# ftp server passive ports



## jjjustjjjay (Feb 19, 2010)

hey all

I was just wondering what is a good ftp server for freebsd 8.0 that allows you to set passive ftp ports


----------



## dennylin93 (Feb 19, 2010)

Try ftp/pure-ftpd. It's easy to use and has lots of features.

To set the passive port range, use:

```
PassivePortRange            60000 65000
```


----------



## copypaiste (Feb 19, 2010)

/usr/libexec/lukemftpd  It's a cool and easy to set-up ftpd with many options.


----------



## lMicROl (Feb 19, 2010)

I use /usr/ports/ftp/vsftpd
man vsftpd.conf

```
pasv_max_port
   The  maximum  port  to allocate for PASV style data connections. Can be used to specify a  narrow  port  range  to  assist  fire- walling.
Default: 0 (use any port)

pasv_min_port
     The  minimum  port  to allocate for PASV style data connections.Can be used to specify a  narrow  port  range  to  assist  fire-walling.
 Default: 0 (use any port)
```


----------



## DutchDaemon (Feb 19, 2010)

copypaiste said:
			
		

> /usr/libexec/lukemftpd  It's a cool and easy to set-up ftpd with many options.



Lukemftpd is on its way out:
http://www.evilcoder.org/2009/09/03/freebsd-lukemftpd-disconnected-from-the-build/


----------



## ghostcorps (Sep 20, 2010)

Hi Guys

I have been trying to change the default ftp port all day and just found this topic. Does this mean that the default ftpd (bsdftpd-ssl-1.1.0_2) in my case, does not actually allow me to change the ftp port?

I have tried:

/etc/ftpd.conf

```
PassivePortRange xxx xxx
```

and 

/etc/rc.conf

```
ftpd_flags="-p xxx"
```
Both to no avail. 

Can this be done or do I need to install a different server?

Also, is it possible to hide the version from nmap?


----------



## cyrille_v (Sep 20, 2010)

My choice is  proftpd. many options, many modules, well documented and easy for customization -> /usr/ports/ftp/proftpd. Also there are some graphical interfaces for administration, for example in webmin.


----------



## ghostcorps (Sep 21, 2010)

Thanks Cryille,

I have had alot of bad luck trying to setup proftp or pureftp in the past, I am hoping I can just stay with what comes natively if possible.


----------



## Wiedmann (Sep 21, 2010)

> Does this mean that the default ftpd (bsdftpd-ssl-1.1.0_2) in my case,
> ...
> FreeBSD 8.1 Release


"bsdftpd-ssl-1.1.0_2" is the default ftpd in FreeBSD 8.1?

Well, from ftpd(8) ftpd in FreeBSD is using IP_PORTRANGE_HIGH for data ports, which you can change with net.inet.ip.portrange.hifirst (49152) and net.inet.ip.portrange.hilast (65535) in /etc/sysctl.conf (a system wide setting).

BTW:
Personally I also using Pure-FTPd.


----------



## ghostcorps (Sep 21, 2010)

Thanks  I'll try that.

Any suggestions re: blocking the version from nmap?


----------

