Difference between revisions of "FileZilla FTP Server"
(few fixes... enjoy guys :)) |
|||
| Line 1: | Line 1: | ||
| − | '''FileZilla Server''' is a simple and efficient file transfer protocol (FTP) server program for use in most versions of Windows (NT and | + | '''FileZilla Server''' is a simple and efficient file transfer protocol (FTP) server program for use in most versions of Windows (NT, 2000, and XP). It also supports compression, secure connections, and both speed and user limits. Hardware requirements are extremely low, requiring only a Pentium-level machine, and taking up only 3.4 megs of system memory (the interface requires 6 megs but may be turned off when not in use). |
| − | + | It is ''strongly recommended'' you have at least a DSL or Cable connection to run any FTP Server. | |
| − | FTP Servers allow for remote file management, | + | === Why an FTP server? === |
| + | |||
| + | FTP Servers allow for remote file retrieval and management, downloading large files gradually, and often higher speeds than other software. Improving over regular Windows Sharing, large numbers of files transferring do not cease when only one file will not copy (good for data backups). FTP servers are enormously flexible and can be configured for remote file access, workgroups, and anonymous file distribution. | ||
Accessing almost any FTP server is extremely easy, as almost every computer built after around 1995 has an FTP client that can connect to it. | Accessing almost any FTP server is extremely easy, as almost every computer built after around 1995 has an FTP client that can connect to it. | ||
| Line 9: | Line 11: | ||
=== Why use FileZilla's Server? === | === Why use FileZilla's Server? === | ||
| − | FileZilla Server | + | FileZilla Server is extremely easy to use, has many security features, and low ($0) price tag. Donations are welcome but not required. Also, the software's internals are available to anyone and are licensed with the same open source license used by Linux (the GPL). |
| − | |||
| − | |||
=== Features === | === Features === | ||
| − | * Easy to use - similar to bulletproof FTP | + | * Easy to use - similar in design to bulletproof FTP |
* Speed limits - prevents saturation of bandwidth | * Speed limits - prevents saturation of bandwidth | ||
* Compression - increase the speed of transfers via MODE Z on-the-fly compression | * Compression - increase the speed of transfers via MODE Z on-the-fly compression | ||
| − | * Encryption - keep important data confidential using the same technologies your web browser uses. | + | * Encryption - keep important data confidential using the same technologies your web browser uses. Known as FTP over SSL/TLS or FTPS. |
| + | |||
| + | [http://sourceforge.net/docman/display_doc.php?docid=24747&group_id=21558 FileZilla Server FAQ] | ||
== Recommendations == | == Recommendations == | ||
| − | '''Note of Caution:''' Running a remote access server can invite outside interference. It is recommended that users research this operation and understand the problems that can occur when you run any computer server that is accessible from the Internet. Users not familiar with this process should restrict the server to only local connections | + | '''Note of Caution:''' Running a remote access server can invite outside interference. It is recommended that users research this operation and understand the problems that can occur when you run any computer server that is accessible from the Internet. Users not familiar with this process should restrict the server to only local connections (see below): |
| + | |||
| + | === Restricting your server to local access === | ||
| − | + | Most routers hide your FTP server from the outside world but this is another preventative step: | |
| − | # From the menu, select "Server" -- " | + | # From the menu, select "Server" -- "Settings". |
# Under "General settings", select "IP filter" | # Under "General settings", select "IP filter" | ||
# In the first box, type an asterisk "*" (no quotes) | # In the first box, type an asterisk "*" (no quotes) | ||
| − | # In the second box, type your local address. This should be "192.168.1.*" (no quotes) but different routers will use different numbers, usually "192.168.0.*" or "192.168.2.*". | + | # In the second box, type your local address. This should be "192.168.1.*" (no quotes) but different routers will use different numbers, usually "192.168.0.*" or "192.168.2.*". |
=== Making your server remote-accessible === | === Making your server remote-accessible === | ||
| − | To connect to your home computer, you must enable an intermediary service. Most DSL or cable customers are protected from the outside world by | + | To connect to your home computer, you must enable an intermediary service. Most DSL or cable customers are protected from the outside world by several barriers. Talk to your provider about a static IP or look into services such as http://www.dyndns.org and http://www.no-ip.com (or [http://www.technopagan.org/dynamic/ other providers]). Use a guide [http://www.no-ip.com/support/guides/other/using_cable_dsl_router.html like this] to help with setting up your DSL/Cable router. Look for "The Demilitarized Zone" in your router documentation and put your server's IP there. |
=== Restricting Administrative Access === | === Restricting Administrative Access === | ||
| Line 39: | Line 43: | ||
Under the "Edit menu" select "Settings" -- "admin interface settings," and look at the box labeled "select IP addresses which are allowed to interface." | Under the "Edit menu" select "Settings" -- "admin interface settings," and look at the box labeled "select IP addresses which are allowed to interface." | ||
| − | Here, enter your local IP address, which will probably be "192.168.1.*" (do not include the quotes). Some routers use "192.168.0.*" or "192.168.2.*". Check your router documentation or open a Command Prompt window and type "IPCONFIG." The asterisk is a wildcard that means | + | Here, enter your local IP address, which will probably be "192.168.1.*" (do not include the quotes). Some routers use "192.168.0.*" or "192.168.2.*". Check your router documentation or open a Command Prompt window and type "IPCONFIG." The asterisk is a wildcard that means any computer connected directly to your router can administer the server. |
| − | Alternately (or additionally for increased security), you may also add a password. In the same window, check the "Change admin password" box and enter and | + | Alternately (or additionally for increased security), you may also add a password. In the same window, check the "Change admin password" box and enter (and re-type in the next box) your password. For security, it should be as long as possible, but is required to be above 6 characters. |
=== Speed limits === | === Speed limits === | ||
| − | Download and upload speed limits are important to prevent your server from overloading your Internet | + | Download and upload speed limits are important to prevent your server from overloading your Internet connection. Under the options menu, under "speed limits," enter a constant speed limit that is below your maximum speed. Many cable customers will have around 50k download speed limit, and 200k upload limit (realizing that sounds backwards). In this case, you will wish to set a constant speed limit of around 30k download and 100k upload. This should prevent your server from interfering with your regular Internet usage. |
| + | |||
| + | Individual user accounts may be set to bypass any speed limits which is useful for local connections on the same router, described under "Setting up users" below. Additionally, under "Filetransfer compression," check the box next to "Exclude private IP address ranges", and enter the same "192.168.1.*" in the box below it. | ||
=== Setting up encryption === | === Setting up encryption === | ||
| − | Under SSL/TLS settings, check "Enable SSL/TSS support" box and click the "Generate new certificate" box at the bottom of the page. The computer will ask where to place a certificate, and then generate one. It is recommended to click the box next to "allow explicit SSL/TLS on normal connections." This will allow the flexibility to have some users use encryption for secure transfers, while others may avoid using the extra processor speed and | + | Under SSL/TLS settings, check "Enable SSL/TSS support" box and click the "Generate new certificate" box at the bottom of the page. The computer will ask where to place a certificate, and then generate one. It is recommended to click the box next to "allow explicit SSL/TLS on normal connections." This will allow the flexibility to have some users use encryption for secure transfers, while others may avoid using the extra processor speed and slower transfer rates. |
=== Setting up users === | === Setting up users === | ||
| Line 55: | Line 61: | ||
User settings are fairly intuitive but here are some loose suggestions: | User settings are fairly intuitive but here are some loose suggestions: | ||
| − | '''Local Use''' - in order to keep connection | + | * '''Local Use''' - in order to keep connection speeds high between your server and local computers, it is important to turn off all compression, encryption, and speed limits. |
| + | |||
| + | * '''Remote Use''' - to best protect your data, encryption and compression should be used together. To increase transfer speed, simply use compression. | ||
| + | |||
| + | * '''Untrusted Users''' - you may restrict access to specific folders, write permissions, the capability to delete data, and much more. You may also require users to use encryption to prevent eavesdropping. | ||
| + | |||
| + | * '''Groups of users''' - if you are enabling your server for a large number of people, it helps to create a user group of default settings. Usually, you should include a restriction on the total number of users and on the speed limit of individual connections. This will prevent bottlenecking. | ||
| − | |||
| − | + | === Enterprise file servers === | |
| − | + | FileZilla Server is probably not suited for high security or large-scale operations. It is not recommended for use with government or for transferring highly sensitive information. As described in the license distributed with every copy of FileZilla or FileZilla Server, there is no warranty for this software. It is however probably much more secure than Windows networking alone. | |
Revision as of 17:58, 22 December 2006
FileZilla Server is a simple and efficient file transfer protocol (FTP) server program for use in most versions of Windows (NT, 2000, and XP). It also supports compression, secure connections, and both speed and user limits. Hardware requirements are extremely low, requiring only a Pentium-level machine, and taking up only 3.4 megs of system memory (the interface requires 6 megs but may be turned off when not in use).
It is strongly recommended you have at least a DSL or Cable connection to run any FTP Server.
Why an FTP server?
FTP Servers allow for remote file retrieval and management, downloading large files gradually, and often higher speeds than other software. Improving over regular Windows Sharing, large numbers of files transferring do not cease when only one file will not copy (good for data backups). FTP servers are enormously flexible and can be configured for remote file access, workgroups, and anonymous file distribution.
Accessing almost any FTP server is extremely easy, as almost every computer built after around 1995 has an FTP client that can connect to it.
Why use FileZilla's Server?
FileZilla Server is extremely easy to use, has many security features, and low ($0) price tag. Donations are welcome but not required. Also, the software's internals are available to anyone and are licensed with the same open source license used by Linux (the GPL).
Features
- Easy to use - similar in design to bulletproof FTP
- Speed limits - prevents saturation of bandwidth
- Compression - increase the speed of transfers via MODE Z on-the-fly compression
- Encryption - keep important data confidential using the same technologies your web browser uses. Known as FTP over SSL/TLS or FTPS.
Recommendations
Note of Caution: Running a remote access server can invite outside interference. It is recommended that users research this operation and understand the problems that can occur when you run any computer server that is accessible from the Internet. Users not familiar with this process should restrict the server to only local connections (see below):
Restricting your server to local access
Most routers hide your FTP server from the outside world but this is another preventative step:
- From the menu, select "Server" -- "Settings".
- Under "General settings", select "IP filter"
- In the first box, type an asterisk "*" (no quotes)
- In the second box, type your local address. This should be "192.168.1.*" (no quotes) but different routers will use different numbers, usually "192.168.0.*" or "192.168.2.*".
Making your server remote-accessible
To connect to your home computer, you must enable an intermediary service. Most DSL or cable customers are protected from the outside world by several barriers. Talk to your provider about a static IP or look into services such as http://www.dyndns.org and http://www.no-ip.com (or other providers). Use a guide like this to help with setting up your DSL/Cable router. Look for "The Demilitarized Zone" in your router documentation and put your server's IP there.
Restricting Administrative Access
Under the "Edit menu" select "Settings" -- "admin interface settings," and look at the box labeled "select IP addresses which are allowed to interface."
Here, enter your local IP address, which will probably be "192.168.1.*" (do not include the quotes). Some routers use "192.168.0.*" or "192.168.2.*". Check your router documentation or open a Command Prompt window and type "IPCONFIG." The asterisk is a wildcard that means any computer connected directly to your router can administer the server.
Alternately (or additionally for increased security), you may also add a password. In the same window, check the "Change admin password" box and enter (and re-type in the next box) your password. For security, it should be as long as possible, but is required to be above 6 characters.
Speed limits
Download and upload speed limits are important to prevent your server from overloading your Internet connection. Under the options menu, under "speed limits," enter a constant speed limit that is below your maximum speed. Many cable customers will have around 50k download speed limit, and 200k upload limit (realizing that sounds backwards). In this case, you will wish to set a constant speed limit of around 30k download and 100k upload. This should prevent your server from interfering with your regular Internet usage.
Individual user accounts may be set to bypass any speed limits which is useful for local connections on the same router, described under "Setting up users" below. Additionally, under "Filetransfer compression," check the box next to "Exclude private IP address ranges", and enter the same "192.168.1.*" in the box below it.
Setting up encryption
Under SSL/TLS settings, check "Enable SSL/TSS support" box and click the "Generate new certificate" box at the bottom of the page. The computer will ask where to place a certificate, and then generate one. It is recommended to click the box next to "allow explicit SSL/TLS on normal connections." This will allow the flexibility to have some users use encryption for secure transfers, while others may avoid using the extra processor speed and slower transfer rates.
Setting up users
User settings are fairly intuitive but here are some loose suggestions:
- Local Use - in order to keep connection speeds high between your server and local computers, it is important to turn off all compression, encryption, and speed limits.
- Remote Use - to best protect your data, encryption and compression should be used together. To increase transfer speed, simply use compression.
- Untrusted Users - you may restrict access to specific folders, write permissions, the capability to delete data, and much more. You may also require users to use encryption to prevent eavesdropping.
- Groups of users - if you are enabling your server for a large number of people, it helps to create a user group of default settings. Usually, you should include a restriction on the total number of users and on the speed limit of individual connections. This will prevent bottlenecking.
Enterprise file servers
FileZilla Server is probably not suited for high security or large-scale operations. It is not recommended for use with government or for transferring highly sensitive information. As described in the license distributed with every copy of FileZilla or FileZilla Server, there is no warranty for this software. It is however probably much more secure than Windows networking alone.
