Creating an FTP Server

Bezerk · 24th July 2001, 4:18 PM

I was wondering how to set one up on an O@Home connection and whats involved...if its possible.

Do you need a third party app like Bulletproof & CuteFTP or can it be done with Win2k Server?

Does anyone have any good resources or links for a beginner.

Cheers

Rass · 24th July 2001, 4:57 PM

It's against the AUP..

But you need some FTP server software like Serv-U ..

Jump onto tucows and do a search for FTP server software.

IIS5 has it's own FTP server, but I dont liek it.

h2k · 24th July 2001, 5:58 PM

Coincidentally i just set one up myself today. I used Ftp serv-u, and it works nicely.

Manaz · 24th July 2001, 5:59 PM

Firstly, be aware that setting up any kind of server, if you're not sure what you're doing, can very easily open your PC up to attack by malicious parties on the Internet - a badly configured and secured FTP server (or any kind of server really) can make gaining access to your files, and then control of your PC, a LOT easier for someone who know what they're doing.

Secondly, as Rass mentioned, it *is* against the Optus@Home AUP, and if Optus find the server, it's quite likely that they will terminate your account, as per your contract.

If you were to have an Internet connection which you could run an FTP server on, you may wish to consider the following.

Win2K server comes with a set of services called Internet Information Services 5, which includes an FTP server service. You may have to fully install it, or if it's already installed, activate it. Be *very* careful of what directories you give access to - I'd strongly suggest NOT running with the standard directory setup it gives you, and I'd also suggest running it on a different logical drive to your system disk (run it on D: for example, rather than on C

. This is to help you avoid falling victim to some of the security holes in IIS5 (there are patches available to fix the known security holes, but others may pop up in the future.

There are several 3rd party FTP server applications available for Windows - I have personally used, and recommend, Serv-U if you're not happy with what IIS gives you. However, again, before installing, check to see what security problems installing such a program may cause you. In the case of either IIS or 3rd party software, you *may* wish to run the service on a non-standard port - most people who try to exploit FTP servers will be looking for the default port, port 21 - by changing the port to something non-standard (put it high, up in the 5-figure range to avoid clashing with any other standard services), you can reduce the chance of the FTP server being found, and therefor the chance that someone will try to breach your security.

Bezerk · 24th July 2001, 6:06 PM

Thanks for the info guys

Gandalf · 24th July 2001, 6:30 PM

If you setup any kind of MS server keep a very close eye on their security fixes - they come out often and usually after the hackers have found them.

e.g. there were 25 security fixes for IIS in the last 12 months.

If security is important, consider using a Linux FTP server.

have a look at http://www.clarkconnect.org/

very easy to setup and secure.

spectral · 24th July 2001, 6:42 PM

Aus-cert released many more IIS-related holes and vunerabilities than 25 in the last 12 months. However, the amount of patches for Unix based systems is just as high. BIND, NIS (YP), telnet and apache also have their holes.

I'm not recommending the MS product over the unix equivelent, just noting that regardless of platform, make sure you keep up to date with the patches. The amount of portscans etc performed on my "router" box at home (o@h) is very high, so there obviously people/bots out there having a very close look at your system.

Bezerk · 24th July 2001, 7:35 PM

I can't seem to get my head around how IP addressing works Serv-U. I'm using a gateway router, if my internal ip address is 192.168.0.2, how will that affect assigning the IP address to Serv-U, and what will be the "ftp://address" that i actually look for when setup.

Is it something like ftp://login

assword@Bezerksftp.com:21
or ftp://login

assword@192.164.3.198:21

Mort · 24th July 2001, 11:16 PM

Your router will have to support some form of port re-direction or NAT.

On the gateway you need to tell it that any requests it recieved on the FTP port should be directed to the IP address you use internally... but it can't be tricky to get working without opening a heap of holes in your security if you don't know what you are doing...

BurnFEST · 25th July 2001, 12:33 AM

Quote:

Originally posted by Bezerk
I can't seem to get my head around how IP addressing works Serv-U. I'm using a gateway router, if my internal ip address is 192.168.0.2, how will that affect assigning the IP address to Serv-U, and what will be the "ftp://address" that i actually look for when setup.

Is it something like ftp://loginassword@Bezerksftp.com:21
or ftp://loginassword@192.164.3.198:21

If you put it on the computer with the direct connection to the internet, it will look like ftp://login

ass@12.34.56.78:21
Just replace 12.34.56.78 with your OUTSIDE IP address, not the internal network one.

Also if dont want it to be your IP address, check our www.dyndns.org , its a free Dynamic DNS service.

Burn.

Gandalf · 25th July 2001, 8:27 AM

Quote:

Originally posted by spectral
Aus-cert released many more IIS-related holes and vunerabilities than 25 in the last 12 months. However, the amount of patches for Unix based systems is just as high. BIND, NIS (YP), telnet and apache also have their holes.

True, but far fewer than MS.
Look at this article "Apache avoids most security woes" on ZDNET.
http://www.zdnet.com/eweek/stories/g...792860,00.html

As it points out, the last serious security hole in Apache where hackers could run their own code was in 1997, and for IIS look at the current Red Code panic.

chrisc37 · 25th July 2001, 9:50 AM

Personally, I wouldnt use IIS for any internet based services unless someone held a gun to my head! waaaay to many exploits for this platform. Seems as though theres a new one each week. Admittedly you can apply all the patches and keep up to date, but what about the (currently) unknown ones? FTPServ-U is much easier to set up, and has much less of a performance overhead on your box. There has been some exploits found for older versions, but its certainly a lot fewer than IIS!!!!

jamesrowe3 · 26th July 2001, 5:05 PM

Well, I have been currently using Guild FTP, and before that Ws_ftp which was a problem. I mainly use it for IRC or uploads. Also do you think that this software is safe??

jamesrowe3 · 26th July 2001, 5:31 PM

Also can a strong Firewall stop people from viewing your PC content??

pleb · 26th July 2001, 5:56 PM

it can if it doesnt open any ports, and doesnt allow any connections out.

:P

24th July 2001, 4:18 PM	#1
Bezerk Member Join Date: Jun 2001 Location: Brisbane Posts: 754	Creating an FTP Server I was wondering how to set one up on an O@Home connection and whats involved...if its possible. Do you need a third party app like Bulletproof & CuteFTP or can it be done with Win2k Server? Does anyone have any good resources or links for a beginner. Cheers

24th July 2001, 4:57 PM	#2
Rass Member Join Date: Jun 2001 Location: Brizbekistan Posts: 2,612	It's against the AUP.. But you need some FTP server software like Serv-U .. Jump onto tucows and do a search for FTP server software. IIS5 has it's own FTP server, but I dont liek it. __________________ http://www.youtube.com/watch?v=ATBl4qH9I54

24th July 2001, 5:58 PM	#3
h2k Member Join Date: Jun 2001 Location: Canada Posts: 154	Coincidentally i just set one up myself today. I used Ftp serv-u, and it works nicely. __________________ System Specs: Asus Tusl2-C Motherboard; Celeron 1100@1496 Gf3 Ti200; 30gb maxtor ata 100 7200rpm; 512mb ram PC133 Generic Soundblaster Live! Value; WinTV-GO;Netgear MA401 Wireless USB;

24th July 2001, 5:59 PM	#4
Manaz (Damned or Belated) Join Date: Jun 2001 Location: Sydney, Australia Posts: 4,797	Firstly, be aware that setting up any kind of server, if you're not sure what you're doing, can very easily open your PC up to attack by malicious parties on the Internet - a badly configured and secured FTP server (or any kind of server really) can make gaining access to your files, and then control of your PC, a LOT easier for someone who know what they're doing. Secondly, as Rass mentioned, it is against the Optus@Home AUP, and if Optus find the server, it's quite likely that they will terminate your account, as per your contract. If you were to have an Internet connection which you could run an FTP server on, you may wish to consider the following. Win2K server comes with a set of services called Internet Information Services 5, which includes an FTP server service. You may have to fully install it, or if it's already installed, activate it. Be very careful of what directories you give access to - I'd strongly suggest NOT running with the standard directory setup it gives you, and I'd also suggest running it on a different logical drive to your system disk (run it on D: for example, rather than on C. This is to help you avoid falling victim to some of the security holes in IIS5 (there are patches available to fix the known security holes, but others may pop up in the future. There are several 3rd party FTP server applications available for Windows - I have personally used, and recommend, Serv-U if you're not happy with what IIS gives you. However, again, before installing, check to see what security problems installing such a program may cause you. In the case of either IIS or 3rd party software, you may wish to run the service on a non-standard port - most people who try to exploit FTP servers will be looking for the default port, port 21 - by changing the port to something non-standard (put it high, up in the 5-figure range to avoid clashing with any other standard services), you can reduce the chance of the FTP server being found, and therefor the chance that someone will try to breach your security.

24th July 2001, 6:30 PM	#6
Gandalf Member Join Date: Jun 2001 Location: Brisbane Posts: 371	If you setup any kind of MS server keep a very close eye on their security fixes - they come out often and usually after the hackers have found them. e.g. there were 25 security fixes for IIS in the last 12 months. If security is important, consider using a Linux FTP server. have a look at http://www.clarkconnect.org/ very easy to setup and secure. __________________ "The best game is a new Linux distro" www.qldcorp.net

24th July 2001, 6:06 PM	#5
Bezerk Member Join Date: Jun 2001 Location: Brisbane Posts: 754	Thanks for the info guys

24th July 2001, 6:42 PM	#7
spectral rebmeM Join Date: Jun 2001 Posts: 11,540	Aus-cert released many more IIS-related holes and vunerabilities than 25 in the last 12 months. However, the amount of patches for Unix based systems is just as high. BIND, NIS (YP), telnet and apache also have their holes. I'm not recommending the MS product over the unix equivelent, just noting that regardless of platform, make sure you keep up to date with the patches. The amount of portscans etc performed on my "router" box at home (o@h) is very high, so there obviously people/bots out there having a very close look at your system. __________________ "Simplicate then add lightness" - Colin Chapman

24th July 2001, 7:35 PM	#8
Bezerk Member Join Date: Jun 2001 Location: Brisbane Posts: 754	I can't seem to get my head around how IP addressing works Serv-U. I'm using a gateway router, if my internal ip address is 192.168.0.2, how will that affect assigning the IP address to Serv-U, and what will be the "ftp://address" that i actually look for when setup. Is it something like ftp://loginassword@Bezerksftp.com:21 or ftp://loginassword@192.164.3.198:21

24th July 2001, 11:16 PM	#9
Mort Member Join Date: Jun 2001 Location: Sydney Posts: 237	Your router will have to support some form of port re-direction or NAT. On the gateway you need to tell it that any requests it recieved on the FTP port should be directed to the IP address you use internally... but it can't be tricky to get working without opening a heap of holes in your security if you don't know what you are doing...

25th July 2001, 9:50 AM	#12
chrisc37 Member Join Date: Jul 2001 Location: Townsville Posts: 381	Personally, I wouldnt use IIS for any internet based services unless someone held a gun to my head! waaaay to many exploits for this platform. Seems as though theres a new one each week. Admittedly you can apply all the patches and keep up to date, but what about the (currently) unknown ones? FTPServ-U is much easier to set up, and has much less of a performance overhead on your box. There has been some exploits found for older versions, but its certainly a lot fewer than IIS!!!!

26th July 2001, 5:05 PM	#13
jamesrowe3 Member Join Date: Jul 2001 Location: Sydney- Australia Posts: 44	Well, I have been currently using Guild FTP, and before that Ws_ftp which was a problem. I mainly use it for IRC or uploads. Also do you think that this software is safe??

26th July 2001, 5:31 PM	#14
jamesrowe3 Member Join Date: Jul 2001 Location: Sydney- Australia Posts: 44	Also can a strong Firewall stop people from viewing your PC content??

26th July 2001, 5:56 PM	#15
pleb Member Join Date: Jun 2001 Location: perth Posts: 244	it can if it doesnt open any ports, and doesnt allow any connections out. :P __________________ i am become death, the destroyer of worlds "Not only do these people reach erroneous conclusions and make unfortunate choices, but their incompetence robs them of the metacognitive ability to realize it"