Several of you have asked how to change your FTP server to use a port other than the default port of 21. Ports in the range of 0-1023 are reserved and well-known ports, with port 21 being the established standard for FTP. The reason most people want to do this is to make it harder for someone to gain unauthorized access to your FTP server.
Although this may make it more difficult for someone to discover that you are running an FTP server, this by itself will not prevent someone from being able to discover and potentially hack into your FTP server. If you decide to use this technique, keep in mind that this is no substitute for other types of security and should be viewed as only a very small piece of your security infrastructure. If you have existing FTP programs or scripts, you will need to change them to access your new FTP port.
For anyone who has tried to do this, you may have noticed that the port can't be changed using the CHGFTPA command. Here is how to make the changes.
- Enter the command WRKSRVTBLE and scroll down to the services that are labeled ftp-control.
- Display and print these entries.
- Use the command ADDSRVTBLE to duplicate these entries exactly as they appear, with the exception that you will specify a new port number. To get lowercase values to stay lowercase, make sure they are enclosed in single quotes. When you specify your new FTP port, you should avoid using the reserved ports of 0-1023. You should also try to avoid using other ports that are already defined.
- Compare your new entries to the existing entries that are on port 21 to ensure that everything is an exact match.
- Delete your existing entries for service ftp-control that is on port 21.
- End and restart TCP/IP.
- If you wish, entries labeled ftp-data can also be changed in a similar manner.
When you access FTP from the AS/400, you will now have to specify the port. From the AS/400 the FTP command would look like this:
FTP RMTSYS('10.10.10.10') PORT(21021)
From the DOS prompt, it would look like this:
C:WINDOWS>ftp ftp> open 10.10.10.10 21021
About the author: Tim is vice president of Technical Services at Interlink Technologies in Maumee, Ohio, where he serves as chief architect for their warehouse management system. He has worked in the banking, insurance, healthcare and distribution industries in various positions, including programmer/analyst, systems analyst and DP manager. Tim has worked on IBM midrange platforms since 1983.
- Tricks and
techniques for FTPing OS/400 save files
Save files (SAVF) are great for transferring iSeries and AS/400 objects between OS/400-based machines. Whether it's a group PTF, a file, a library or even a licensed program, save files can quickly zip large amounts of information between two AS/400s, especially if the save files are transmitted via FTP. Unfortunately, there's a little bit of misunderstanding about how to properly FTP save files between two iSeries machines. There are a few simple, but hard-fast, rules that users must follow to successfully transfer save files.
- Chris Peters
answers questions on FTP
Hundreds of Search400 members tuned in for our Webcast FTP fundamentals for the iSeries, and we received a slew of questions. We didn't have time to address all of them during the live event, but our guest speaker -- Chris Peters from Evergreen Interactive -- was able to answer some of them offline.
FTP is one of the top utilities for transferring data to and from the iSeries. Still, users often have problems using it. These resources reveal tips you may not have considered before.
This was first published in July 2002