03-03-2014 11:51 PM - edited 03-11-2019 08:53 PM
Friends,
I have my webserver set up in the DMZ on my ASA5505 but am facing a challenge with my users who i suspect are uploading malicious files through FTP. my webserver in running linux and cannot execute the same files, but when i try to open certain sites with my windows machine, my anti virus flags off. please advise on how i can configure application layer filtering on my ASA 5505.
thanks.
03-04-2014 12:02 AM
Which FTP service u are using//
Active or Passive
if u r using Passive, than add FTp service in Inspection... so that it can open dynamically ports automatically
03-04-2014 05:03 AM
Hello Amos,
So basically you have a DMZ HTTP server that is being used as the destination of some files that u do not want? Right?
If this is the case you can simply configure an ACL allowing only HTTP traffic to it and then deny the rest.
What do you think?
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com
03-05-2014 03:09 AM
Hi,
yes i have a webserver, it is hosting websites for various clients. clients FTP into it and update their sites. the thing is, i think clients upload viruses during this process and thats why i would like to inspect the FTP connections to make sure any malicious codes are detected during this FTP
03-05-2014 04:47 AM
Hello Amos,
So you want to allow FTP traffic to it??
Cause if this is an HTTP webserver only you could deny all FTP traffic to it, what do u think?
If not, well we will need to play with the FTP inspection a little.
Here are some of the options we have available to customize our FTP DPI:
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com
03-05-2014 07:15 AM
Hi Julio,
yes it is an HTTP webserver and it is hosting websites for vatious clients. they use FTP to upload content and all, i want to inspect FTP traffic to the webserver.
03-05-2014 07:16 AM
Hello,
Then follow the document I sent you,
Regards,
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide