Serv-u: Quick Build Powerful FTP server (ii)

Source: Internet
Author: User
Tags anonymous file upload ftp window ftp port number ftp protocol access port number
FTP Server |serv-u The first "Ftp-server" on the Setup menu in the Serv-u control window is used to set the FTP server overall. The first "FTP port number" in the window that appears after the selection is used to set the port numbers that the FTP server uses, and the FTP server will listen to all the visitors ' information through that port. In general, the FTP server's default port number is 21, but users can change freely according to their circumstances, as long as they can ensure that the port number used is not in conflict with other network applications. The point to note here is that using the server port that the user chooses is a good security precaution, and only the user and other users who know the port number can successfully connect to the server. Therefore, it is recommended that users use their own selected ports when setting up an FTP server, rather than simply using the default values.

The user then needs to set the maximum speed that the server can provide. In general, the user can empty this out, then the server will use all the possible bandwidth to provide services to customers. It is good to be able to provide maximum access to the user, but too many FTP users may eat up all the possible bandwidth, making other network applications almost impossible to implement. Therefore, it is important to have a reasonable control over the maximum bandwidth that the FTP server can occupy.

The next item is to set the maximum number of user visits allowed by the server. This allows users to limit the maximum number of FTP servers that can be accessed at the same time. If the entry is set to 0, the FTP server will deny any user access requirements, and if the item is vacated, Serv-u will not control the number of visitors until all system resources are exhausted. If users want their FTP servers to function properly, it is best to limit the number of visitors to the site. In general, even the older 486 machines, after using Serv-u, can provide access support for more than 20 users at the same time.

The first of a series of complex options after this is "start security features." If the user does not select the item, then anyone can access the FTP server directly through the network, and any files in the server are randomly copied, altered, or even deleted. In addition to those who have a small range of personal networks, do not want each login to repeat the user name, password and other tumultuous procedures, the user must ensure that the option has been selected, that is, the security of the server to start the function.

The next "ENCRYPT passwords" is automatically selected by default. In this way, Serv-u will use the same encryption mechanism as the UNIX operating system to encrypt and save the user's password. If the user does not choose to encrypt the password, all passwords entered by the user will be saved in plaintext in the Serv-u.ini file located in the Serv-u installation directory.

A subsequent entry is used to set whether anonymous access to the user input password is required. By default, the entry is blank so that users who use anonymous accounts to access the FTP server will not be required to enter a password. It is important to note that the detection of anonymous user passwords is very simple, as long as anonymous users enter any string that matches the format of the mail address, Serv-u will not further determine whether the e-mail address that the user entered is real.

The next step is to prevent the go-ahead. If the user chooses this option, Serv-u will adopt a new time billing approach, and those who want to prevent timeouts by periodically sending commands to the server will no longer succeed.

Subsequent options are used to set whether to delete files that do not have a full upload, if the user does not use the deletion function, then when a user uploads files to the FTP server in the process of error and did not realize the full file upload, Serv-u will be on the hard disk to retain the uploaded content, In order to achieve the upload file breakpoint continued transmission.

Here's what we're going to talk about across FTP attacks. Typically, when a file is transmitted using the FTP protocol, the client first issues a "port" command to the FTP server that contains the user's IP address and the port number that will be used for data transfer. After the server receives the command, it uses the user address information provided by the command to establish a connection with the user. In most cases, there is no problem with the above procedure, but when a client is a malicious user, the FTP server may be connected to other non-client machines by adding specific address information to the port command. Although the malicious user may not have the right to direct access to a particular machine, if the FTP server has access to the machine, then the malicious user, through the FTP server as an intermediary, will still be able to finally achieve the connection to the target server. This is what we refer to as cross server attacks. To prevent this from happening, users can select the "Prevent attacks across FTP servers" option so that Serv-u first verifies that the address information provided by the user is its true address before establishing a connection to any of the visitors. Everything is a two-way thing. We already know that using serv-u can prevent attacks across FTP servers, but we also give up the ability to transfer data between FTP servers and FTP servers. This is because the Serv-u only establishes a connection with those who provide the address that matches the actual address of the address provider, and the user will not be able to remotely control file transfers between two different FTP servers.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.