|
|
|
To be experienced in using Nofeel
FTP Server, you should first understand a number of concepts,
especially if you are not familiar with FTP server software.
Some concepts are important to understand an FTP server's working
process, and some are useful to use this program easily.
|
Action
Action means what you can do for a connection. With Nofeel FTP Server,
you may spy it, stop its file transferring or disconnect it.
Action "spy" makes you see the connection's all activities in a separate
window, including all client commands and server replies.
Action "stop file transferring" and "disconnect" are easy to understand.
Active Mode
A TCP connection is established when an FTP client connects
to server, this connection is used to receive commands and
send replies for server (or send commands and receive replies
for client). If the client wants to download/upload a file
from/to server, they must establish another TCP connection.
If it is server initialized this connection, we say the server
is in active mode. Please refer to FTP Internal.
Administration
Nofeel FTP Server actually has two programs: administration
program and service engine. Administration program makes you
can add/delete users, set server settings, view server activities,
etc. All interactions between you and Nofeel FTP Server have
to be done through administration program.
Anti-Hammering
Sometimes a user tries to establish too many connections with
your server in a very short time. This may be the case that
an FTP client program is trying to guess a user account and
password, or the case that an FTP client program is trying
to use many threads to download a file at the same time. We
call this hammering, it will occupy server's much resources
temporarily and others may be not able to connect to server.
Anti-Hammering is an option item in server settings that makes
server to avoid this case.
Authentication
Every time a FTP client connects to server, it tells server
its user account and password, asks server to allow its login.
Before allowing, server must make sure it is a valid user, this
is called authentication. Nofeel FTP Server offers three authentication
types: Password, NT Authentication (Local Computer) and NT Authentication
(Domain). Password is traditional and most often used, NT Authentication
is advanced but very useful for those who want to centralize
user authencitation for their many different applications.
Certificate, SSL Certificate
If server
runs in SSL (explicit or implicit) type, it needs a certificate
to show ftp clients its identity. Certificate also gives clients
the public RSA key associated with it. With the public key,
ftp clients can build a secure channel with server, and all
data transfered will be encrypted and can not be stolen or
broken.
Command, FTP/Client/User Command
A typical
FTP conversation between client and server is that client
sends a command, waits for server's reply, then sends next
command, waits for next reply, and so on. An FTP command (or
say, user command, command) is an ASCII text string, most
are three or four characters long, some are followed by parameters,
and some are not. For example, commands "USER" and "PASS"
are used to login. "USER" is followed by user's account name,
and "PASS" is followed by user's password.
Connection, TCP Connection, FTP Connection
TCP connection is a technical term of computer network. It
is based on TCP/IP protocols that are basis of today's Internet.
For Nofeel FTP Server, we also call it an FTP connection,
or simply connection. A TCP connection on computer network
is like a telephone calls on telecom network, both are used
to make two sides keeping a communication channel.
Client, FTP Client
FTP client, or simply client, is the program that requests
to establish a FTP connection with server. Client generally
wants some service from server it connects. In this help client
usually means FTP client program running on user's machine,
but sometimes it also means FTP user.
Directory Access
(List), Directory Access Item
For each user account of
your server, you should set up his/her directory access. Directory
access is a list of one or more items, each item includes
a physical directory on your Windows system and an access
right that means what operations can be taken on the directory.
Every time server receives a command from a client, if the
command is related to file/directory operation, server firstly
searches directory access list, checks if the operation is
allowed, if not allowed then does nothing and tells client
it has no permission. Remember the items in the access list
are ordered, once server finds an item that allows the command's
operation, it stops searching other items.
Directory Cache
Usually every time client
asks for a files listing, server will do a searching on physical
disk, list all files of a directory. But for many directories
this is unnecessary, especially for directories users cannot
upload file. For this case server may cache listing result
for a while, so get higher performance. Directory cache is
the place server saves its listing result, usually in program's
memory.
FTP, FTP Session
FTP is File Transferring
Protocol, a type of TCP application protocol between an FTP
client and an FTP server, the basis of Nofeel FTP Server program.
For FTP details, please refer to FTP Internal. In this help
sometimes we say FTP session, which means an FTP connection.
FXP, Anti-FXP
The
standard FTP specification allows such a case: an FTP client
can instruct an FTP server to download/upload files from/to
another FTP server. This is sometimes useful, but for most
users it is not necessary, and for some attackers it is a
potential secure problem, we call this FXP. Anti-FXP is an
option item in server settings that makes server to avoid
this case.
Group
If you need
create many user accounts on server, you may divide them into
some groups. Group simplifies your work on user account management,
users in a same group can share some settings and you don't
need to set for each of them.
Home Directory
Home directory is the user's initial directory every time
he (she) login. He (she) can see all files and sub-directories
of Home Directory. Remember every time you create a new user
account, server will automatically add home directory to its
directory access list, and set its access right properly.
If you change the home directory later, you must manually
change the directory access list properly, or the user may
be not able to see anything after login.
Idle
If a client keeps a connection with
server but doesn't send any useful command, we say the client
is idle. This may be the case that client program's user goes
out or is doing other things. Idle connections waste server's
resources because they prevent others from connecting to server.
Some smart client programs may send useless commands to avoid
be recognized as idle by server.
IP, IP Address, Private
IP, Internet IP
IP is a network address on any TCP/IP
network, such as Internet. Each machine on the TCP/IP network
must have an IP address, or it could not communicate with
any other machine. Private IP is any IP in the following range:
192.168.0.0 - 192.168.0.255; 172.16.0.0 - 172.31.255.255;
10.0.0.0 - 10.255.255.255
Private IP can be used in any TCP/IP local private network.
Any IP not belong to Private IP is an Internet IP. Internet
IP should only be used on machines that are directly connected
to Internet. For more details, please refer to some TCP/IP
books.
IP Access (List),
IP Access Item
IP access is a list of one or more items,
each item includes an IP or IP range and a mark that means
if server accepts FTP clients form the IP(s). Every time server
receives a connection request from a client, it firstly searches
IP access list, checks if the client is allowed to connect,
if not allowed then simply denies it. Remember the items in
the access list are ordered, once server finds an item that
allows or denies the client, it takes the action and stops
searching other items.
Key, RSA Key
An
SSL certificate is associated with two RSA keys: public key
and private key. To be sure that ftp is secure, private key
must be kept as a security by server. Encrypted data's secure
intensity is dependent on key's length, generally 1024-bit
length is enough for most users' requirement.
Logging, Screen/File
Logging
Server's main work is to provide file service
to clients. Besides this, it needs to log something necessary
for later query or analysis, sometimes even everything. In
server settings, you can set logging, tell server log what
and not log what. Screen logging is server's activities shown
on program window, you watch it real-time, but it disappears
once you exit the administration program. File logging is
written in log file, you can use any text program such as
notepad.exe to open it at any time.
Passive Mode
A
TCP connection is established when an FTP client connects
to server, this connection is used to receive commands and
send replies for server (or send commands and receive replies
for client). If the client wants to download/upload a file
from/to server, they must establish another TCP connection.
If it is client initialized this connection, we say the server
is in passive mode. Please refer to FTP Internal. If your server
is behind a router/firewall, and works for users connecting
from outside Internet, you should correctly set up passive
mode in server settings, please refer to Server
Settings - Passive Mode.
Port, FTP Port, Listening
Port
Listening port is a TCP port number between 1 and
65535 that server listens on for your users. Standard FTP
port is 21; this is the default value in server settings.
If you set another value, usually should set it larger than
1024, and don't forget to tell your users the port number.
Reply, Server Reply
A typical FTP conversation between client and server is that
client sends a command, waits for server's reply, then sends
next command, waits for next reply, and so on. An FTP reply
(or say, server reply, reply) is a three-digit number, followed
by an ASCII text string, the number is the command's result
for client program, and the string is human-readable for client
program's user. For example, "331 Password required for user
anonymous" is a reply of command "USER", and "230 User anonymous
logged in." is a reply of command "PASS".
Running Mode
Nofeel FTP Server has three
type of running modes, with different mode server has different
performance. Please refer to Advanced - Performance
Secure-FTP
Secure-FTP
is combination of traditional FTP and SSL. Secure-FTP has
two types: Explicit SSL and Implicit SSL. In explicit SSL
mode, server can be compatible with ftp clients don't support
SSL, or clients can be compatible with ftp servers don't support
SSL. In implicity SSL mode, both ftp clients and ftp server
must be SSL-enabled.
Server, FTP Server
FTP Server, or simply
server, is the program that waits for FTP connection requests
from clients. Server is generally used to offer some service
to clients. In this help server means Nofeel FTP Server program.
Server Events
Nofeel
FTP Server defines many events may occur during server running.
For example, once a client uploads a file to server, an event
"On File Uploaded" occurs. Purpose of server events is to
let you have more powerful control on server. For example,
you can run a program every time a file is uploaded, the program
checks if the file is a .zip file, if is, checks its integrity,
if it seems a bad file, deletes it.
Server Settings
Generally word
"Server Settings" should be all settings related to Nofeel
FTP Server service engine, but in this help file and in program,
"Server Settings" just means partial of it, not including
settings of each user account and server events. For settings
of administration program, we call it "Options". Proper setup
of server settings and user settings is key to make server
work correctly.
Service Engine
Nofeel FTP Server actually
has two programs: administration program and service engine.
Service engine is the program providing the real file service
to clients. Service engine has no GUI and runs in background,
so even you exit administration program it can still be running.
This depends on what you set in administration program options.
SSL, Secure Sockets Layer
Secure Sockets
Layer, or SSL, is base of Secure-FTP. FTP and other application
layer protocols are based on traditional standard transport
layer protocol - TCP. But TCP is not a secure protocol, to
solve this problem, SSL was proposed and finally became an
industry's standard secure protocol.
User, FTP User
In
this help file, word "user" has several meaning. First, user
means you, i.e. who use this Nofeel FTP Server program. But
more cases user means FTP user account you create for server
when we say "add/delete user, user settings, etc". Sometimes
user also means "FTP user", i.e. the one that uses FTP client
program to connect to your server, or just simply means FTP
client program.
User Settings
User settings are easy
to understand, it means settings of FTP user account you create
for server. Proper setup of server settings and user settings
is key to make server work correctly.
Variable
Variable is a concept in computer
programming language or script language. In Nofeel FTP Server,
you can use variables in some settings, and server will replace
them to their proper values. For example, if you write a sentence
in server welcome message: "Hello, your are from $(CLIENTIP)",
server will replace "(CLIENTIP)" to real client's IP address.
So if a client from 192.168.0.10 connects to server, it sees
a welcome message like: "Hello, your are from 192.168.0.10".
For full reference, please refer to Advanced - Variables
Virtual Directory/Link
Usually FTP users connecting to server can only see files
in their home directories (or sub-directories). This is not
ideal for many cases, for example, if you want two users (with
two different home directories) all can download files in
a directory, you have to copy this directory to all their
home directories. Virtual directory gives you an easy to manage
files' relationship on your physical hard disk. Let's see
an example:
User Mike's home directory is "d:\users\mike", and you have
many favorite music files in your "e:\music", you can create
a virtual directory named "my_music", which maps "e:\music"
to "d:\users\mike\". (By the way, don't forget to add the
"e:\music" to Mike's directory access list.) After doing so,
once Mike logs in server, he sees a directory "/my_music",
not different than any other directory or file. He doesn't
know the actual directory name and position of "/my_music"
on your server.
Virtual link is like virtual directory, except that virtual
link doesn't need to be mapped to any directory, user will
see it everywhere, whatever directory he enters, he sees the
link in it.
|
|
|
Contact:
|
Copyright © 2002 - 2008
NofeelSoft.
All rights reserved.
|
|
