Defender active, FTP commands are working in a command

> console

>

> I've add an inbound and an outbound rule in windows defender to open port 20

> & 21 but nothing change...

> My application is using a COM object to do FTP.

>

> Please can you help me to make my application work ???

>

>

French traduction:

Pour maximiser mes chances de rÃƒÂ©ponses, voici la traduction franÃƒÂ§aise de mon

message:

Salut,

Je dÃƒÂ©veloppe un programme "professionnel" depuis plusieures annÃƒÂ©es.

Je dÃƒÂ©sire aujourd'hui le faire fonctionner sous Vista SP1, avec le pare-feu

Windows Defender actif.

SANS windows defender, tout fonctionne.

Avec windows defender actif, j'ai une erreur FTP (error nÃ‚Â°10060: The

current connection has timedout).

Toujours avec windows defender actif, les commandes FTP fonctionnent en

utilisant l'invite de commandes MSDOS.

J'ai essayÃƒÂ© d'ajouter des rÃƒÂ¨gles entrantes et sortantes dans windows

defender pour ouvrir les ports 20 & 21, mais ÃƒÂ§a ne change rien...

Mon application utilise un composant tiers de type "COM object" pour le FTP.

SVP pouvez-vous m'aider ÃƒÂ paramÃƒÂ©trer windows defender ???

October 21, 2008

"Golard" wrote:

> Hi,

> Since few years, I'm developping a professionnal software.

> I want to make it work on Vista SP1, with Windows Defender active.

>

> WITHOUT windows defender, it's OK.

> With Windows Defender active, I've got a FTP error (error nÃ‚Â°10060: The

> current connection has timedout).

> With Windows Defender active, FTP commands are working in a command

> console

>

> I've add an inbound and an outbound rule in windows defender to open port 20

> & 21 but nothing change...

> My application is using a COM object to do FTP.

>

> Please can you help me to make my application work ???

>

>

Are you sure you're talking about the right program? Are you talking about

the Windows Firewall and not Windows Defender?

I can't see where Windows Defender would be concerned with FTP ports.

October 21, 2008

"Ollis" <No@No.com> a Ã©crit dans le message de news:

299CEA9C-47D9-4A1C-A86A-C87997A79DAD@microsoft.com...

>

> "Golard" wrote:

>

> > Hi,

> > Since few years, I'm developping a professionnal software.

> > I want to make it work on Vista SP1, with Windows Defender active.

> >

> > WITHOUT windows defender, it's OK.

> > With Windows Defender active, I've got a FTP error (error nÂ°10060: The

> > current connection has timedout).

> > With Windows Defender active, FTP commands are working in a command

> > console

> >

> > I've add an inbound and an outbound rule in windows defender to open

port 20

> > & 21 but nothing change...

> > My application is using a COM object to do FTP.

> >

> > Please can you help me to make my application work ???

> >

> >

>

> Are you sure you're talking about the right program? Are you talking about

> the Windows Firewall and not Windows Defender?

>

> I can't see where Windows Defender would be concerned with FTP ports.

>

"Windows Defender" is the name of the new Windows Vista firewall.

Of course Windows Defender control TCP and UDP ports and many other things.

Does anybody know HOW to setup windows defender concerning my problem above

?

October 21, 2008

"Golard" wrote:

>

> "Ollis" <No@No.com> a ÃƒÂ©crit dans le message de news:

> 299CEA9C-47D9-4A1C-A86A-C87997A79DAD@microsoft.com...

> >

> > "Golard" wrote:

> >

> > > Hi,

> > > Since few years, I'm developping a professionnal software.

> > > I want to make it work on Vista SP1, with Windows Defender active.

> > >

> > > WITHOUT windows defender, it's OK.

> > > With Windows Defender active, I've got a FTP error (error nÃ‚Â°10060: The

> > > current connection has timedout).

> > > With Windows Defender active, FTP commands are working in a command

> > > console

> > >

> > > I've add an inbound and an outbound rule in windows defender to open

> port 20

> > > & 21 but nothing change...

> > > My application is using a COM object to do FTP.

> > >

> > > Please can you help me to make my application work ???

> > >

> > >

> >

> > Are you sure you're talking about the right program? Are you talking about

> > the Windows Firewall and not Windows Defender?

> >

> > I can't see where Windows Defender would be concerned with FTP ports.

> >

>

> "Windows Defender" is the name of the new Windows Vista firewall.

> Of course Windows Defender control TCP and UDP ports and many other things.

> Does anybody know HOW to setup windows defender concerning my problem above

> ?

http://en.wikipedia.org/wiki/Windows_Defender

http://www.microsoft.com/windows/windows-v...s/firewall.aspx

http://whitepapers.silicon.com/0,39024759,60265463p,00.htm

So which one are you talking about the Vista FW, Onecare's FW, or Windows

Defender?

October 21, 2008

"Ollis" <No@No.com> a Ã©crit dans le message de news:

6816DFA9-87F5-4351-899F-A5F92405CC5D@microsoft.com...

>

> "Golard" wrote:

>

> >

> > "Ollis" <No@No.com> a Ã©crit dans le message de news:

> > 299CEA9C-47D9-4A1C-A86A-C87997A79DAD@microsoft.com...

> > >

> > > "Golard" wrote:

> > >

> > > > Hi,

> > > > Since few years, I'm developping a professionnal software.

> > > > I want to make it work on Vista SP1, with Windows Defender active.

> > > >

> > > > WITHOUT windows defender, it's OK.

> > > > With Windows Defender active, I've got a FTP error (error nÂ°10060:

The

> > > > current connection has timedout).

> > > > With Windows Defender active, FTP commands are working in a

command

> > > > console

> > > >

> > > > I've add an inbound and an outbound rule in windows defender to open

> > port 20

> > > > & 21 but nothing change...

> > > > My application is using a COM object to do FTP.

> > > >

> > > > Please can you help me to make my application work ???

> > > >

> > >

> > > Are you sure you're talking about the right program? Are you talking

about

> > > the Windows Firewall and not Windows Defender?

> > >

> > > I can't see where Windows Defender would be concerned with FTP ports.

> > >

> >

> > "Windows Defender" is the name of the new Windows Vista firewall.

> > Of course Windows Defender control TCP and UDP ports and many other

things.

> > Does anybody know HOW to setup windows defender concerning my problem

above

> > ?

>

> http://en.wikipedia.org/wiki/Windows_Defender

> http://www.microsoft.com/windows/windows-v...s/firewall.aspx

> http://whitepapers.silicon.com/0,39024759,60265463p,00.htm

>

> So which one are you talking about the Vista FW, Onecare's FW, or Windows

> Defender?

Ok, it appears that "Windows Defender" may be not the name of Vista FW...

So I'm talking about VISTA FIREWALL (include in Vista environment).

Maybe I will have more answers with this correction !!!

Can you help me Ollis ?

October 21, 2008

"Golard" wrote:

>

> "Ollis" <No@No.com> a ÃƒÂ©crit dans le message de news:

> 6816DFA9-87F5-4351-899F-A5F92405CC5D@microsoft.com...

> >

> > "Golard" wrote:

> >

> > >

> > > "Ollis" <No@No.com> a ÃƒÂ©crit dans le message de news:

> > > 299CEA9C-47D9-4A1C-A86A-C87997A79DAD@microsoft.com...

> > > >

> > > > "Golard" wrote:

> > > >

> > > > > Hi,

> > > > > Since few years, I'm developping a professionnal software.

> > > > > I want to make it work on Vista SP1, with Windows Defender active.

> > > > >

> > > > > WITHOUT windows defender, it's OK.

> > > > > With Windows Defender active, I've got a FTP error (error nÃ‚Â°10060:

> The

> > > > > current connection has timedout).

> > > > > With Windows Defender active, FTP commands are working in a

> command

> > > > > console

> > > > >

> > > > > I've add an inbound and an outbound rule in windows defender to open

> > > port 20

> > > > > & 21 but nothing change...

> > > > > My application is using a COM object to do FTP.

> > > > >

> > > > > Please can you help me to make my application work ???

> > > > >

> > > >

> > > > Are you sure you're talking about the right program? Are you talking

> about

> > > > the Windows Firewall and not Windows Defender?

> > > >

> > > > I can't see where Windows Defender would be concerned with FTP ports.

> > > >

> > >

> > > "Windows Defender" is the name of the new Windows Vista firewall.

> > > Of course Windows Defender control TCP and UDP ports and many other

> things.

> > > Does anybody know HOW to setup windows defender concerning my problem

> above

> > > ?

> >

> > http://en.wikipedia.org/wiki/Windows_Defender

> > http://www.microsoft.com/windows/windows-v...s/firewall.aspx

> > http://whitepapers.silicon.com/0,39024759,60265463p,00.htm

> >

> > So which one are you talking about the Vista FW, Onecare's FW, or Windows

> > Defender?

>

> Ok, it appears that "Windows Defender" may be not the name of Vista FW...

> So I'm talking about VISTA FIREWALL (include in Vista environment).

> Maybe I will have more answers with this correction !!!

> Can you help me Ollis ?

>

http://support.microsoft.com/kb/947709

It's not your FTP COM object that it's talking about, but it does talk about

how to open the FTP port by setting a FW rule using Netsh at the Command

Prompt.

<http://blogs.iis.net/jaroslad/archive/2007/09/29/windows-firewall-setup-for-microsoft-ftp-publishing-service-for-iis-7-0.aspx>

Are you trying to access the FTP service over the Internet? Is there a

router or firewall appliance that also needs the FTP ports open, if trying to

access the FTP over the Internet?

Are you in a LAN situation that you can use another machine on the LAN to

access the FTP server running on the host machine?

October 21, 2008

Diagnostics of Fire Wall problems, remotely, is extremely difficult,

frustrating and generally requires repeated "back and forth", repetitive

questioning.

From your reported attempts to resolve the problem, I am somewhat confident

that You know your way around the OS, so maybe the steps listed below may

help you find or at least narrow down possible solutions to the problem.

(This troubleshooting technique pretty much outlines the steps I would take

in chasing this issue). Bonheur

One of the security features included with Windows Vista (and Windows XP

Service Pack 2) is the Windows Firewall. It is a built in firewall component

that is designed to protect your computer when connected to an un-trusted

network such as the Internet. Because of the importance a firewall plays in

protecting your computer, it is enabled by default when you install Vista.

You may want to take this one step further and monitor the type of traffic

that is being discarded by your firewall. This can be done by enabling

security logging using the steps outlined below.

1. Click Start, All Programs, and Administrative Tools.

2. Select Windows Firewall with Advanced Security.

3. Click Windows Firewall Properties.

4. Click one of the profile tabs, such as Public Profile.

5. Click the Customize button within the Logging area.

6. Enable firewall logging from the dialog box that appears.

7. Click OK.

"Golard" <laurent.je.gaillard@hotmail.fr> wrote in message

news:ez$BvMrMJHA.740@TK2MSFTNGP03.phx.gbl...

> Hi,

> Since few years, I'm developping a professionnal software.

> I want to make it work on Vista SP1, with Windows Defender active.

>

> WITHOUT windows defender, it's OK.

> With Windows Defender active, I've got a FTP error (error nÂ°10060: The

> current connection has timedout).

> With Windows Defender active, FTP commands are working in a command

> console

>

> I've add an inbound and an outbound rule in windows defender to open port

> 20

> & 21 but nothing change...

> My application is using a COM object to do FTP.

>

> Please can you help me to make my application work ???

>

>

October 21, 2008

"Ollis" <No@No.com> a Ã©crit dans le message de news:

3CC7D1DD-29C8-404A-B1E3-67C3112F761C@microsoft.com...

>

> "Golard" wrote:

>

> >

> > "Ollis" <No@No.com> a Ã©crit dans le message de news:

> > 6816DFA9-87F5-4351-899F-A5F92405CC5D@microsoft.com...

> > >

> > > "Golard" wrote:

> > >

> > > >

> > > > "Ollis" <No@No.com> a Ã©crit dans le message de news:

> > > > 299CEA9C-47D9-4A1C-A86A-C87997A79DAD@microsoft.com...

> > > > >

> > > > > "Golard" wrote:

> > > > >

> > > > > > Hi,

> > > > > > Since few years, I'm developping a professionnal software.

> > > > > > I want to make it work on Vista SP1, with Windows Defender

active.

> > > > > >

> > > > > > WITHOUT windows defender, it's OK.

> > > > > > With Windows Defender active, I've got a FTP error (error

nÂ°10060:

> > The

> > > > > > current connection has timedout).

> > > > > > With Windows Defender active, FTP commands are working in a

> > command

> > > > > > console

> > > > > >

> > > > > > I've add an inbound and an outbound rule in windows defender to

open

> > > > port 20

> > > > > > & 21 but nothing change...

> > > > > > My application is using a COM object to do FTP.

> > > > > >

> > > > > > Please can you help me to make my application work ???

> > > > > >

> > > > >

> > > > > Are you sure you're talking about the right program? Are you

talking

> > about

> > > > > the Windows Firewall and not Windows Defender?

> > > > >

> > > > > I can't see where Windows Defender would be concerned with FTP

ports.

> > > > >

> > > >

> > > > "Windows Defender" is the name of the new Windows Vista firewall.

> > > > Of course Windows Defender control TCP and UDP ports and many other

> > things.

> > > > Does anybody know HOW to setup windows defender concerning my

problem

> > above

> > > > ?

> > >

> > > http://en.wikipedia.org/wiki/Windows_Defender

> > > http://www.microsoft.com/windows/windows-v...s/firewall.aspx

> > > http://whitepapers.silicon.com/0,39024759,60265463p,00.htm

> > >

> > > So which one are you talking about the Vista FW, Onecare's FW, or

Windows

> > > Defender?

> >

> > Ok, it appears that "Windows Defender" may be not the name of Vista

FW...

> > So I'm talking about VISTA FIREWALL (include in Vista environment).

> > Maybe I will have more answers with this correction !!!

> > Can you help me Ollis ?

> >

>

> http://support.microsoft.com/kb/947709

>

> It's not your FTP COM object that it's talking about, but it does talk

about

> how to open the FTP port by setting a FW rule using Netsh at the Command

> Prompt.

>

>

<http://blogs.iis.net/jaroslad/archive/2007...ewall-setup-for

-microsoft-ftp-publishing-service-for-iis-7-0.aspx>

>

> Are you trying to access the FTP service over the Internet? Is there a

> router or firewall appliance that also needs the FTP ports open, if trying

to

> access the FTP over the Internet?

>

> Are you in a LAN situation that you can use another machine on the LAN to

> access the FTP server running on the host machine?

>

>

Thank you for your informations.

I have already try to use "netsh advfirewall firewall add ..." to open ports

20 & 21, but it doesn't change anything.

I use already "netsh advfirewall firewall add ..." to allow ICMPv4 echo

request to allow ping in and outbound, and it works.

I use also already "netsh advfirewall firewall add ..." to allow my

apllication to communicate in and outbound.

I think ports 20 & 21 are now open BUT it's maybe not the source of my

problem...

Let me mention again that I've got a FTP timedout connexion when vista

firewall is active, and that it works when it's deactivate.

To answer your questions, my application use FTP to transfert configuration

files between the PC and electronic devices (which are linux pcs also

developped in my company) on a LOCAL network (most of the time dedicated to

our system). So, nothing to do with internet connexion via a host machine.

My application use a COM object to do FTP (FTPX from "Mabry software" which

unfortunately is not support anymore) and I find in the documentation that

it "does not support SSL" (Secure Socket Layers). But I don't know what does

it mean... Do you think it can have something to do with my timedout problem

through the vista firewall ???

Thanks for your help

October 21, 2008

"Golard" wrote:

> Thank you for your informations.

>

> I have already try to use "netsh advfirewall firewall add ..." to open ports

> 20 & 21, but it doesn't change anything.

> I use already "netsh advfirewall firewall add ..." to allow ICMPv4 echo

> request to allow ping in and outbound, and it works.

> I use also already "netsh advfirewall firewall add ..." to allow my

> apllication to communicate in and outbound.

>

> I think ports 20 & 21 are now open BUT it's maybe not the source of my

> problem...

> Let me mention again that I've got a FTP timedout connexion when vista

> firewall is active, and that it works when it's deactivate.

>

> To answer your questions, my application use FTP to transfert configuration

> files between the PC and electronic devices (which are linux pcs also

> developped in my company) on a LOCAL network (most of the time dedicated to

> our system). So, nothing to do with internet connexion via a host machine.

>

> My application use a COM object to do FTP (FTPX from "Mabry software" which

> unfortunately is not support anymore) and I find in the documentation that

> it "does not support SSL" (Secure Socket Layers). But I don't know what does

> it mean... Do you think it can have something to do with my timedout problem

> through the vista firewall ???

>

I don't know what to tell you. On one hand, you say that this FTP solution

works with the Vista FW down. On the other hand you say that it doesn't work

with the Vista FW up.

I would say that the issue may be at the FW, still.

If the host machine has IIS7 and you can enable the FTP server, I would test

that you can make contact with FTP that way, or you could install a 3rd party

FTP server like Filezilla for Vista and check-out the FTP ports 20 and 21

that way to see if things work.

If that works, then I guess it's back to this program you have hosting your

FTP COM object.

October 23, 2008

"Beoweolf" <zenner@zenner-assc.com> a Ã©crit dans le message de news:

CF6995A8-ECB9-431F-9D1A-6E4B0810D159@microsoft.com...

> Diagnostics of Fire Wall problems, remotely, is extremely difficult,

> frustrating and generally requires repeated "back and forth", repetitive

> questioning.

>

> From your reported attempts to resolve the problem, I am somewhat

confident

> that You know your way around the OS, so maybe the steps listed below may

> help you find or at least narrow down possible solutions to the problem.

>

> (This troubleshooting technique pretty much outlines the steps I would

take

> in chasing this issue). Bonheur

>

> One of the security features included with Windows Vista (and Windows XP

> Service Pack 2) is the Windows Firewall. It is a built in firewall

component

> that is designed to protect your computer when connected to an un-trusted

> network such as the Internet. Because of the importance a firewall plays

in

> protecting your computer, it is enabled by default when you install Vista.

>

> You may want to take this one step further and monitor the type of traffic

> that is being discarded by your firewall. This can be done by enabling

> security logging using the steps outlined below.

>

> 1. Click Start, All Programs, and Administrative Tools.

> 2. Select Windows Firewall with Advanced Security.

> 3. Click Windows Firewall Properties.

> 4. Click one of the profile tabs, such as Public Profile.

> 5. Click the Customize button within the Logging area.

> 6. Enable firewall logging from the dialog box that appears.

> 7. Click OK.

>

Hi Beowolf and thank you for the idea of enabling the log.

What I did:

Log enabling in the 3 firewall profiles tabs.

Activate Vista Firewall

Activate all my inbound and outbound rules (allow for my application, for

ICMPv4 ping, 20 & 21 ports for FTP)

Activate dynamically open ports for FTP data connections (set global

statefulFTP enable)

Launch my application ==> FTP connexion timedout

The ONLY LINE I find in the log which seems to concern FTP is :

action=allow

protocol=TCP

src-ip= PC application IP (192.168.200.100)

dst-ip = target device IP (192.168.200.3)

src-port=49183 ?

dst-port=21 (ok it's FTP command port, I suppose for the connexion)

path= SEND

There is NO lines coming from the target device (192.168.200.3) after the

line above.

After this I made again tests with vista FW disable:

When I deactivate the vista firewall, FTP connexion and files tranfert os

OK (but no log of course...)

When I activate the visat firewall, AND allow all incoming and outbound

connexions for each of the 3 firewall profiles, I have again the timedout.

What is the conclusion ? Does it means that it's not a firewall RULE

problem... but something else in the firewall ?

Do you know what can block my FTP connexion in the firewall when I allow all

in and out connexion ?

October 23, 2008

"Ollis" <No@No.com> a Ã©crit dans le message de news:

2110256E-8A5B-4651-A8A1-586116BF844F@microsoft.com...

>

> "Golard" wrote:

>

> > Thank you for your informations.

> >

> > I have already try to use "netsh advfirewall firewall add ..." to open

ports

> > 20 & 21, but it doesn't change anything.

> > I use already "netsh advfirewall firewall add ..." to allow ICMPv4 echo

> > request to allow ping in and outbound, and it works.

> > I use also already "netsh advfirewall firewall add ..." to allow my

> > apllication to communicate in and outbound.

> >

> > I think ports 20 & 21 are now open BUT it's maybe not the source of my

> > problem...

> > Let me mention again that I've got a FTP timedout connexion when vista

> > firewall is active, and that it works when it's deactivate.

> >

> > To answer your questions, my application use FTP to transfert

configuration

> > files between the PC and electronic devices (which are linux pcs also

> > developped in my company) on a LOCAL network (most of the time dedicated

to

> > our system). So, nothing to do with internet connexion via a host

machine.

> >

> > My application use a COM object to do FTP (FTPX from "Mabry software"

which

> > unfortunately is not support anymore) and I find in the documentation

that

> > it "does not support SSL" (Secure Socket Layers). But I don't know what

does

> > it mean... Do you think it can have something to do with my timedout

problem

> > through the vista firewall ???

> >

>

> I don't know what to tell you. On one hand, you say that this FTP solution

> works with the Vista FW down. On the other hand you say that it doesn't

work

> with the Vista FW up.

>

> I would say that the issue may be at the FW, still.

>

> If the host machine has IIS7 and you can enable the FTP server, I would

test

> that you can make contact with FTP that way, or you could install a 3rd

party

> FTP server like Filezilla for Vista and check-out the FTP ports 20 and 21

> that way to see if things work.

>

> If that works, then I guess it's back to this program you have hosting

your

> FTP COM object.

>

>

Hi Ollis and thank you for your help!

I'll try the FTP server today if I've time, and of course I will tell you as

soon as I will have the result.

Before this, I have maybe a new information you can read in my Beowolf

answer.

Here is an ABSTRACT:

(...)

When I deactivate the vista firewall, FTP connexion and files tranfert os

OK (but no log of course...)

When I activate the visat firewall, AND allow all incoming and outbound

connexions for each of the 3 firewall profiles, I have again the timedout.

(...)

I am now wondering about what can block my FTP connexion when ALL incoming

and outbound connexions are allowed by the Firewall !

What is sure is that it's SOMETHING IN THE FIREWALL !

Have you got ideas ?

October 23, 2008

> J'ai essayÃƒÂ© d'ajouter des rÃƒÂ¨gles entrantes et sortantes dans windows

> defender pour ouvrir les ports 20 & 21, mais ÃƒÂ§a ne change rien...

Ici (clients et serveur ftp) TCP 21 Entrant et TCP 20 Sortant

fonctionnent...

peut-ÃƒÂªtre configurer le mode passif sur le client?

@BientÃƒÂ´t

--

Olivier C

October 24, 2008

"Olivier"

uAhcgkSNJHA.6044@TK2MSFTNGP02.phx.gbl...

> > defender pour ouvrir les ports 20 & 21, mais Ã§a ne change rien...

>

> Ici (clients et serveur ftp) TCP 21 Entrant et TCP 20 Sortant

> fonctionnent...

> peut-Ãªtre configurer le mode passif sur le client?

>

> @BientÃ´t

>

> --

> Olivier C

>

Mon client est bien en mode passif.

Etes-vous sous Vista ?

Y aurait-il un service Ã activer ? Connaissez-vous le service "ftpsvc" que

je ne trouve pas sous Vista ?

Merci d'avance.

October 24, 2008

Bonsoir Laurent,

> Mon client est bien en mode passif.

Ok,

TCP ?

> FTP commands are working in a command console

> Etes-vous sous Vista ?

Oui, Home Premium

> Y aurait-il un service Ã activer ?

Si le programme est un serveur FTP, il y a des chances que oui.

> Connaissez-vous le service "ftpsvc" que je ne trouve pas sous Vista ?

Non, mon serveur n'utilise pas ce service...

> With Windows Defender active,

Windows Defender ?

> FTPX from "Mabry software"

http://www.juniper.net/security/auto/vulne...s/vuln8040.html

> SSL:

http://fr.wikipedia.org/wiki/Transport_Layer_Security

@BientÃ´t

--

Olivier C

October 27, 2008

"Olivier"

e38VNxgNJHA.1472@TK2MSFTNGP03.phx.gbl...

> Bonsoir Laurent,

>

> > Mon client est bien en mode passif.

>

> Ok,

------------------Ok

>

>

> TCP ?

------------------Oui TCP

>

> > FTP commands are working in a command console

>

------------------Je pense aussi que les rÃ¨gles sont ok pour un client

FTP...

le pare-feu) ???

>

> > Etes-vous sous Vista ?

>

> Oui, Home Premium

>

> > Y aurait-il un service Ã activer ?

>

> Si le programme est un serveur FTP, il y a des chances que oui.

-------------------Mon programme n'est pas un serveur, mais un client FTP

>

> > Connaissez-vous le service "ftpsvc" que je ne trouve pas sous Vista ?

>

> Non, mon serveur n'utilise pas ce service...

-------------------Ok j'abandonne cette piste (aucune trace de ce service

sous vista)

>

> > With Windows Defender active,

>

> Windows Defender ?

--------------------Il s'agit bien du pare-feu Vista (et pas de windows

defender)

--------------------Mon programme utilise la DLL Mabry FTPX.dll.

--------------------Dois-je donner des droits Ã cette dll, et comment ??? Il

me semble que je ne peux donner des droits qu'Ã des exe, des ports/protocole

ou des services...

>

> > FTPX from "Mabry software"

> http://www.juniper.net/security/auto/vulne...s/vuln8040.html

j'utilise la DLL FTPX.dll version 2.03.034 de janvier 2002, Ã moins que les

Vista ? Comment dans ce cas le savoir et l'inhiber ?

>

> > SSL:

> http://fr.wikipedia.org/wiki/Transport_Layer_Security

processus d'identification et de certificat...

>

> @BientÃ´t

-------------------MERCI pour ton aide. Tu me serais d'une grande aide si tu

d'interrogation !

Je te les rappele ci-dessous:

Dois-je donner des droits Ã cette dll, et comment ???

> --

> Olivier C

>

October 27, 2008

> 2110256E-8A5B-4651-A8A1-586116BF844F@microsoft.com...

> > I don't know what to tell you. On one hand, you say that this FTP

solution

> > works with the Vista FW down. On the other hand you say that it doesn't

> work

> > with the Vista FW up.

> >

> > I would say that the issue may be at the FW, still.

> >

> > If the host machine has IIS7 and you can enable the FTP server, I would

> test

> > that you can make contact with FTP that way, or you could install a 3rd

> party

> > FTP server like Filezilla for Vista and check-out the FTP ports 20 and

21

> > that way to see if things work.

> >

> > If that works, then I guess it's back to this program you have hosting

> your

> > FTP COM object.

> >

> >

Hi,

Here is the results of test I made with 3rd party FTP application.

In all tests, I test FTP client which connect with login and password to the

same FTP server on the same local machine in my network.

FileZilla with Vista firewall disable ----------Connect Send and Get ok

My Application with Vista firewall disable ----------Connect Send and Get ok

FileZilla with Vista firewall enable + rules ----------Connect Send and Get

ok

My Application with Vista firewall enable + rules ----------Systematic

connect timeout

An important indication is that, in case of multi command list, I've got

connect timeout only on the first command (I try to connect on each command

if I'm not already connected).

So maybe my FTP client is not really block as I thought, but slow down on

the first connect try.

Can you help me about this "Systematic connect timeout" ?

Why does it not append when firewall is disable ?

In advance thank you,

Golard.

October 27, 2008

"Golard" wrote:

>

> > 2110256E-8A5B-4651-A8A1-586116BF844F@microsoft.com...

> > > I don't know what to tell you. On one hand, you say that this FTP

> solution

> > > works with the Vista FW down. On the other hand you say that it doesn't

> > work

> > > with the Vista FW up.

> > >

> > > I would say that the issue may be at the FW, still.

> > >

> > > If the host machine has IIS7 and you can enable the FTP server, I would

> > test

> > > that you can make contact with FTP that way, or you could install a 3rd

> > party

> > > FTP server like Filezilla for Vista and check-out the FTP ports 20 and

> 21

> > > that way to see if things work.

> > >

> > > If that works, then I guess it's back to this program you have hosting

> > your

> > > FTP COM object.

> > >

> > >

>

> Hi,

>

> Here is the results of test I made with 3rd party FTP application.

> In all tests, I test FTP client which connect with login and password to the

> same FTP server on the same local machine in my network.

>

> FileZilla with Vista firewall disable ----------Connect Send and Get ok

> My Application with Vista firewall disable ----------Connect Send and Get ok

> FileZilla with Vista firewall enable + rules ----------Connect Send and Get

> ok

> My Application with Vista firewall enable + rules ----------Systematic

> connect timeout

>

> An important indication is that, in case of multi command list, I've got

> connect timeout only on the first command (I try to connect on each command

> if I'm not already connected).

>

> So maybe my FTP client is not really block as I thought, but slow down on

> the first connect try.

>

> Can you help me about this "Systematic connect timeout" ?

> Why does it not append when firewall is disable ?

>

> In advance thank you,

>

http://ask.metafilter.com/93060/Vista-FTP-connection-delay

Maybe, you should do a Google search for more infromation above and a

possible solution.

Have you tried looking for a 3rd party FTP DLL that works on Vista with the

Vista firewall enabled?

October 28, 2008

19336AD1-2587-43B1-AAD1-50F81E86A15C@microsoft.com...

>

> http://ask.metafilter.com/93060/Vista-FTP-connection-delay

>

> Maybe, you should do a Google search for more infromation above and a

> possible solution.

>

> Have you tried looking for a 3rd party FTP DLL that works on Vista with

the

> Vista firewall enabled?

>

I made other tests and it appears that the problem disappears with a longer

timeout delay.

It's not a pb of 3rd party FTP DLL: I'm only using a FTP client, and I got

the same problem with 3rd party FTP client.

With vista firewall disable : FTP connection delay is around 3 seconds

With vista firewall ENABLE : FTP connection delay is around 13 seconds !!!

Your article above

(http://ask.metafilter.com/93060/Vista-FTP-connection-delay) talk about

EXACTLY my problem !

THANK YOU to find it !!!

UNFORTUNALETLY, there is no solution at the moment for this problem.

I opened port 113 TCP and UDP, in and out : no changes

I allowed FTP data traffic by setting global statefulftp enable : no changes

My only solution at the moment to make my application work with vista

firewall enable is to increase FTP timeout to 15 seconds.

This way I don't have anymore timeout message, ... but a long long delay for

FTP connection... which is annoying !

I still have hopes of improving this delay with the help of developpers

community...

Write me if you have any idea !

Sign In

FTP connection timedout when Vista Windows Defender active

Recommended Posts

Guest Golard

Popular Days

Popular Days

Guest Golard

Guest Ollis

Guest Golard

Guest Ollis

Guest Golard

Guest Ollis

Guest Beoweolf

Guest Golard

Guest Ollis

Guest Golard

Guest Golard

Guest Olivier

Guest Golard

Guest Olivier

Guest Golard

Guest Golard

Guest Ollis

Guest Golard

Join the conversation

Browse

Activity

Support