Page 1 of 1

Please Help

Posted: 2019-02-12 14:09
by CRSharp82
Please help... I contacted our IT dept. and they say it the customers issue and the customers is telling me its our issue. I have no clue where to go from here.


Status: Resolving address of
Status: Connecting to ##.###.###.###:21...
Status: Connection established, waiting for welcome message...
Response: 220 Serv-U FTP Server v15.1 ready...
Command: AUTH TLS
Response: 234 AUTH command OK. Initializing SSL connection.
Status: Initializing TLS...
Error: GnuTLS error -110: The TLS connection was non-properly terminated.
Status: Server did not properly shut down TLS connection
Status: Connection attempt failed with "ECONNABORTED - Connection aborted".
Error: Could not connect to server

Thanks

Re: Please Help

Posted: 2019-02-12 16:55
by botg
Please test the server on https://ftptest.net/

Re: Please Help

Posted: 2019-02-12 19:14
by CRSharp82
The result from the test:
Status: Resolving address of kthhub.kth.net

Status: Connecting to 173.188.116.230

Warning: The entered address does not resolve to an IPv6 address.

Status: Connected, waiting for welcome message...

Reply: 220 Serv-U FTP Server v15.1 ready...

Command: CLNT https://ftptest.net on behalf of 74.218.211.18

Reply: 200 Noted.

Command: AUTH TLS

Reply: 234 AUTH command OK. Initializing SSL connection.

Status: Performing TLS handshake...

Status: TLS handshake successful, verifying certificate...

Status: Received 1 certificates from server.

Status: cert[0]: subject='C=US,ST=OH,L=Saint Paris,O=KTH Parts Industries\5c, Inc.,OU=ISG,CN=kthhub.kth.net' issuer='C=US,ST=OH,L=Saint Paris,O=KTH Parts Industries\5c, Inc.,OU=ISG,CN=kthhub.kth.net'

Command: USER rosewoodmachine

Reply: 331 User name okay, need password.

Command: PASS ********

Reply: 230 User logged in, proceed.

Command: SYST

Reply: 215 UNIX Type: L8

Command: FEAT

Reply: 211-Extensions supported

Reply: UTF8

Reply: OPTS MODE;MLST;UTF8

Reply: CLNT

Reply: CSID Name; Version;

Reply: HOST domain

Reply: SITE PSWD;SET;ZONE;CHMOD;MSG;EXEC;HELP

Reply: AUTH TLS;SSL;TLS-C;TLS-P;

Reply: PBSZ

Reply: PROT

Reply: CCC

Reply: SSCN

Reply: RMDA directoryname

Reply: DSIZ

Reply: AVBL

Reply: EPRT

Reply: EPSV

Reply: MODE Z

Reply: THMB BMP|JPEG|GIF|TIFF|PNG max_width max_height pathname

Reply: REST STREAM

Reply: SIZE

Reply: MDTM

Reply: MDTM YYYYMMDDHHMMSS[+-TZ];filename

Reply: MFMT

Reply: MFCT

Reply: MFF Create;Modify;

Reply: XCRC filename;start;end

Reply: XMD5 filename;start;end

Reply: XSHA1 filename;start;end

Reply: XSHA256 filename;start;end

Reply: XSHA512 filename;start;end

Reply: COMB target;source_list

Reply: MLST Type*;Size*;Create;Modify*;Perm;Win32.ea;Win32.dt;Win32.dl

Reply: 211 End (for details use "HELP commmand" where command is the command of interest)

Command: PBSZ 0

Reply: 200 PBSZ command OK. Protection buffer size set to 0.

Command: PROT P

Reply: 200 PROT command OK. Using private data connection.

Command: PWD

Reply: 257 "/" is current directory.

Status: Current path is /

Command: TYPE I

Reply: 200 Type set to I.

Command: PASV

Reply: 227 Entering Passive Mode (173,188,116,230,35,78)

Command: MLSD

Status: Data connection established, performing TLS handshake...

Status: TLS handshake successful, verifying certificate...

Status: Received 1 certificates from server.

Status: cert[0]: subject='C=US,ST=OH,L=Saint Paris,O=KTH Parts Industries\5c, Inc.,OU=ISG,CN=kthhub.kth.net' issuer='C=US,ST=OH,L=Saint Paris,O=KTH Parts Industries\5c, Inc.,OU=ISG,CN=kthhub.kth.net'

Status: TLS session of transfer connection has been resumed.

Reply: 150 Opening BINARY mode data connection for MLSD.

Listing: Type=dir;Modify=20190117050131.289; from_kth

Listing: Type=dir;Modify=20181221190100.484; to_kth

Reply: 226 Transfer complete. 90 bytes transferred. 0.09 KB/sec.

Status: Success

Results

Your server is working and assorted routers/firewalls have been correctly configured for explicit FTP over TLS as performed by this test. However there have been warnings about compatibility issues, not all users will be able to use your server.

For maximum compatibility, consider resolving these warnings.

Re: Please Help

Posted: 2019-02-12 19:39
by botg
Okay, so the test is working fine, if you look past lack of IPv6 support (seriously, why are some hosting providers stuck in the past millennium?).

With the test working, this means it's a client-side issue. I can pass the TLS handshake with this server from my location, this means that that the problem is specific to your end of the connection. It could be a firewall on your system, something in your local network, or in very unfortunate cases, something your ISP is doing.

Try uninstalling all firewalls, AV products, VPN software and similar troublemakers and connect your computer directly to your modem to rule out anything faulty under your control. If it still fails it is your ISPs doing, upon which you have to switch to a better ISP.

Re: Please Help

Posted: 2019-02-13 05:41
by boco
Prime suspects: Antivirus software injecting their own (often insecure) certificate into the chain in order to hijack the connection. This is called a man-in-the-middle attack and makes those AV's not any better than Malware.

Re: Please Help

Posted: 2019-02-13 13:23
by CRSharp82
You guys are awesome... Ill let you know how it works out..

Thanks