Question
How can I configure the scanning server to work with native FTP?
Answer
In order to enable the scanner to scan native FTP sessions:
1. In Versions 8.5: Log in to the managment console and go to Settings -> Devices -> Scanner IP -> FTP.
In Version 9.0 and above: Log in to the management console and go to Administration -> System Settings -> Finjan Devices -> Scanner IP -> FTP.
2. In the FTP Configuration mark the ‘Enable FTP’ check box and other settings if needed.
3. Apply and commit the changes.
4. In order to check that the scanner actually scan the FTP data, here are two examples showing how to verify that the scanner is actually checking the FTP sessions.
In order to do this we must make sure that the FTP session will go through the proxy (example: SGW appliance IP is 10.194.48.1).
Start ftp CLI client:
> ftp
set the session to move through the scanner (proxy)
open
:
> open 10.194.48.1 2121
The following prompt will be displayed:
220 Frox transparent ftp proxy. Login with username[@host[:port]] [client_ip][/client_username]
User (10.194.48.1:(none)):
Enter the login details.
For example:
anonymous@ftp.zillionsofgames.com:21
After this the phase we have a connection to the remote FTP via the proxy (scanner).
Any download operation will be examined by it.
Example of a ‘get’ request from the FTP server:
ftp> get sampzeng.zip
200 PORT command successful.
150-Starting Transfer
150-There'll be a delay while we scan for viruses
150-Scanning file for viruses
150 Not starting Transfer
451 File contains virus. Aborting
Related article(s)
Q13497 - How to configure FileZilla 3.x for use with FTP Proxy
Software Version
8.5
9.x
- This article applies to:
- NG 1000
- NG 5000
- NG 6000
- NG 8000
- This article was previously published as:
- Finjan KB 1249