Serv-U: quickly build powerful FTP servers
The rapid development of the Internet provides people with unprecedented information resources. More and more people hope to have their own online homes when enjoying the new experience brought by the Internet. In today's popular Internet applications, WWW and FTP file transmission are the most popular. This article will introduce in detail how to build a complete FTP server in the shortest time by combining the powerful, user-friendly, and easy-to-use FTP Server Software Serv-U. In addition to the specific installation and configuration instructions, this article will also involve some knowledge required to use FTP, hoping to help the majority of users.
I. Introduction
Serv-U is currently one of the many FTP server software. By using Serv-U, users can set any PC as an FTP server, so that users or other users can use the FTP protocol, restore files or directories by connecting any PC on the same network to the FTP server
System, move, create, and delete. The FTP protocol mentioned here is used to specify the standards and rules for file transfer between computers. It is precisely because of a special protocol such as FTP, so that people can use different types of operating systems to transfer different types of files through different types of computers.
Although the FTP server has a wide variety of software and each has its own advantages, Serv-U is able to show its unique features. Specifically, Serv-U provides the following functions:
User-friendly and easy to understand.
Supports real-time multi-user connections and anonymous user access. by limiting the maximum number of users at the same time, the PC can run properly.
Outstanding security performance. You can set security measures at both the Directory and file levels. It provides different settings for different users and supports group management for a large number of users. Users can be granted or denied access permissions based on IP addresses.
Supports resumable upload during file upload and download.
Supports multiple host sites with multiple IP addresses.
You can set the upload/download ratio, hard disk space quota, and network bandwidth to ensure that your limited resources are not consumed by a large number of FTP users.
Can be used as the system service backend.
You can set the display information when a user logs on or exits, and support UNIX-style external links.
The above list is only part of the Serv-U many functions. The specific usage will be described in detail below. Here we want to explain a little bit, Serv-U is fully functional, powerful, easy-to-use operation interface, you can say everything is under control.
Ii. Instructions for use
All settings that users may encounter when using Serv-U can be implemented through the menu options in the Serv-U window. If the Serv-U control window is not displayed on the screen when you start Serv-U after Serv-U is installed, right-click the Serv-U icon in the system tray of the task bar, and select the first "Show Window" in the pop-up menu ", in this way, the control window of Serv-U is displayed.
3. Set up an FTP server
The first FTP-SERVER in the SETUP menu in the Serv-U control window is used to set the overall FTP server. The first "ftp port number" in the window that appears after selection is used to set the port number used by the FTP server. The FTP server listens to information of all visiting users through this PORT. Generally, the default port number of the FTP server is 21, but you can change it as needed, as long as the port number is not in conflict with other network applications. It should be noted that using the server port selected by the user can play a very good role in security defense, only users who know the port number can successfully connect to the server. Therefore, it is recommended that you use the selected port when setting the FTP server, instead of simply using the default value.
Then you need to set the maximum speed that the server can provide. In general, the user can leave this blank, then the server will use all possible bandwidth to provide services to the customer. It is certainly good to provide users with the maximum access speed, but too many FTP users may eat away all possible bandwidth, making it almost impossible for other network applications to achieve. Therefore, it is important to properly control the maximum bandwidth occupied by the FTP server.
Next, set the maximum user access allowed by the server. Here, you can limit the maximum number of users who can access the FTP server within the same period of time. If this option is set to 0, the FTP server rejects any user access requests. If this option is left blank, Serv-U will not control the number of visitors, until all system resources are exhausted. If you want your FTP server to run properly, you 'd better limit the number of visiting users. In general, even the old 486 machines, after using Serv-U, can provide access support for more than 20 users at the same time.
The first option in a series of subsequent retries is "enable security feature ". If this option is not selected, anyone can directly access the FTP server through the network and copy, modify, or even delete any files on the server. Except for those who have a small range of personal networks and do not want to repeatedly enter usernames, passwords, and other complex procedures for each login, the user must make sure that this option has been selected, that is, the server security protection function is enabled.
The next "encrypt passwords" item is also automatically selected by default. In this way, Serv-U uses the same encryption mechanism as the UNIX operating system to encrypt and save the user's password. If the user does not choose to encrypt the password, the passwords entered by all users are saved in plaintext in the Serv-U.ini file located under the Serv-U installation directory.
The next item is used to set whether anonymous access users are required to enter the password. By default, this field is blank, so that users who access the FTP server using an anonymous account are not required to enter a password. It should be noted that the detection of anonymous user passwords is very simple here, as long as Anonymous Users enter any strings that match the email address format, serv-U does not further judge whether the email address entered by the user exists.
The next item is anti-Timeout measures. If you select this option, Serv-U will adopt the new time recording method, which will be sent to the server periodically
Command to Prevent Users who encounter timeout operations from failing.
The subsequent options are used to determine whether to delete a file that has not been fully uploaded. If you do not use the delete function, when a user uploads a file to the FTP server but fails to complete the file upload, Serv-U retains the uploaded content on the hard disk, this enables resumable upload of uploaded files.
Next we will discuss cross-FTP attacks. Generally, when the FTP protocol is used for file transmission, the client first sends a "PORT" command to the FTP server, this command contains the user's IP address and the port number that will be used for data transmission. After receiving the command, the server uses the user address information provided by the command to establish a connection with the user. In most cases, the above process will not cause any problems. However, when the client is a malicious user, it may add specific address information to the PORT command, establish a connection between the FTP server and other non-client machines. Although this malicious user may not have the right to directly access a specific machine, if the FTP server has the right to access this machine, then the malicious user uses the FTP server as an intermediary, the connection to the target server can still be achieved. This is the cross-server attack we mentioned. To prevent the above situation, you can select the "cross-FTP server attack prevention" option, so that Serv-U can establish a connection with any visiting users, first, check whether the address information provided by the user is the actual address. Everything is in two ways. We already know that Serv-U can be used to prevent cross-FTP server attacks, but at the same time, we also gave up the data transmission function between the FTP server and the FTP server. This is because Serv-U will only establish a connection with users whose provided addresses are consistent with the actual address of the address provider, you cannot remotely control file transfer between two different FTP servers.
The last two options are used to limit the maximum residence time of the user on the FTP server, and specify the case sensitivity of the file and directory names on the server.
Other related options in this window will be described in detail later.
Iv. User Account Management
The most basic task for a user to use an FTP server is to add and manage user information. Select "USERS" from the "SETUP" menu to open the Serv-U user management window. This window can be divided into two parts. The window on the left shows all registered FTP Server users. If you select any user, the detailed configuration information is displayed on the right of the window. If Serv-U is started for the first time, only one DEFAULT account named "DEFAULT" is displayed.
5. The following describes in detail the whole process of creating a new user account.
First, click the "NEW" button on the rightmost side of the window, and enter the username to be created in the pop-up window. At this time, the entered user name will appear in the user name column on the right of the window. You can also modify the account name in this column.
Then, you can enter the group name of the user group to which the account belongs or create a new group. Groups are concepts launched to facilitate the management of a large number of user groups. We can divide a large number of individual users into different groups for unified management. Because users in the same group share some common attributes, such as user passwords and root directories, you only need to set individual accounts with special attributes, this greatly simplifies the management and maintenance of user accounts. Note that the special user account "Anonymous" does not belong to any user group.
In the subsequent password field, enter the account password. If you select the password encryption option on the server, see the previous article ), the entered password is automatically stored in encrypted mode. It is important to note that the password is valid only for the first eight characters, and is expected to attract the attention of the majority of Serv-U users. In addition, if the user did not enter the corresponding password when creating a new account, it does not mean that the user account has no password, serv-U will try to find whether the user account belongs to a user group and the user group has a unified password. If Serv-U does not find the user group password, access to this user account is denied. If you do not want to specify the password for an account, you only need to enter "<>" in the password field of the corresponding account. One exception to the above situation is the Anonymous user account, which has no password. Serv-U only requires the user to enter any string that conforms to the mail address format.
In the "HOME" column, set the root directory of the FTP user, that is, the starting directory automatically located after the user successfully logs on. Each user account must have its own root directory. Otherwise, Serv-U rejects access to this user account. Of course, if this account belongs to a group and the user group has already set a common root directory, you do not have to reset each account in the user group. When entering the address of the root directory, you must use the full path, including the drive letter.
In the "NOTE" column, you can enter some text to help you with your account for future reference.
The largest column on the right of the user window is used to set the account access permissions, so as to determine which files the user can access and how to access these files. Serv-U classifies user access permissions by file and directory. Specifically, the permission for accessing files is as follows:
READ: allows users to download files;
WRITE: allows users to upload files, but does not have the right to modify, delete, or rename the files;
APPEND: allows you to attach existing files. Users with APPEND permissions automatically have the WRITE permission;
DELETE: allows users to modify, rename, or DELETE files. Users with the DELETE permission automatically have the WRITE and APPEND permissions;
EXECUTE: allows you to run executable files through FTP. For example, you can remotely Run DOS or Windows programs.
Access Permissions to directories:
LIST: allows users to obtain the directory LIST;
MAKE: allows you to create new subdirectories under the root directory;
REMOVE: allows you to delete subdirectories in the root directory.
INHERIT: After this option is selected, the access permissions set for a directory are automatically inherited by all subdirectories in the directory.
After completing all the preceding settings, click the "STORE" button to save the newly created user account to the FTP server.
Other options in this window will be described in detail later.