cancel
Showing results for 
Search instead for 
Did you mean: 

FTP delays

N/A

FTP delays

This relates to ftp.plus.net. Whenever my ftp client issues the EPSV command, the server responds with "... Entering Extended Passive Mode..." and there is a delay of several minutes before anything else happens. This gets rather irritating.

A typical exchange involves changing directory. The first line below is the command from the client, then alternate lines are server and client:

cwd /htdocs/
250 CWD command successful
type A
200 Type set to A
EPSV
229 Entering Extended Passive Mode (then a big delay)
PASV
227 Entering Passive Mode ...
list -a

I'm not inclined to blame the ftp client because there is no delay in carrying out similar operations on cgi.plus.net. For various reasons, suggesting use of a different ftp client is not really helpful.

Best regards, Martin Brampton
7 REPLIES
N/A

FTP delays

Have you tried disabling Passive mode (and Extended Passive Mode) in your FTP client?
N/A

FTP delays

I don't think it is an option. "Passive mode" does not occur anywhere in the handbook for KBear. It isn't always a problem either, surely it must be connected with something to do with packet handling or some such at Plus Net?

Best regards, Martin Brampton
csogilvie
Grafter
Posts: 5,852
Registered: 04-04-2007

FTP delays

There certainly appears (from the source) to be an option for this... I am currently compiling it (now I am in Linux) and will post more later.
csogilvie
Grafter
Posts: 5,852
Registered: 04-04-2007

FTP delays

Save the site to "SiteManager" and then you can disable both PASV and EPSV mode (which I've never heard of...). I can't see how to disable it for one-time connections though.

Colin (who discovered it was already installed...)
N/A

FTP delays

This is bizarre. I was mistaken (sort of) about it sometimes being delayed and sometimes not, connecting to cgi.plus.net. You are right that quick connection seems to use passive mode, and there is certainly no obvious way to control this. But if it is stored in sitemanager, by default it seems to disable passive mode (and if that is disabled, extended passive mode is automatically disabled). I never even knew there was such a setting. Most peculiar. Something I read suggested that passive mode was a "good thing" but not in what respect. So long as I always connect from an entry in sitemanager, it seems to be OK.

KBear is generally a rather good ftp client, apart from its tendency to crash from time to time.

Best regards, Martin Brampton
N/A

FTP delays

I begin to understand, but don't have time to pursue it much further. From a netsys firewall discussion forum:

> For the client side, passive FTP always provides better security.

Unless it is a rogue client.

> For clients, active mode has no "advantages" the way I see it,
> only drawbacks. And big ones at that.

Unless it is a rogue client.

Anyway, I (mostly) agree - I was talking purely about the packet
filtering `holes' that have to be opened, not about what happens once
the connection through that hole has been established. For active mode,
the details of the hole are known, so the hole can be precisely
specified, while for passive mode, although there is undoubtedly a
security advantage of having the client connect, the packet filtering
hole on the firewall has to allow a whole range of ports on the client
side.

Put another way - with passive mode, you are more open to exploits from
the inside, while with active mode you are more vulnerable to exploits
from the outside.
N/A

FTP delays

I've been having problems as well, loading my latest draft to my website, it went down to a crawl and trashed some of the gif's. I changed to passive mode and this seemed to resolve the problem.

However to be honest, I'm not sure if this 100% solved it, or I was just lucky.