FTPS-679 — PORT family command has illegal parameter
Kernun FTP proxy checks whether PORT/EPRT command argument contains IP address of client. If not, this message is logged.
Incorrect IP address typically appears in one of three situations:
Client wants to transfer data directly between two retmote servers (so called third party transfer). This kind of operation is not allowed across Kernun FTP proxy. User must avoid this by copying file to and from client itself.
There are some misconfiguration of a proper NAT handling over the proxy and peers use wrong (e.g. untranslated addresses).
Multihomed server uses address of incorrect interface or incorrect alias of correct interface. This case must be solved on the side of remote server.
An intruder wants to reforward data transfer to his machine.
PORT/EPRT command with illegal IP address is rejected, session continues so that user attempting to do third party transfer can realize the transfer by another way. Repeated appearance of this message can be considered as an intrusion attempt.