Hello - I'm having a bit of a problem with ftps. I can upload files in passive mode, but not in stand(?) mode. Can someone briefly explain a few questions that I have.

Is passive mode non-secure? When using ftps, is my ID & password broadcast over the net in clear text like telnet or standard ftp?

I am able to connect, but when I try to do anything I get the following;
ftps> ls
500 Illegal PORT command.
ftps: bind: Address already in use

I called my isp and they have the classic answer. "We don't support networks."

I have a RH 8.0 machine and a Netgear Firewall/router. I don't care if the data isn't encripted, I'm concerned about my password.

Thanks.

I've never used ftps but as an alternative, look into sftp. This comes with the OpenSSH package and doesn't use FTP's regular port. Just make sure sshd is running and then simply do

sftp user@somesite.com

All transfers will be encrypted, and it supports pretty much the most common FTP commands.

Thanks. But, I tried sftp. It just hangs when I try to connect.

don't know if you mean sftp or ftps as you wrote
i'll start with sftp

sftp has nothing to do with FTP and is file transfer using
SSH2 (scp2) which in and of itself is interesting.
I don't know but it seems to use sftp the server willl have to be running SSH or OpenSSH ect.....
Your ISP should at least be able to tell you if they are running SSH
but ........ we all know the story
perhaps as the other poster has said the address to SSH is
user@isp.com
is different from the FTP address ftp.isp.com
????????

If the ISP server is not running a secure system then you cannot keep
your password secure unfortunately.

that mat be what you are talking about --
sftp works only in binary mode ! (passive)
there is no ascii (standard) mode

Return Code 500 from an FTP server simply means it didn't understand the command.
the server doesn't understand the client.

if on the other hand you mean ftps as you put it's kind of a new and adventurious idea -- just ignore the crap that follows if sftp is what you ment !

FTPS is a protocol -- so we need to know what client you are using

there are two old (early) ways of implementing FTPS
neither conform to the standard as it is now (RFC-2228)
the first uses SSL on a seperate port
(990) to negotiate the secure connection like HTTPS
the second used AUTH SSL -- this is old and never got settled what the
codes should be
The generally accepted protocol for FTPS uses TLS

http://www.ietf.org/rfc/rfc2246.txt

if you are actually trying FTPS try

ftp://ftp.runestig.com/pub/ftp-tls/

I am trying to use ftps. Per man;
FTPS(1) BSD General Commands Manual FTPS(1)

NAME
ftps − ARPANET file transfer program

In secure mode, my ISP accecpts TLS/SSL.
As I said, I'm not worried so much about the data going across the net, it's my ID and password that I'm worried about. So, I don't know if the ID and password is encrypted or the data or both.

Using PASV is the answer.
the bsd client should work fine just always use passive.
this will replace the PORT command with PASV.
any time the client sends out the default PORT command you will get the error.
it's just as secure if not more so to use PASV.

the problem is the firewall like you said.
In the default mode you actually have a kind of server to server connection.
see (Firewall-Friendly client/server data exchange as discussed in [RFC-1579]) .
http://www.faqs.org/rfcs/rfc1579.html

the problem(just for fun):
in the default mode.
You requests that the firewall open a port.
firewall obtains a port and returns it to you.
you send the firewall port number to the ftp server.
ftp server calls connect to the firewall.
then you send or receive request to the firewall.
the problem is -- the firewall is the PASV host and is also the client
for the Data Connection.
the ftp server sends out the secondary TCP (open) call
to your firewall. The firewall says (no way) no random incoming stuff
can come in here.
However when you send the PASV comand to the ftp server
it opens a TCP port on the server and it sends you the port
number.
you then do an active open and establish the TCP
connection from your end through the firewall.
outgoing data to establish the TCP connection instead of data
comming in to your firewall.

Thanks for the info. and link. Should I be concerned about my ID & PW? Will it be sent out in clear text?

no it's all encrypted even including server and client certificate authentication, with all data including password username encrypted as well as any files transfered. 24 bit encryption (16 million possible combinations)
generated at random.
no FTP is really 100% secure however.
someone could always hyjack the TCP connection before your machine can get back and connect to the open server port. But i don't think this is a problem for you especially since your connecting outbound to the TCP
connection PASV (that's why the firewall won't let it go the other way)
I think is't really just a problem for the server making it vulnerable to intrusion. but not very vulnerable,
I don't think there is any way for anyone to eavsdrop on your password.
the possibility of hyjacking TCP on a linux box is somewhere in the
0.05% possible range...
in otherwords - very secure- almost impossible to crack

Thanks for your help.