Wireshark-users: Re: [Wireshark-users] FTP Timeout Troubleshooting
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Sun, 9 May 2010 23:33:58 -0700
On May 9, 2010, at 8:49 PM, Bill Meier wrote:

> Google something like "FTP Server" "Ident" and you'll find lot's of info.

For example:

	http://www.armory.com/~ftp/ftpserve.html

"Some of the problems you may encounter in attempting to connect to the Armory FTP server:

	• The Armory FTP server attempts to send an ident (RFC 1413) query, and waits for either a positive or negative response before allowing the connection to proceed. Some routers are misconfigured such that they drop packets sent to blocked ports rather than correctly explicitly rejecting them. Some hosts make the same mistake when they receive packets sent to ports that no services are configured on. The symptom of this is the same as for the PTR lookup hang. If you are behind such a router or operating from such a host, the only solution is to either fix the problem (ident service uses port 113) or use an FTP client with a longer timeout than the ident timeout."

Now, I tried connecting to ftp.armory.com, and was able to fetch a file with FTP - and I don't have an ident daemon running:

	$ telnet localhost ident
	Trying ::1...
	telnet: connect to address ::1: Connection refused
	Trying fe80::1...
	telnet: connect to address fe80::1: Connection refused
	Trying 127.0.0.1...
	telnet: connect to address 127.0.0.1: Connection refused
	telnet: Unable to connect to remote host

so perhaps the Armory's FTP server isn't insisting on an ident query response any more.

> I'm not at all familiar with MAC OS X (and using FTP clients on same); I 
> suspect you may need to somehow have the OS send a "reject" reply when 
> the IDENT request is received (rather than ignoring the request).

The way you have Mac OS X send a reject reply rather than ignoring the request is "install an ident server on the machine"; fauxidentd might do the job:

	http://fauxident.darwinports.com/

"fauxident is a small Python script that will act as an extremely naive ident server, answering all ident requests with a consistent response -- either an ERROR or a USERID response."

Whether that will fix the problem is another matter.