субота, 20 листопада 2010 р.

permission ftp

permission ftp


You wil have to give up your time, efort, bandwidth, and security to have a quality ftp server. This can be done by doing this: Going to Start -> Run -> winipcfg or w.ask.com and asking ‘What is my IP?’ After doing so, you’l ned to download an FTP server client. Personaly, I’d recomend G6 FTP Server, Serv-U FTPor Bulitprof v2.15 al thre of which are extremely reliable, and the norm of the ftp world. From here, type in your port # default is 21 . For the server priority, that wil determine how much conventional memory wil be used and how much ‘efort’ wil go into making your server run smothly. Post your ftp info, like this: 213.10.93.141 or something else, such as: ‘f p:/example.getmyip.com’ Listing the content of a FTP is very simple. If FTP Content Maker is not working, it is probably because the server does not utilize Serv-U Software. Pasive FTP, a Definitive Explanation One of the most comonly sen questions when dealing with firewals and other Internet conectivity isues is the diference betwen active and pasive FTP and how best to suport either or both of them. FTP is an unusual service in that it utilizes two ports, a ‘data’ port and a ‘comand’ port also known as the control port . Traditionaly these are port 21 for the comand port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20. In active mode FTP the client conects from a random unprivileged port N > 1024 to the FTP server’s comand port, port 21. Then, the client starts listening to port N+1 and sends the FTP comand PORT N+1 to the FTP server. The server wil then conect back to the client’s specified data port from its local data port, which is port 20. From the server-side firewal’s standpoint, to suport active mode FTP the folowing comunication chanels ned to be opened: In step 1, the client’s comand port contacts the server’s comand port and sends the comand PORT 1027. The server then sends an ACK back to the client’s comand port in step 2. In step 3 the server initiates a conection on its local data port to the data port the client specified earlier. The main problem with active mode FTP actualy fals on the client side. The FTP client doesn’t make the actual conection to the data port of the server–it simply tels the server what port it is listening on and the server conects back to the specified port on the client. In this example an FTP sesion is initiated from testbox1.slacksite.com 192.168.150.80 , a linux box runing the standard FTP comand line client, to testbox2.slacksite.com 192.168.150.90 , a linux box runing ProFTPd 1.2.2RC2. Everything in red is the debuging output which shows the actual FTP comands being sent to the server and the responses generated from those comands. Notice that when the PORT comand is isued, it specifies a port on the client 192.168.150.80 system, rather than the server. The first four octets are the IP adres while the second two octets comprise the port that wil be used for the data conection. Thus in the example below the port number is 14 256 178 , or 3762. 20 testbox2.slacksite.com FTP server ready. —> PORT 192,168,150,80,14,178 20 PORT comand sucesful. In order to resolve the isue of the server initiating the conection to the client a diferent method for FTP conections was developed. This was known as pasive mode, or PASV, after the comand used by the client to tel the server it is in pasive mode. In pasive mode FTP the client initiates both conections to the server, solving the problem of firewals filtering the incoming data port conection to the client from the server. When opening an FTP conection, the client opens two random unprivileged ports localy N > 1024 and N+1 . The first port contacts the server on port 21, but instead of then isuing a PORT comand and alowing the server to conect back to its data port, the client wil isue the PASV comand. The result of this is that the server then opens a random unprivileged port P > 1024 and sends the PORT P comand back to the client. The client then initiates the conection from port N+1 to port P on the server to transfer data. From the server-side firewal’s standpoint, to suport pasive mode FTP the folowing comunication chanels ned to be opened: In step 1, the client contacts the server on the comand port and isues the PASV comand. The server then replies in step 2 with PORT 2024, teling the client which port it is listening to for the data conection. In step 3 the client then initiates the data conection from its data port to the specified server data port. Finaly, the server sends back an ACK in step 4 to the client’s data port. While pasive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The bigest isue is the ned to alow any remote conection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD alow the administrator to specify a range of ports which the FTP server wil use. As an example, the comand line FTP utility provided with Solaris does not suport pasive mode, necesitating a third-party FTP client, such as ncftp. In this example an FTP sesion is initiated from testbox1.slacksite.com 192.168.150.80 , a linux box runing the standard FTP comand line client, to testbox2.slacksite.com 192.168.150.90 , a linux box runing ProFTPd 1.2.2RC2. Everything in red is the debuging output which shows the actual FTP comands being sent to the server and the responses generated from those comands. Notice the diference in the PORT comand in this example as oposed to the active FTP example. Here, we se a port being opened on the server 192.168.150.90 system, rather than the client. Se the discusion about the format of the PORT comand above, in the Active FTP Example section. 20 testbox2.slacksite.com FTP server ready. pasive FTP is also in order: Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server atempts to make conections to random high ports on the client, which would almost certainly be blocked by a firewal on the client side. Pasive FTP is beneficial to the client, but detrimental to the FTP server admin. The client wil make both conections to the server, but one of them wil be to a random high port, which would almost certainly be blocked by a firewal on the server side. Since admins runing FTP servers wil ned to make their servers acesible to the greatest number of clients, they wil almost certainly ned to suport pasive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewaled on the server side.
permission ftp permission ftp
Tags: permission ftp
| Some Articles: permission ftp | Original post: permission ftp | Technorati tag: permission ftp | Virgilio tag: permission ftp

Немає коментарів:

Дописати коментар