Subject: Re: requires dash?
To: Courtney R. Spencer <>
From: Quentin Garnier <>
List: netbsd-users
Date: 08/22/2005 21:19:30
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 22, 2005 at 01:56:47PM -0400, Courtney R. Spencer wrote:
> I thought that using a "-" for the first character of
> the password when logging in anonymously was only a
> necessity if you want to suppress the login message.
> I was manually trying to use download-vulnerability-list
> from audit-packages since my vulnerability list was
> outdated when I stumbled upon this.=20
> Was this always a requirement (I can't remember having to
> earlier this year) or is there a problem with reading=20
> .message?

It's not about the password, you have firewall issues.

I've seen that issue happen to a fellow developer slightly less than
two years ago.  The packet you're expecting at this point is as large
as it can be, and apparently some stateful packet filters (that
understand FTP) are confused by that packet.

In that story, it appeared that some version of the Checkpoint firewall
actually expected TCP packets to be aligned with end of lines, which was
not the case with the motd of the time, for two bytes.  That is, making
the motd file two bytes larger (I suggested increasing the length of the
fork at the time) made the connection get through.

I don't remember if admins@ did something about it at the time, and I
guess the motd has changed by now, but I really think you're experiencing
a similar issue.

It might also be related to PPPoE and badly negociated MSS.

By the way, the 421 message you get comes from the FTP client, not the

Quentin Garnier - -
"When I find the controls, I'll go where I like, I'll know where I want
to be, but maybe for now I'll stay right here on a silent sea."
KT Tunstall, Silent Sea, Eye to the Telescope, 2004.

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.6 (NetBSD)