TLS packet with unexpected length - *not* server reset prob

[boco]

Status: Server did not properly shut down TLS connection

Do you get that error often? It would mean the server software (or rather anything in between, like a firewall) is broken and contains a security vulnerability. FileZilla deliberately denies to work with such servers. Please read http://forum.filezilla-project.org/view ... f=2&t=7688.

As to the firewall issue, the ''firewall'' term is to be seen loosely. Sadly almost every application nowadays even remotely related to security assumes that you need *yet* another firewall or port blocker. So even if you shut down Win7 firewall (which seems to be a dog, according to latest user reports), there still could be further software interfering. Seems to be something related to the Win7 machine, as the XP machine works. Anything with ''Internet security'' or similar in the name installed?

[sam_ok]

The network of the WINXP workstation is not the same as that of WIN7. I will plug in a WINXP workstation in the WIN7 network and carry out the test again.

Notify all of you the result later.

[sam_ok]

I have finished testing using a WINXP workstation. It failed also. That means it is not Windows 7 problem.

After reviewing the firewall log, the FileZilla client ftp traffic was blocked by the firewall. The reason is "a potential Bounce Attack Evasion Attempt" or we may call it "ftp bounce" issue.

Why FileZilla client ftp traffic will be regarded as "ftp bounce" attack ?

[boco]

Answer: Firewalls are paranoid.

If a client sends e. g. PORT commands with a different IP address than its own, the server tries to connect to that address instead. If it does that many times, you have what one calls an FTP bounce attack: The victims IP is flooded with requests by the server, while the actual attack originated elsewhere.