Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
271
Views
0
Helpful
1
Replies

Invalid port command

cteplansky
Level 1
Level 1

‎08-21-2002 06:37 AM - edited ‎03-09-2019 12:00 AM

This triggers an invalid port command signature 3154. Looking at the context buffer you can see port 3nary which would be invalid. Why is the context buffer showing this. Is the IDS confusing the data since I would assume the port 3nary would be type binary? Example below

PORT 10,10,10,219,4,8

RETR ****_*******

PORT 3NARY.

226 Transfer finished successfully. Data connection closed.

200 Port command okay.

Labels:
0 Helpful
1 Reply 1

bkubesh
Level 1
Level 1

‎08-22-2002 01:06 PM

The context buffer is showing the PORT 3NARY because that is what it is alarming on. It thinks the user is sending another port command, and the port command appears to be invalid since it is not in comma separated decimal format as described by the RFC.

What is PORT 3NARY supposed to be? I dont recognize it? It is not in binary format. This is the ftp control channel and the actual data is transferred on a different port. ASCII format only on this port/channel.

-BK

0 Helpful
Customers Also Viewed These Support Documents