Scribd Logo
Upload

Welcome to Scribd!

  • How To Set Up An FTP Server 2 Part

    Uploaded by

    Yoko Zuna
    8 views12 pages

    Original Title

    How to set up an FTP server 2 part

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views12 pages

    How To Set Up An FTP Server 2 Part

    Uploaded by

    Yoko Zuna

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

     How to set up an FTP server

    FTP functions on a client-server model. The server hosts the files to be shared and
    the client provides the interface to access, download, or upload files to the file
    server. The computers transferring the files can be within the same network where
    the FTP server is configured, as well as outside the network (over the internet). FTP
    uses two ports, one for connection and one for sending data.

    FTP can run in two modes: active and passive. And, it uses two channels between
    the client and server: the command channel and the data channel. The command
    channel is for sending the commands and responses, and the data channel is for
    sending the actual data. As for active and passive modes , in active mode, the client
    launches the command channel, and the server establishes the data channel. In
    passive mode, both the command and data channels are established by the client.

    Most organizations prefer passive mode. In this mode, the client initiates both
    channels; therefore, the organization has little or no alterations to make on the client
    firewall. The connection is from the client to the server, and the data will be return
    traffic to the client. Overall, organizations can allow their users (clients) to connect to
    FTP servers without compromising network security.

     Setting up FTP in passive mode

    Primarily, the command channel is opened by the client to the FTP server on port 21.
    The client also opens two random, unprivileged ports on the client (typically a port
    greater than 1023). We’ll call the first port P and the second port P+1. The FTP client
    initiates the connection to the server by sending a PASV command. The client
    connects to the server from port P to server port 21 with the PASV command. The
    server then opens another unprivileged port Q (any port greater than 1023) and
    sends the port information back as a reply to the PASV command. Now the client
    initiates the connection from port P+1 to port Q on the server to start the data
    transfer.

    Steps:

    1. The client contacts the server using the PASV command on port 21.
    2. The server replies using port 2000. Here, port 2000 is the port the server will
    be listening to for the data connection.
    3. The client initiates the connection from port 1025 to 2000 (on the server).
    4. The server sends back the ACK (acknowledgement).

    Registration Learn More

     Opening up channels on FTP client and server


    Client side: Data and other communications from the client should reach the FTP
    server. Make sure you allow outgoing data and other communications from the client
    to go to the FTP server.

    Server side: Port 21 should be open, as it receives the PASV command for initiating
    the connection. The port used by the server to respond to the client can be anything
    between Port 22 to 1022. Because the FTP server specifies a random port (anything
    greater than 1023), those ports should be open for communication.

    Prerequisites

    o FTP depends on IIS (Internet Information Services). Both IIS and FTP
    services should be installed for the configuration of the FTP server.
    o A root folder is required for FTP publishing. The folder can be created under:

    %SystemDrive%\ftp\ftproot

    o Next, you need to set permissions to allow anonymous access to the folder.
    Use the following command on a CMD prompt to grant access:

    “ICACLS "%SystemDrive%\ftp\ftproot" /Grant IUSR:R /T”

    "%SystemDrive%\ ftp \ftproot"

    Or the path to the root folder should be set as the path for your FTP site. Even the
    software firewall (like Windows firewall or Symantec) should allow connections to the
    FTP server.

     Enabling FTP in Windows if IIS is not installed


    In this example, we’ll use Windows Server 2008 R2 to configure FTP.

    If IIS is not installed:

    1. Navigate to Start > Control Panel > Administrative Tools > Server Manager in
    Windows Server Manager.
    2. Go to Roles node. Right-click on Roles and click Add Roles.
    3. In the Add Roles window, open Server Roles and check Web Server (IIS).
    4. Proceed through the setup wizard and click Install. Wait for the installation to
    complete.
     Enabling FTP in Windows if IIS is already installed as a
    web server
    1. Navigate to Start > Control Panel > Administrative Tools > Server
    Manager.
    2. In the Windows Server Manager, go to Roles node, and expand Web Server
    (IIS) .
    3. Right-click on Web Server (IIS) , and click on Add Role
    Services .

    4. In the Add Role Services window, go to Roles Services , and check FTP
    Server .
    5. Confirm IIS Management Console is checked under Management Tools .
    6. Click Next , then Install , and wait for the installation to complete.

     Transferring files
    To transfer files, you should add an FTP site. Once the FTP site is enabled, clients
    can transfer to and from the site using the FTP protocol.

     Setting up an FTP site


    1. Navigate to Start > Control Panel > Administrative Tools > Internet
    Information Services (IIS) Manager.
    2. Once the IIS console is open, expand the local server.
    3. Right-click on Sites , and click on Add FTP Site .
    4. In the Add FTP Site window, type the FTP server name and the content
    directory path, and click Next. The directory path should be the same as the
    one we set permissions to allow anonymous access. Above, we used:
    %SystemDrive%\ ftp \
    ftproot

    5. In the Binding and SSL Settings window, type the IP address of the server.
    Check the Start FTP Site Automatically option. Choose SSL Based on
    Constraint . Click Next .
    6. Now, select Basic for authentication.
    7. Click Finish . Now, the FTP site creation is complete.

     How does FTP basic authentication work?


    Basic authentication means there’s no encryption used. Thus, username/password
    are sent in clear text. Basic authentication matches the username/password from the
    Active Directory database. You can also create accounts in IIS. This can be done
    from under Management Tools in Web Server (IIS) role.

    Under Authorization , you can select All Users to allow FTP access to all users
    from the domain. Also, check both Read and Write under Permissions Based on
    Requirement .

     Accessing files on the FTP server


    To access files on the FTP server, open a file explorer and type ftp://serverIP . The
    FTP server asks for a username and password. Enter the username and password
    (Windows or Active Directory credentials) and click Logon . The files and folders
    display under the FTP server.

    You might also like