Показать сообщение отдельно
Старый 08.09.2008, 03:40   #6
PLAstic
ViP
 
Пол:Мужской
Регистрация: 18.01.2006
Адрес: MSK RU
Сообщений: 2,837
Репутация: 1164
По умолчанию Re: поднять FTP на 2003м..

IIS поддерживает оба режима, насколько я помню. Во всяком случае, у меня получались оба на IIS5.0

[Для просмотра ссылок требуется регистрация. Зарегистрироваться...]
А вот и подробное пояснение работы:
Цитата:
Setting the Passive Connection Port Range
FTP clients connect to FTP servers through a well-known service port, TCP port 21, and establish a control channel for sending requests and receiving replies. For actual file data transfers, a second connection is established: a data channel. By default, the server connects back to the client to establish the data connection, which is an active-mode connection. However, to support clients that are behind firewalls and cannot accept incoming connections, the FTP protocol allows the client to connect to the server to establish the data channel, which is a passive-mode connection. Passive-mode connections are established through the following process: the client requests a passive mode (PASV), the server replies with a unique port number, and the client connects to that port.

By default, the FTP server allocates ports for passive-mode connections from the WinSock dynamic range, 1024 to 5000. If the server itself is behind a firewall, the 1024 to 5000 port range must be open for incoming connections at the firewall. This requirement can expose the server to potential attack because many applications share the WinSock dynamic port range. To reduce the attack surface, you can configure the FTP service to allocate ports for passive-mode connections from a port range above 5000, which allows you to assign a port range to be used exclusively by FTP passive-mode connections and to create firewall and router policies that open that range for incoming TCP connections.

To set the port range for passive-mode connections, edit the PassivePortRangeproperty in the metabase. When you set the port range, consider the number of anticipated concurrent file transfers because each client might need a distinct port. For performance reasons, the port range should be at least two times the number of anticipated concurrent file transfers.


Последний раз редактировалось PLAstic; 09.09.2008 в 23:39.. Причина: Добавил ссылку
PLAstic вне форума
 
Ответить с цитированием Вверх
 
Время генерации страницы 0.08172 секунды с 9 запросами