Soupspoon
25th August 2006, 08:55
Thought this might be useful for someone. I wrote it a long while ago but it works fine. An ftp server is useful for sharing documents, images, films or anything else that's computer-sharable without having to go through a third-party website (thus keeping the fact that you're sharing stuff to yourself and out of the way of busybodies).
Setting up BulletProof FTP Server
You'll need BulletProof FTP Server (look on one of the torrent sites) and these instructions (just in case you wouldn't know an ftp server from a hole in the ground).
.............................
I'll assume that you've a) installed BulletProof and b) set up a couple of folders on your hard drive, let's say c:/ftp with subfolders c:/ftp/software and c:/ftp/upload.
Open BulletProof and click on the single-face icon on the row, sixth from the right (User Accounts). This brings up a second screen where you can set up the accounts. Right-click in the white space over on the right and select Add. Pick a username, which we'll call Jarmin. Okay that and you'll see that the username appears in the middle-bottom row of boxes, in Log-in. If you want people to log-in with a name and a password of your choosing, delete the password provided and choose one.
Right-click in the big box named Access Rights, and click Add. This is where you select which part of your computer people have access to and what kind of access they have. Browse to your c:/ftp folder then look at the row on the right, where it says Files and Directories. Most of these are self-evident - in the Files section everyone is going to need Read access so you can check that. Write access is necessary only if you're allowing people to Upload files to you. Delete probably won't be needed (why would you want someone deleting files, except the RIAA possibly?). Append is important and should be checked - this gives the up/downloader the ability to Resume in the event of a the server or their machine getting cut off somehow.
In the Directories/Folders section only select Make and Delete if you want people to be able to create or get rid of folders. Personally I consider that your provision of an Uploads folder covers that - if everything is uploaded to the same place, it makes it easier to virus scan before moving it into its own folders within your c:/software folder. List and Sub-dirs are pretty sef-evident too. If you don't check these, no-one will be able to see the folders beneath c:/ftp.
I generally check 1,2 and 4 in the top list and 2 and 4 in the bottom. When you've made your selections, click Select.
Bear with me. We're nearly there...
Go to Miscellaneous and check Enable Account and Enable time-out. The first is obvious, the second less so. For some reason, the nature of which escapes me completely, some people seem content to get connected to an ftp server then sit there for hours on end doing sod all. A thing called a NOOP command keeps the connection alive. If you do what most sensible people do and limit the amount of people who can connect to your machine at any one time (thus ensuring reasonable up/download speeds for everybody) the last thing you want is some dick sitting there taking up unnecessary space that somebody else could make use of. Enable the time-out then (I set mine at 300 seconds, giving these fools five minutes to annoy me then push off). At the same time UNcheck Allow NOOP command down at the bottom of this section.
Set the maximum number of users and the amount of connections they can have each. I'm a real thug here - I tend to set both of these to 5. You could try the Max Users on 10 to start with (if you've got good speed) then reduce it if necessary.
Check Show relative path.
Click on Okay and you're back on your start scren.
Go to Setup/Main and click the two items on the top line then check Limit User/Pass to 10 tries and select Kick. That just means someone who continues to try to make connections after they've reached the max you'll allow will be booted - temporarily.
Go to Advanced and check Server allows Uploads and downloads (or whichever you choose). Set Server priority to High. Check Block server to server transfer. God knows what that really means but I'm told you should have that checked.
Play at being God for a moment. You'll soon notice that some people will attempt to get on when the server is full but instead of going away and coming back later like any other rational human, they'll hammer constantly until (they wish) they get in. This doesn't achieve anything except to annoy the server owner (you) and slow things down so get your revenge by setting up the Anti-hammer. Mine is set to block for 10 minutes if there are more that 10 attempts in 45 seconds. This implies that an ftp client has been set to hammer your machine until you let it in. Block 'em. If they continue to hammer even after being blocked (and they will have received a message at their end telling them they are blocked) use your firewall to lock out the IP.
If you have a static IP number, put it into the big box in the Dynamic IP section but DO NOT check the Enable IP changes monitor box.
Check Okay.
I never use any of the rest of the settings at all but obviously you'll want to take a good look through them and find out more, but basically you're ready to rock at this stage. If you want me to check it out (and make sure you haven't offered your entire hard drive to the world), send me a PM or email at [email protected]
...........
When you want to allow access, you can do it two ways
Code:
ftp://nn.nn.nn.nn/
User - Jarmin
Pass - Jarminspassword
or if you want to allow a user access ONLY to a specified file, you follow this form
Code:
ftp://Jarmin:[email protected]
(having already specified precisely which file Jarmin is allowed access to in User Accounts/Access Rights).
I forgot to mention - if you check in Setup/Main/General, you can easily change the port number that the server uses - handy to avoid scanners that are looking for ftp ports specifically and for ISP's that don't approve of us people who pay them for our access running our own servers - best not to use 21 then. If you do this, you'll have to change the way you show your links. The two examples from above would have to be changed thus:
Code:
ftp://nn.nn.nn.nn:portnumber
Code:
ftp://Jarmin:[email protected]:portnumber
portnumber being anything that doesn't conflict with anything else on your system. I just changed mine to 10000, which doesn't seem to be used for anything else.
...........................
Further to the post above, here are some server ports you would probably do well to avoid. Bear in mind that whichever port you decide to use (and select), the port number below it is also used - one is in and the other out.
Ports below 1024 are defined by the IANA. They are called the Well-Known Ports.
20 FTP data (File Transfer Protocol)
21 FTP (File Transfer Protocol)
22 SSH (Secure Shell)
23 Telnet
25 SMTP (Send Mail Transfer Protocol)
43 whois
53 DNS (Domain Name Service)
68 DHCP (Dynamic Host Control Protocol)
79 Finger
80 HTTP (HyperText Transfer Protocol)
110 POP3 (Post Office Protocol, version 3)
115 SFTP (Secure File Transfer Protocol)
119 NNTP (Network New Transfer Protocol)
123 NTP (Network Time Protocol)
137 NetBIOS-ns
138 NetBIOS-dgm
139 NetBIOS
143 IMAP (Internet Message Access Protocol)
161 SNMP (Simple Network Management Protocol)
194 IRC (Internet Relay Chat)
220 IMAP3 (Internet Message Access Protocol 3)
389 LDAP (Lightweight Directory Access Protocol)
443 SSL (Secure Socket Layer)
445 SMB (NetBIOS over TCP)
666 Doom
993 SIMAP (Secure Internet Message Access Protocol)
995 SPOP (Secure Post Office Protocol)
Ports between 1024 and 29151 are known as the Registered Ports. Basically, programs are supposed to register their use of these ports and thereby try to be careful and avoid stomping on each other. Here are some common ports and their programs.
1243 SubSeven (Trojan - security risk!)
1352 Lotus Notes
1433 Microsoft SQL Server
1494 Citrix ICA Protocol
1521 Oracle SQL
1604 Citrix ICA / Microsoft Terminal Server
2049 NFS (Network File System)
3306 mySQL
4000 ICQ
5010 Yahoo! Messenger
5190 AOL Instant Messenger
5632 PCAnywhere
5800 VNC
5900 VNC
6000 X Windowing System
6699 Napster
6776 SubSeven (Trojan - security risk!)
7070 RealServer / QuickTime
7778 Unreal
8080 HTTP
26000 Quake
27010 Half-Life
27960 Quake III
31337 BackOrifice (Trojan - security risk!)
List pinched from Asta forum a while back (thank you to whoever posted these originally).
Setting up BulletProof FTP Server
You'll need BulletProof FTP Server (look on one of the torrent sites) and these instructions (just in case you wouldn't know an ftp server from a hole in the ground).
.............................
I'll assume that you've a) installed BulletProof and b) set up a couple of folders on your hard drive, let's say c:/ftp with subfolders c:/ftp/software and c:/ftp/upload.
Open BulletProof and click on the single-face icon on the row, sixth from the right (User Accounts). This brings up a second screen where you can set up the accounts. Right-click in the white space over on the right and select Add. Pick a username, which we'll call Jarmin. Okay that and you'll see that the username appears in the middle-bottom row of boxes, in Log-in. If you want people to log-in with a name and a password of your choosing, delete the password provided and choose one.
Right-click in the big box named Access Rights, and click Add. This is where you select which part of your computer people have access to and what kind of access they have. Browse to your c:/ftp folder then look at the row on the right, where it says Files and Directories. Most of these are self-evident - in the Files section everyone is going to need Read access so you can check that. Write access is necessary only if you're allowing people to Upload files to you. Delete probably won't be needed (why would you want someone deleting files, except the RIAA possibly?). Append is important and should be checked - this gives the up/downloader the ability to Resume in the event of a the server or their machine getting cut off somehow.
In the Directories/Folders section only select Make and Delete if you want people to be able to create or get rid of folders. Personally I consider that your provision of an Uploads folder covers that - if everything is uploaded to the same place, it makes it easier to virus scan before moving it into its own folders within your c:/software folder. List and Sub-dirs are pretty sef-evident too. If you don't check these, no-one will be able to see the folders beneath c:/ftp.
I generally check 1,2 and 4 in the top list and 2 and 4 in the bottom. When you've made your selections, click Select.
Bear with me. We're nearly there...
Go to Miscellaneous and check Enable Account and Enable time-out. The first is obvious, the second less so. For some reason, the nature of which escapes me completely, some people seem content to get connected to an ftp server then sit there for hours on end doing sod all. A thing called a NOOP command keeps the connection alive. If you do what most sensible people do and limit the amount of people who can connect to your machine at any one time (thus ensuring reasonable up/download speeds for everybody) the last thing you want is some dick sitting there taking up unnecessary space that somebody else could make use of. Enable the time-out then (I set mine at 300 seconds, giving these fools five minutes to annoy me then push off). At the same time UNcheck Allow NOOP command down at the bottom of this section.
Set the maximum number of users and the amount of connections they can have each. I'm a real thug here - I tend to set both of these to 5. You could try the Max Users on 10 to start with (if you've got good speed) then reduce it if necessary.
Check Show relative path.
Click on Okay and you're back on your start scren.
Go to Setup/Main and click the two items on the top line then check Limit User/Pass to 10 tries and select Kick. That just means someone who continues to try to make connections after they've reached the max you'll allow will be booted - temporarily.
Go to Advanced and check Server allows Uploads and downloads (or whichever you choose). Set Server priority to High. Check Block server to server transfer. God knows what that really means but I'm told you should have that checked.
Play at being God for a moment. You'll soon notice that some people will attempt to get on when the server is full but instead of going away and coming back later like any other rational human, they'll hammer constantly until (they wish) they get in. This doesn't achieve anything except to annoy the server owner (you) and slow things down so get your revenge by setting up the Anti-hammer. Mine is set to block for 10 minutes if there are more that 10 attempts in 45 seconds. This implies that an ftp client has been set to hammer your machine until you let it in. Block 'em. If they continue to hammer even after being blocked (and they will have received a message at their end telling them they are blocked) use your firewall to lock out the IP.
If you have a static IP number, put it into the big box in the Dynamic IP section but DO NOT check the Enable IP changes monitor box.
Check Okay.
I never use any of the rest of the settings at all but obviously you'll want to take a good look through them and find out more, but basically you're ready to rock at this stage. If you want me to check it out (and make sure you haven't offered your entire hard drive to the world), send me a PM or email at [email protected]
...........
When you want to allow access, you can do it two ways
Code:
ftp://nn.nn.nn.nn/
User - Jarmin
Pass - Jarminspassword
or if you want to allow a user access ONLY to a specified file, you follow this form
Code:
ftp://Jarmin:[email protected]
(having already specified precisely which file Jarmin is allowed access to in User Accounts/Access Rights).
I forgot to mention - if you check in Setup/Main/General, you can easily change the port number that the server uses - handy to avoid scanners that are looking for ftp ports specifically and for ISP's that don't approve of us people who pay them for our access running our own servers - best not to use 21 then. If you do this, you'll have to change the way you show your links. The two examples from above would have to be changed thus:
Code:
ftp://nn.nn.nn.nn:portnumber
Code:
ftp://Jarmin:[email protected]:portnumber
portnumber being anything that doesn't conflict with anything else on your system. I just changed mine to 10000, which doesn't seem to be used for anything else.
...........................
Further to the post above, here are some server ports you would probably do well to avoid. Bear in mind that whichever port you decide to use (and select), the port number below it is also used - one is in and the other out.
Ports below 1024 are defined by the IANA. They are called the Well-Known Ports.
20 FTP data (File Transfer Protocol)
21 FTP (File Transfer Protocol)
22 SSH (Secure Shell)
23 Telnet
25 SMTP (Send Mail Transfer Protocol)
43 whois
53 DNS (Domain Name Service)
68 DHCP (Dynamic Host Control Protocol)
79 Finger
80 HTTP (HyperText Transfer Protocol)
110 POP3 (Post Office Protocol, version 3)
115 SFTP (Secure File Transfer Protocol)
119 NNTP (Network New Transfer Protocol)
123 NTP (Network Time Protocol)
137 NetBIOS-ns
138 NetBIOS-dgm
139 NetBIOS
143 IMAP (Internet Message Access Protocol)
161 SNMP (Simple Network Management Protocol)
194 IRC (Internet Relay Chat)
220 IMAP3 (Internet Message Access Protocol 3)
389 LDAP (Lightweight Directory Access Protocol)
443 SSL (Secure Socket Layer)
445 SMB (NetBIOS over TCP)
666 Doom
993 SIMAP (Secure Internet Message Access Protocol)
995 SPOP (Secure Post Office Protocol)
Ports between 1024 and 29151 are known as the Registered Ports. Basically, programs are supposed to register their use of these ports and thereby try to be careful and avoid stomping on each other. Here are some common ports and their programs.
1243 SubSeven (Trojan - security risk!)
1352 Lotus Notes
1433 Microsoft SQL Server
1494 Citrix ICA Protocol
1521 Oracle SQL
1604 Citrix ICA / Microsoft Terminal Server
2049 NFS (Network File System)
3306 mySQL
4000 ICQ
5010 Yahoo! Messenger
5190 AOL Instant Messenger
5632 PCAnywhere
5800 VNC
5900 VNC
6000 X Windowing System
6699 Napster
6776 SubSeven (Trojan - security risk!)
7070 RealServer / QuickTime
7778 Unreal
8080 HTTP
26000 Quake
27010 Half-Life
27960 Quake III
31337 BackOrifice (Trojan - security risk!)
List pinched from Asta forum a while back (thank you to whoever posted these originally).