This chapter demonstrates how to set up and
configure the Windows NT FTP service. You will be able to make
better use of the FTP service by first exploring why you should
set up an FTP server. The first section helps you understand
the advantages of installing an FTP server on your system. After
demonstrating how to install the FTP service, you are shown how
it can be configured by using the Control Panel. Although most
key features of the FTP service can be controlled via the Control
Panel, it is possible to control all aspects of the FTP service
by using the registry. Therefore, in order to help you customize
the FTP service to better meet your needs, this chapter also illustrates
in detail how to modify various features of the Windows NT FTP
service by making changes to the registry. Because security is
a major concern when setting up any Internet service, an entire
section of this chapter is devoted to FTP server security; it
covers various security implications of setting up an FTP server
and discusses how to avoid possible security breaches on your
system due to the FTP service. After reading this chapter, you
should be familiar with all aspects of configuring the Windows
NT FTP service to distribute information on the Internet in a
manner that will not compromise the security of your system.
Technical Note |
The Windows NT FTP service complies with requirements for an FTP server defined in the RFCs (Requests for Comments) 959 and 1123. |
Now that you have set up your Web site and have it configured to meet your needs, you might wonder why you should go to all the trouble of setting up an FTP server. Although you can use your Web server to distribute information, you should consider setting up an FTP server if you plan to distribute files such as application programs and documentation that are not meant to be utilized with a Web browser. Setting up a Web server alone might not be sufficient to distribute information because users might not always have access to a Web browser to access your files. On the other hand, due to its text-based nature, almost any shell account that has Internet access is capable of accessing an FTP site to upload and download files. For this reason, many users who might not be able to access your Web site will be able to access the same information by using your FTP server. Although text-based Web browsers such as Lynx exist, they are not really meant for downloading and uploading files.
Another reason for setting up an FTP server is the large amount of requests that might need to be fulfilled by your Web server. If your Web server is already handling a large amount of HTTP requests, using an FTP server to distribute files takes away some of the load that must be handled by your Web server. By having a separate service take care of file distribution, you will be able to liberate your Web server for exclusively processing regular HTTP requests.
Also, because the FTP service uses its own log file, it makes matters easier for you to keep track of who accesses what from your system. For example, if you are making certain applications available for download via FTP as opposed to HTTP, you will be able to easily determine who is accessing those files without having to go over a very large Web server access log file. In addition to this, by setting up an FTP server, you also will have better control of various users who upload and download files.
Due to the reasons enumerated in the preceding, and for many other
reasons, it is beneficial for you and your users to set up an
FTP server on your system. Although there are a few negative aspects
associated with setting up an FTP server such as security, there
are ways of minimizing such risks. This chapter shows you how
to set up an FTP server in a way that will minimize security risks
later. However, before such issues are addressed, you first need
to install the FTP server on your system. The FTP service is provided
with the Windows NT distribution CD-ROM and is very easy to install
by following the directions listed in the next
section.
Installing and setting up the Windows NT FTP service is relatively
simple. The FTP service is not installed initially by default
due to various security risks associated with an FTP server. Soon
after installing the FTP service, in the "FTP Server Security"
section, you are shown how to secure your FTP server to avoid
security breaches. (Be sure to read the section on FTP server
security!) Please skip to the next section, which deals with configuring
various aspects of the FTP server, if you have already installed
the NT FTP service.
Security |
The FTP service uses clear text passwords and usernames. For this reason, if someone is "eavesdropping," this person will be able to intercept the password and user ID that's used to access the FTP account. Sensitive information should therefore never be made available to users via FTP unless the information is protected with a robust encryption technology such as PGP (Pretty Good Privacy). |
Administration |
Due to security issues, you need to be a user who is logged on as the administrator or a user who is a member of the administrator's group before proceeding to install the NT FTP service. You also need the Windows NT distribution CD-ROM because the FTP service is contained on it. |
The NT FTP service is installed using the Control Panel application. Invoke the Control Panel application from Program Manager and double-click the Network icon. You see a window that looks similar to the window shown in Figure 25.1. When the Network Settings dialog box appears, click the Add Software button to install the FTP service.
Figure 25.1: The Windows NT FTP service is installed using the Network Settings application.
When you click the Add Software button, Windows NT prepares and presents you with a list of network software that you can install on your system. Because the FTP service is a TCP/IP-based service, you should select TCP/IP Protocol and related components from the pull-down menu, as shown in Figure 25.2. Later, you are given a choice of various TCP/IP-based components to install.
After selecting TCP/IP Protocol and related components, click on Continue to install the FTP service. At this point, you are presented with a list of TCP/IP components that you can install on your system. Various TCP/IP components that already are installed on your system are displayed in red, indicating that you cannot install those services.
If the FTP Server Service is displayed in red with the File Sizes column having a value of 0, it's a good indication that the NT FTP server is already installed on your system. If you are having problems using the FTP service, it also might mean that the FTP server installation on your system has become corrupt. In the latter case, go back to the Network Settings dialog box shown in Figure 25.1, find the FTP server installation among the list of Installed Network Software, and remove the FTP Server Service. After removing the FTP server, reboot your server and start again from the beginning of this section to install the FTP service.
To install the FTP service, click on the checkbox next to FTP Server Service, as shown in Figure 25.3. If Connectivity Utilities are not already installed on your system, you might want to check that box, as well. Doing so also will install client programs for accessing common Internet services such as Finger, FTP, and telnet.
After pressing the Continue button, you are reminded, as shown in Figure 25.4, about the security risk associated with installing the FTP Server Service. At the end of this chapter, you will be shown how to deal with various security issues related to setting up the NT FTP server, so click on the Yes button to proceed with the installation.
You are now presented with the FTP Service configuration dialog box, similar to the one shown in Figure 25.5. You use this dialog box to configure key aspects of the FTP server, such as home directories of users, maximum number of users allowed at a time, anonymous account settings, and so on.
With this dialog box, you can begin to configure your FTP server.
Maximum Connections and Idle Timeout are two self-explanatory
fields you can change based on your preferences. It is a good
idea to specify an idle time-out value that is just a few minutes
long to avoid unauthorized access to your FTP server. The Maximum
Connections value can be specified depending on the bandwidth
of your Internet connection. For example, if your Internet link
is just a 28.8 kbps connection, limit the number of connections
to about 2. Next, type in the path name of the directory that
will contain user directories of users who will be accessing your
FTP server. Select an NTFS (NT File System) partition for
your user directories because the NT FTP service uses NTFS security
when determining which FTP users have which rights. If you select
a FAT (File Allocation Table) partition, you won't be able to
assign user permissions to your FTP users via the File Manager.
After typing the path name of the directory containing user directories,
check the Allow Anonymous Connections checkbox, as shown in Figure
25.5, to allow anonymous access to your FTP site.
Security |
Although you can use the guest account as the account that's used by the anonymous access account, you might want to create a new account that will be used by the anonymous access account. For the purpose of this example, a new user account called FTP will be created to be used by the anonymous access account. More information about creating this account and setting file permissions will be discussed in the "FTP Server Security" section of this chapter. To control who has access to your system, you should disable the guest account unless you need it for some other purpose. |
After following the instructions listed earlier in this chapter and pressing the OK button in Figure 25.5, the FTP server is fully installed on your system. When the Network Settings dialog box is invoked from the Control Panel, FTP server will be among the items listed under Installed Network Software, as shown in Figure 25.6. In the future, if you need to configure various options of the FTP server shown in Figure 25.5, you can do so by selecting FTP Server from the Network Settings dialog box and pressing the Configure button. After installing the FTP server, you need to reboot your server. By going into Control Panel and invoking the Services application before doing so, you can make sure that the FTP Server Service is configured to start automatically. By having the FTP service start automatically as soon as your server boots up and establishes its Internet connection, the FTP server will be ready to serve users even if no one is logged on to your server. After rebooting your server, please proceed to the next section to configure various aspects of your FTP server.
In order to configure the FTP server and set user permissions, invoke the Control Panel after rebooting your system. In order to set user permissions and configure the FTP server, you need to log on as the administrator or as a user with administrative permissions. As you can see in Figure 25.7, after rebooting the server a new icon called FTP Server is visible in the Control Panel. Shortly, you will be shown how you can use this application to monitor the status of your FTP server by finding out who is logged on. By using this application, it is also possible to disconnect users and set read/write file permissions for various disk partitions.
By executing the FTP Server application from the Control Panel, you can change various aspects of the FTP server to suit your needs. When you execute the FTP Server icon, you are presented with a dialog box like the one shown in Figure 25.8. As you can see, the FTP Server application displays users who are currently logged on to your FTP server. Because this listing is not automatically updated, you need to manually update it by pressing the Refresh button to get up-to-date information. You also can limit partitions to which users have access via the FTP server by pressing the Security button.
When you press the Security button in Figure 25.8, you can set file permissions for various partitions of your system. A dialog box similar to the one shown in Figure 25.9 appears.
Security |
File permissions of users will be overridden by permissions set in the dialog box shown in Figure 25.9. For example, if a user's home directory is in the H: drive and this user has access to all other partitions of the system but only partition H: is assigned read permissions, this user will be restricted to H: and will not be able to access files in any other partition. |
The FTP Server Security dialog box is used to specify which disk partitions can be accessed by a user authenticated to access your FTP site. Because rights specified in this dialog box supersede user rights, you can safely lock away users from all partitions that contain sensitive information. By utilizing this dialog box, you should take away read and write permissions from all partitions that contain such sensitive information. Ideally, you should limit FTP access to one NTFS partition to keep things simple.
When setting up user home directories, an NTFS partition should
be used to enforce security on users accessing your FTP site.
If a FAT partition is used, you won't be able to limit user access
to a certain subdirectory. Although it's possible to use a FAT
partition and limit access by restricting access to other disk
partitions, this is not a very elegant solution because even an
anonymous user will be able to freely roam about the entire directory
structure of a FAT partition. The same goes for HPFS (High
Performance File System) partitions. Because HPFS does not
implement file security, it will provide the same level of security
FAT provides, which is not much.
Security |
Use a different partition than the Windows NT System partition for the FTP server. Although file permissions can be set via NTFS, it's preferable to use a partition that does not contain sensitive information to store user directories that are used by the FTP server. Doing so ensures that even if you make an oversight when setting user permissions, it will not adversely affect the security of your system. |
As shown in Figure 25.5, for the purpose of this example, all user directories are stored in the H:\Publish\FTP\Users directory. By creating user directories immediately below this directory, when a user logs on, the user is automatically transferred to his or her directory. The directory structure for user directories specified in Figure 25.5 is listed in Figure 25.10. By setting up a similar directory structure, you can set up the FTP server to automatically take a user who logs on to your FTP site to his or her directory.
Figure 25-10: Sample directory structure for home directories of users.
For security reasons, you might not want certain directories to be visible to users. You can hide directories you want to keep hidden by invoking the File Manager, selecting the file or directory you want to hide, and then selecting File and Properties (the shortcut for this is Alt+Enter). When the file properties for the file or directory selected earlier are displayed, you can hide the directory by checking the Hidden checkbox.
Although you can modify most major aspects of the FTP server by
following the directions listed earlier in the chapter, you can
fine-tune various characteristics of your FTP server by making
changes to various registry keys. The next few sections demonstrate
how you can alter various aspects of your FTP server via the registry.
Caution |
As always, when making changes to the registry, be sure to change only registry keys that are documented. Altering other registry keys can adversely affect the well-being of your system. |
Although most registry keys listed in the next section are optional,
you must change one registry key so that users can access your
FTP site by using a Web browser. If you attempt to access your
FTP site by using a version of Netscape prior to version 2.0,
you will not get a listing of files. This is because by default,
when a listing of files and directories is requested, the NT FTP
server displays this data in the MS-DOS directory listing format.
However, most Web browsers such as versions of Netscape prior
to 2.0 expect the listing to be in the UNIX directory listing
format. In order for the directory listing to appear correctly
in Web browsers that expect directory lists to be in UNIX format,
you need to add a certain registry key.
Registry |
After you make changes to the registry, it is necessary to stop and restart the FTP service for the changes to take effect. The FTP service can be stopped and restarted by invoking the Control Panel, executing the services applet, selecting the FTP service, and then stopping and restarting the FTP service. Registry keys listed in the next few sections are all relative to HKEY_LOCAL_MACHINE\SYSTEM |
In order to change the directory listing style of the NT FTP server to UNIX directory listing style, you have to add the following registry key:
Registry key: MsdosDirOutput Data Type: REG_DWORD, binary Range: 0 or 1 Value: 1 for MS DOS style directory listing 0 for UNIX style directory listing
When this key is added with a value of 0, the output of the DIR command looks like the output of the UNIX ls -l command. This registry key also changes the slash that's used when the current directory is requested with the PWD command. When the value of MsdosDirOutput is 1 (true), the path contains backward slashes (\). On the other hand, if MsdosDirOutput is 0 (false), the path contains forward slashes (/). An example of what directory listings look like when MsdosDirOutput is 1 and 0 appears in Figures 25.11 and 25.12, respectively.
Figure 25-12: Directory listing produced by the ls -l command when MsdosDirOutput is set to 0.
When a user accesses a directory on your FTP server, you can inform the user about the contents of the directory by displaying a message. Directories can be annotated by using the following registry key:
Registry key: AnnotateDirectories Data Type: REG_DWORD,binary Range: 0 or 1 Value: 1 send directory annotations 0 do not send directory annotations
When AnnotateDirectories is set to 1, every time a user changes directories, the FTP server attempts to open a file named ~FTPSVC~.CKM in the new directory. If this file is found, the contents of this file are displayed to the user. This file is usually a hidden file. By making this file a hidden file, if a user requests a directory listing, this file will not be visible to the user. A file can be made into a hidden file by selecting it in File Manager, pressing Alt + Enter, and checking the Hidden checkbox, as shown in Figure 25.13.
Tip |
The directory annotation feature can be used to inform users where certain files are located and whom they should contact if they run into problems. |
You can specify the idle time-out period for FTP sessions by setting the following registry key. The user will be logged off automatically if a logon is idle for more than ConnectionTimeout seconds. Make sure the idle time-out period is no longer than a few minutes, unless you have a very good reason for having a longer idle time-out period. If the idle time-out period is too long and a user forgets to log out, someone else can potentially use the active logon to gain unauthorized access to your server.
Registry key: ConnectionTimeout Data Type: REG_DWORD Range: Value given in seconds Value: Can be set to the number of seconds the FTP service will allow an FTP session to be idle
Tip |
If you do not want your FTP service to disconnect people after a session has been idle, you can set the value of ConnectionTimeout to 0. When ConnectionTimeout is set to 0, idle clients may remain connected indefinitely. |
You also can have a welcome message displayed each time a user accesses your FTP server and is validated. In order to define a welcome message, the following registry key needs to be defined with a greeting message:
Registry key: GreetingMessage Data Type: REG_MULTI_SZ Range: Strings value Welcome message
Note |
When a user logs on to your FTP server as an anonymous user and specifies an e-mail address starting with -, the greeting message you just set will not be sent. |
You can display an exit message when a user logs off the FTP server. This message is contained in the following registry key:
Registry key: ExitMessage Data Type: REG_SZ Range: Text Message Value: Can be set to any text message you want to be displayed.
You can use the registry key MaxConnections to define the maximum number of connections that will be served by the FTP service. By modifying the following registry key, the number of users who can connect to the FTP server at any given time can be controlled. If you are connected to the Internet with a POTS link, limit the number of users to no more than five. If you are using an ISDN line, you may allow up to 25 users to connect to your FTP site at the same time. You may allow a few hundred FTP users to connect to the FTP server at the same time if you are connected to the Internet with a T1 line.
Registry key: MaxConnections Data Type: REG_DWORD Range: Number Value Number of FTP users you allow.
Note |
In order to allow an unlimited number of simultaneous users to access your FTP server, MaxConnections can be set to 0. I don't recommend that you set this value to 0, unless you have a very good reason for doing so. |
The message defined in this registry key is displayed if a user tries to connect to the FTP server when the FTP server is already serving the maximum amount of connections allowed defined in the registry key MaxConnections:
Registry key: MaxClientsMessage Data Type: REG_SZ Range: Message Value Message to be displayed when the FTP server is servicing the maximum number of FTP users allowed and a new user attempts to log on to the FTP server.
There are two ways to define home directories for FTP users. One way is to go to the Control Panel, execute the network applet, and define the user home directory path (as shown in Figure 25.5). The other way is to modify the following registry key:
Registry key: HomeDirectory Data Type: REG_EXPAND_SZ Range: Path name Value Path to the user's home directory
If a user does not have permission to access the directory specified
in this registry key, the user is refused access. An event is
written to the Windows NT event log if a user tries to log on
to the FTP server and the FTP service finds the user's home directory
inaccessible.
Note |
When allowing anonymous FTP, be sure to limit the file access permissions of the user account used by the FTP server to determine anonymous user file access rights. You should make sure that this account has permissions to access only directories you want to be made public. |
Registry key: LogFileAccess Data Type: REG_DWORD Range: 0-2 Value: A value between 0 and 2. The default value 0 does not log accesses.
The FTP log file is very valuable. It's the key to determining who accessed what from your FTP server. If LogFileAccess is set to either 1 or 2, it will create a log file to record all file accesses. The log file will be created in the same directory that the FTP service is in. This directory is typically the %SYSTEMROOT%\SYSTEM32 directory. By setting this registry key to 1, a file named FTPSVC.LOG will be created to log all file accesses. If it is set to 2, each day a new log file is created. This log file is named Ftyymmdd.LOG, where yy is the year, mm is the month, and dd is the day.
Security is a major concern when an Internet service is set up on any server. Although various tips on security were provided earlier in this chapter, this section summarizes those issues and discusses additional security issues in greater detail. By following the tips and suggestions in this chapter, you will be able to secure your system and use the FTP server in a manner that will not compromise its security.
If you are hosting your Web site on Windows NT server, you have more control of when FTP users can log on to the FTP server. However, if you are hosting your Web site using Windows NT Workstation, you do not have control of when users can log on to the FTP server. The NT FTP server application respects user access times that can be defined in User Manager. For example, as shown in Figure 25.14, a user can be assigned logon hours. In order to invoke the dialog box in Figure 25.14, choose a user in User Manager and select User | Properties from the menu bar. When the User Properties dialog box is displayed, press the Hours button.
Note |
The FTP service needs to be stopped and restarted after any user logon hours are changed using the User Manager. |
If files at your Web site need to be updated by users, it's convenient to set up an FTP account so that users who have to update contents at your Web site will be able to log on to your FTP server and update necessary files. Although this may seem to be a very innocent process, there is a major security issue you should be concerned with when allowing users access to your Web server's directory structure. No FTP account should ever have permission to access your Web server's CGI directory. The reason for this is that any executable file in the CGI directory of your Web server can be executed simply by using a Web browser after the file is uploaded to your Web server's CGI directory. You might think that if you allow only users you trust access to your CGI directory, you need not worry about compromising the security of your Web site. However, allowing users access to the CGI directory can result in very severe security nightmares. Because FTP uses clear text passwords and usernames for user authentication, when users connect to your FTP server, someone can potentially eavesdrop and intercept the password and user ID of a legitimate user. For this reason, you also should ensure that no FTP user has access to your Web server's CGI directory. The FTP server should only allow users to access directories that they need to access.
It's better to limit FTP access to one disk partition. This partition should be an NTFS partition and should not be used to store sensitive information.
No FTP user should have access to your Web server's CGI directory. Allowing an FTP user to upload files to this directory is similar to allowing anyone to upload applications and run them on your server-not a very good thing as far as security is concerned.
You should be aware of risks associated with clear text passwords and user IDs that the FTP server uses. This does not mean that you should now go ahead and uninstall the FTP server. It simply means that users who have FTP access to your system should be able to access only the directories they need to access.
File availability can be limited by specifying access times for your FTP users if you are running Windows NT server. For example, if a user has to periodically upload a new file to your Web server with FTP each day in the morning, you can disable this account from noon until morning.
If the FTP server is used only for file distribution to anonymous users, you should configure the FTP service to accept only anonymous logins. This will prevent regular users trying to log on to the FTP server using their username and password, thus compromising the security of your system.
After setting up the FTP server, it has to be administered to keep it functioning smoothly. New user accounts have to be created to accommodate needs, and file permissions have to be changed to meet various needs. The following sections discuss a few helpful tips that will aid you in administering your FTP server.
Unless it is very urgent, you should not shut down the FTP server by stopping the FTP service from the Services application found in the Control Panel. Doing this will immediately disconnect all users from the FTP server. Users who were downloading the last few bytes of a multimegabyte file will not be delighted about getting disconnected. A better way of stopping the FTP server is by using the Pause option in Control Panel's Services application. If you need to bring down the FTP service, you should first check to see if any users are logged on to the FTP server by invoking the FTP Server application from the Control Panel. If users are logged on, the FTP server can be paused and can allow users to complete their file transfers. When the FTP service is paused, all current user sessions will remain active until users log out. However, new FTP connections will not be honored. After all users have logged off the server, it's possible to stop the FTP server without affecting any file transfers.
You can find out various access statistics for your FTP server by analyzing its log file. For each file opened by a user, a new line is added to the FTP server log file. This log file is invaluable in determining who accessed what from your FTP server. FTP server access log files are usually stored in the %SYSTEMROOT%\SYSTEM32 directory. In order for the FTP server to log accesses, the registry key LogFileAccess must be defined. Please refer to the section "FTP Server Registry Entries" for more information about this key. Each line of the FTP server log file contains information about files that are opened by the user. The information stored in the FTP server access log file is in the following order:
File accesses are logged to the FTP file access log file as follows:
************** FTP SERVER SERVICE STARTING Tue Feb 06 08:16:41 1996 128.8.18.13 sanjaya opened H:\FTP\LaunchCodes.TXT Tue Feb 06 08:19:28 1996 128.8.18.13 sanjaya opened H:\ FTP\TreasureMap.TXT Tue Feb 06 08:19:43 1996 ************** FTP SERVER SERVICE STOPPING Tue Feb 06 08:20:37 1996
This chapter covered various aspects of setting up and configuring the Windows NT FTP service. Although there are certain security risks involved, as long as the FTP server is used properly, these risks can be minimized. You can use the tips and discussions presented in this chapter to make sure your system's security is not compromised due to the FTP server. This chapter also covered different ways of customizing the NT FTP service to meet your needs. In addition to using Control Panel applications to configure the FTP service, you were shown how to modify various aspects of the service by directly making changes to the registry.
The next chapter will demonstrate how to set up the free EMWAC SMTP mail server for sending and receiving Internet e-mail. A number of commercial mail servers also are covered in the following chapter to provide you with an overview of different mail servers available for Windows NT. By evaluating their capabilities, you will be able to select the mail server that best suits your needs. The following chapter also demonstrates how to set up blat, a command-line SMTP mail-sending utility.