Until recently (a few days ago) I have been happily uploading via FTP to my hosted web site. Suddenly I find I can start an upload but every attempt ends with 'waiting for transfer to complete' which it never does.
I have tried a number of different FTP applications, both GUI and command line, to no avail.
I have also tried uploading to the small amount of web space that my ISP provides with the same result which I think rules out a problem on my hosting server.
I can upload to my hosted site if I use a modem instead of the router which seems to indicate that the problem may be within the router/firewall. However, as far as I can see, nothing in the router firewall has changed. It is set to allow anything out and to block everything coming in unless it's a 'reply' to a connection instigated by my computer. That has always worked in the past.
This problem has occurred around the time I've started getting the following in my router logs (this is the first recorded instance):
Thu, 2004-04-08 16:52:17 - TCP Packet -Source:81.174.175.111,3789 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:52:21 - TCP Packet - Source:81.174.175.111,1603 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:52:26 - TCP Packet - Source:81.174.175.111,1605 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:52:34 - TCP Packet - Source:81.174.175.111,1602 Destination:81.174.175.161,135 - [DOS] Thu, 2004-04-08 16:52:39 - TCP Packet - Source:81.174.175.111,3787 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:52:44 - TCP Packet - Source:81.174.175.111,3786 Destination:81.174.175.161,135 - [DOS] Thu, 2004-04-08 16:53:47 - TCP Packet - Source:81.174.175.111,1605 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:54:50 - TCP Packet - Source:81.174.175.111,1603 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:55:53 - TCP Packet - Source:81.174.175.111,2442 Destination:81.174.175.161,135 - [DOS] Thu, 2004-04-08 16:56:56 - TCP Packet - Source:81.174.175.111,4572 Destination:81.174.175.161,135 - [DOS] Thu, 2004-04-08 16:57:01 - TCP Packet - Source:81.174.175.111,4577 Destination:81.174.175.161,139 - [DOS] Thu, 2004-04-08 16:57:06 - TCP Packet - Source:81.174.175.111,4576 Destination:81.174.175.161,6129 - [DOS] Thu, 2004-04-08 16:57:10 - TCP Packet - Source:81.174.175.111,4575 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:57:15 - TCP Packet - Source:81.174.175.111,4573 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:57:20 - TCP Packet - Source:81.174.175.111,4694 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:57:26 - TCP Packet - Source:81.174.175.111,4689 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:57:31 - TCP Packet - Source:81.174.175.111,4686 Destination:81.174.175.161,135 - [DOS] Thu, 2004-04-08 16:57:36 - TCP Packet - Source:81.174.175.111,4062 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:57:41 - TCP Packet - Source:81.174.175.111,4695 Destination:81.174.175.161,6129 - [DOS] Thu, 2004-04-08 16:57:46 - TCP Packet - Source:81.174.175.111,4299 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:57:50 - TCP Packet - Source:81.174.175.111,4301 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:59:39 - TCP Packet - Source:81.174.175.111,3157 Destination:81.174.175.161,139 - [DOS] Thu, 2004-04-08 16:59:43 - TCP Packet - Source:81.174.175.111,3156 Destination:81.174.175.161,6129 - [DOS] Thu, 2004-04-08 16:59:48 - TCP Packet - Source:81.174.175.111,3155 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:59:53 - TCP Packet - Source:81.174.175.111,3152 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 16:59:58 - TCP Packet - Source:81.174.175.111,3151 Destination:81.174.175.161,135 - [DOS] Thu, 2004-04-08 17:02:30 - TCP Packet - Source:81.174.175.111,1803 Destination:81.174.175.161,6129 - [DOS] Thu, 2004-04-08 17:02:35 - TCP Packet - Source:81.174.175.111,1802 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 17:02:40 - TCP Packet - Source:81.174.175.111,1800 Destination:81.174.175.161,1025 - [DOS] Thu, 2004-04-08 17:02:44 - TCP Packet - Source:81.174.175.111,1799 Destination:81.174.175.161,135 - [DOS]
I've reported this to my ISP as it one of their addresses but have yet to hear anything. I cannot see why this should prevent FTP uploads from completing and it doesn't prevent me from doing anything else. I can download without problems.
I'm baffled (but then I am easily baffled) and any advice will be very much appreciated.
Barry Samuels http://www.beenthere-donethat.org.uk The Unofficial Guide to Great Britain
On 2004.04.12 10:09, bjsamuels@beenthere-donethat.org.uk wrote:
Until recently (a few days ago) I have been happily uploading via FTP to my hosted web site. Suddenly I find I can start an upload but every attempt ends with 'waiting for transfer to complete' which it never does.
This sounds like a firewall problem as you suspect.
The FTP protocol in its normal mode of operation is special because when you're the client you originate a TCP connection (the control connection) to the server but whenever you transfer data the client end starts listening for an incoming TCP connection (the data connection), tells the server where it is listening via a PORT command and waits for the server to make the connection.
To support FTP working like this a firewall needs a special module which notices the FTP control connection, spies on it to spot PORT commands and opens up the specified incoming port.
Another possibility is to use FTP in passive mode, i.e. where the client tells the server that it wants the data connections to go the other way and that the server must passivelt wait for the client to make the data connection before sending. For a command line FTP you can probably enable this with 'passive'.
HTH, Steve.
On 12-Apr-2004 Steve Fosdick wrote:
On 2004.04.12 10:09, bjsamuels@beenthere-donethat.org.uk wrote:
Until recently (a few days ago) I have been happily uploading via FTP to my hosted web site. Suddenly I find I can start an upload but every attempt ends with 'waiting for transfer to complete' which it never does.
This sounds like a firewall problem as you suspect.
I'm not at all sure that it is a firewall problem because if I disable the firewall completely it still doesn't work.
Another possibility is to use FTP in passive mode, i.e. where the client tells the server that it wants the data connections to go the other way and that the server must passivelt wait for the client to make the data connection before sending. For a command line FTP you can probably enable this with 'passive'.
I'm already using passive mode.
Barry Samuels http://www.beenthere-donethat.org.uk The Unofficial Guide to Great Britain
bjsamuels@beenthere-donethat.org.uk wrote:
On 12-Apr-2004 Steve Fosdick wrote:
On 2004.04.12 10:09, bjsamuels@beenthere-donethat.org.uk wrote:
Until recently (a few days ago) I have been happily uploading via FTP to my hosted web site. Suddenly I find I can start an upload but every attempt ends with 'waiting for transfer to complete' which it never does.
This sounds like a firewall problem as you suspect.
I'm not at all sure that it is a firewall problem because if I disable the firewall completely it still doesn't work.
Does the router do NAT? Have you tried disabling NAT as well?
JD
On 2004.04.12 10:09, bjsamuels@beenthere-donethat.org.uk wrote:
This problem has occurred around the time I've started getting the following in my router logs (this is the first recorded instance):
Thu, 2004-04-08 16:52:17 - TCP Packet -Source:81.174.175.111,3789 Destination:81.174.175.161,3127 - [DOS] Thu, 2004-04-08 16:52:21 - TCP Packet - Source:81.174.175.111,1603 Destination:81.174.175.161,1025 - [DOS]
...
Looks like someone is port scanning hoping to find something to exploit. If you firewall isn't allowing incoming connection you should be safe, even so it is good to complain to your ISP. The ports being scanned and their respective services seem to be:
135 - empmap 139 - netbios-ssn 1025 - blackjack 3127 - mydoom 6129 - dameware
Probing netbios-ssn is no doubt an attempt to see if you have your hard disk shared via windows networking (or samba). Perhaps the other services are also known to have security issues. None of this seems to having anything to do with FTP though.
Steve.
How far have you gone in testing the "never?" I've often had a very long (of the order of ten minutes) wait at this stage in FTP transactions; it seems to happen after the file has been completely transferred.
bjsamuels@beenthere-donethat.org.uk wrote:
Until recently (a few days ago) I have been happily uploading via FTP to my hosted web site. Suddenly I find I can start an upload but every attempt ends with 'waiting for transfer to complete' which it never does.
-
bjsamuels@beenthere-donethat.org.uk -
Daniel Hatton -
Jon Dye -
Steve Fosdick