LevelBlue Named Official Cybersecurity Advisor of the PGA of America. Learn more

LevelBlue Named Official Cybersecurity Advisor of the PGA of America. Learn more

Services
Cyber Advisory
Managed Cloud Security
Data Security
Managed Detection & Response
Email Security
Managed Network Infrastructure Security
Exposure Management
Security Operations Platforms
Incident Readiness & Response
SpiderLabs Threat Intelligence
View All Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Operational Technology
End-to-end OT security
Microsoft
Unlock the full power of Microsoft Security
Securing the IoT Landscape
Test, monitor and secure network objects
Why LevelBlue
About Us
We reduce cyber risk and build resilience
Awards and Accolades
The most recognized cybersecurity leader
LevelBlue SpiderLabs
Elite global threat experts and intelligence
PGA of America Partnership
Cybersecurity at the championship level
Secure What's Next
Future-proof your organization
LevelBlue Security Operations Platforms
Unprecedented security visibility and control
Security Colony
Cybersecurity threat protection resources
Partners
Microsoft
Unlock the full power of Microsoft Security
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
Loading...
Loading...

LevelBlue Knowledge Base

Home » Knowledgebase » FTP » FAQ: How to enable the Native FTP proxy and how to use it

FAQ: How to enable the Native FTP proxy and how to use it

Expand / Collapse
Show/Hide Article Tools


  • Question

    How can I configure the scanning server to work with native FTP?


  • Answer

    In order to enable the scanner to scan native FTP sessions:

     

    1. In Versions 8.5: Log in to the managment console and go to Settings -> Devices -> Scanner IP -> FTP.
        In Version 9.0 and above: Log in to the management console and go to Administration -> System Settings -> Finjan Devices -> Scanner IP -> FTP.

    2. In the FTP Configuration mark the ‘Enable FTP’ check box and other settings if needed.

    3. Apply and commit the changes.

    4. In order to check that the scanner actually scan the FTP data, here are two examples showing how to verify that the scanner is actually checking the FTP sessions.

    In order to do this we must make sure that the FTP session will go through the proxy (example: SGW appliance IP is 10.194.48.1).

     

    Start ftp CLI client:
    > ftp
    set the session to move through the scanner (proxy)
    open :
    > open 10.194.48.1 2121

    The following prompt will be displayed:
    220 Frox transparent ftp proxy. Login with username[@host[:port]] [client_ip][/client_username]
    User (10.194.48.1:(none)):

    Enter the login details.
    For example:
    anonymous@ftp.zillionsofgames.com:21

    After this the phase we have a connection to the remote FTP via the proxy (scanner).
    Any download operation will be examined by it.

    Example of a ‘get’ request from the FTP server:

    ftp> get sampzeng.zip
    200 PORT command successful.
    150-Starting Transfer
    150-There'll be a delay while we scan for viruses
    150-Scanning file for viruses
    150 Not starting Transfer
    451 File contains virus. Aborting




    • Related article(s)
    Q13497 - How to configure FileZilla 3.x for use with FTP Proxy


  • Software Version
    8.5
    9.x

    • This article applies to:
    NG 1000
    NG 5000
    NG 6000
    NG 8000
    This article was previously published as:
    Finjan KB 1249

    To contact LevelBlue about this article or to request support:

    Rate this Article:
         

    Add Your Comments


    Comment submission is disabled for anonymous users.
    Please send feedback to Trustwave Technical Support or the Webmaster    .


    Execution: 0.078. 8 queries. Compression Disabled.
    Powered by InstantKB.NET