Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Replies 12 replies
  • Subscribers 0 subscribers
  • Views 2422 views
  • Users 0 members are here
Options
Suggested

[7.950][NOTABUG][CLOSED] Target service not allowed

wingman
Hi All

I am getting the following error on the HTTP proxy. Shouldn't that traffic being using the ftp service instead? 


2010:06:22-20:26:57 **** httpproxy[5050]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="HEAD" srcip="192.168.*.*" dstip="" user="" statuscode="403" cached="0" profile="REF_gTJkfSrJvf (AD Users)" filteraction="REF_PAZIrYpGAv (Local Users)" size="0" time="0 ms" request="0xa740a28" url="anonymous:CommonUpdater@McAfeeB2B.com@ftp.nai.com:21" exceptions="" error="Target service not allowed"


Thanks
Parents
  • 0 
    Astaro Beta Report

    --------------------------------

    Version: 7.950

    Type: NOTABUG

    State: CLOSED

    Reporter: wingman

    Contributor: BrucekConvergent

    MantisID: 

    Target version: 

    Fixed in version: 

    --------------------------------
  • 0 in reply to Astaro Beta Bot
    If you have the http proxy in transparent mode, and the ftp protocol is in the allowed list (as it is by default), then no, the http proxy will attempt to perform the FTP connection if it sees a connection attempt on port 21 fly by.  If you are in standard or SSO mode, and you have the browser's proxy settings to point to the HTTP proxy for FTP, then it will use that proxy.

    To use the FTP proxy, you need to remove the FTP protocol from teh allowed services list in the http proxy (if in transparent mode), or if you use your web browser for FTP access in Standard or SSO mode, you will need to point it manually at the FTP Proxy.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to Astaro Beta Bot
    If you have the http proxy in transparent mode, and the ftp protocol is in the allowed list (as it is by default), then no, the http proxy will attempt to perform the FTP connection if it sees a connection attempt on port 21 fly by.  If you are in standard or SSO mode, and you have the browser's proxy settings to point to the HTTP proxy for FTP, then it will use that proxy.

    To use the FTP proxy, you need to remove the FTP protocol from teh allowed services list in the http proxy (if in transparent mode), or if you use your web browser for FTP access in Standard or SSO mode, you will need to point it manually at the FTP Proxy.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Unfiltered HTML