Long thread warning:

I run 2000 pro ( she's all update on patches ) and am using IIS that came with it for my ftp server. I only allow 3 connections. I recently change the ftp address and posted the addy change ahead of time onsite in the old dir. Problem, I have a person/jerk/hacker that is trying to come in via the old addy on all three connections constancely for the past 30 hrs. I sit and watch them try to get in every 5 - 6 seconds on all 3 slots. My ftp is down as no one eles can get hooked up anyhow because of this. I've gone here: http://packetderm.cotse.com/cgi-bin/lookuptools and done the whois/arin and here is what I got:

Hostname: net-32.renet.ru
IP Address: 195.161.130.32
Decimal Address: 3282141728
-------------------------------------------


---------------------------Whois Results---------------------------

% NOTE:
% Use of any automated high volume processes that
% apply to the RIPN Whois Service is prohibited.

domain: RENET.RU
type: CORPORATE
nserver: flash.renet.ru. 195.161.130.2
nserver: ns.renet.ru. 195.161.130.1
nserver: ns2.renet.ru. 217.23.87.238
nserver: star.renet.ru. 195.161.131.1
state: REGISTERED, DELEGATED
org: Renet COM company Ltd
phone: +7 8452 450450
fax-no: +7 8452 450450
e-mail: tech@renet.ru
registrar:RUCENTER-REG-RIPN
created: 1998.01.27
reg-till: 2003.03.01
source: RIPN


---------------------------Arin Results---------------------------

European Regional Internet Registry/RIPE NCC (NETBLK-RIPE-C)
These addresses have been further assigned to European users.
Contact info can be found in the RIPE database, via the
WHOIS and TELNET servers at whois.ripe.net, and at
http://www.ripe.net/perl/whois/
NL

Netname: RIPE-CBLK3
Netblock: 195.0.0.0 - 195.255.255.255
Maintainer: RIPE

Coordinator:
Reseaux IP European Network Co-ordination Centre Singel 258 (RIPE-NCC-ARIN) nicdb@RIPE.NET
+31 20 535 4444

Domain System inverse mapping provided by:

NS.RIPE.NET 193.0.0.193
AUTH03.NS.UU.NET 198.6.1.83
NS2.NIC.FR 192.93.0.4
SUNIC.SUNET.SE 192.36.125.2
MUNNARI.OZ.AU 128.250.1.21
NS.APNIC.NET 203.37.255.97

To search on arbitrary strings, see the Database page on
the RIPE NCC website at http://www.ripe.net/perl/whois/

Record last updated on 16-Oct-1998.
Database last updated on 7-Jun-2002 19:59:23 EDT.

The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.





Hostname: net-32.renet.ru
IP Address: 195.161.130.32
Decimal Address: 3282141728
-------------------------------------------

[net-32.renet.ru]

--------------------------------------------------------


I can't use the tcp/ip restrictions as 2000 pro don't suport them running IIS. I'm looking to get 2000 server next week.{ hopfully} Anyidears/suggestions? I need my ftp back up, I'm ftping a good friends trance sets for him.
Thanks everybody.

I dont use IIS's FTP functions. I run bulletproof's ftp server as it's easier to configure and as "auto-boot" and auto-ban" functions :) to get rid of people such as those you want to block

bulletproof huh? well if it's good enough for Mntsnow, then it will be fine for me :D

Thanks. I'll go have google look it up for it now.

If have not looked for it yet http://www.bpftpserver.com/

Serve-u is supposed to be good too but I did not like it.

Thanks for catching my oversight and posting the Link Jad1097!

I have to agree with you too Michael...I didnt care for "Serv-U" either. and with how inexpensive Bulletproof was after the 30 day trial and that comes with free lifetime upgrades.

Do take note though Madfish, You will need to FIRST uninstall the IIS ftp server and reboot BEFORE installing any of the "aftermarket" ftp server applications or you will not be able to use the default port 21 as it will be seen as in use by the IIS ftp app if not uninstalled and rebooted

:)


I knew I spelled "Serv-U" wrong! thanks Mike.




madfish, you don’t allow anonymous logins with read/write privileges do you? I am sure you know better but you never know. You may end up with some strange looking directories, you know?

anonymous logins: yes, to the trance folder and only read permisions for it. I have three other folders with full read/write for pshawn/azkidd and a close friend, unicorn for her wavs for storage. I couldn't get IIS to work with password set Jad.

Mntsnow: I been trying to figure out bp ftp most of the night and I'm lost. how does it get set up so others can ftp in and grab trance sets? and also for my three pvt folders. The help file just confused me even more, hell this is just as bad as me trying to figure out linux, not good :)
Thanks

Edit: and help with the auto ban too and setting up passwords. sheese, I should just ship my box to you :).

Oh, btw, I use dns2go for my dns redirect.

The reason I asked is that would explain why some idiot is hammering you. YOu may want to check your server with the SmartFtp (http://www.smartftp.com) cleint because it sees most hidden folders. But if you watch your logs this is likely not he case.


It's been quite a while since I used it since going back to 56k but I thought the help file was somewhat useful.

After you open up "set up user accounts" Setup>>user accounts, right click on the user list on the right and selet add and creat an account name. Then highlight the user and creat the rights password etc.

To set autoban setup>>Main>>Advanced Check anti-hammer. this automaticly bans a user for a period of time. Under options you need to check block banned IP's and I think it will permanitly ban them.

Jad,
Im don't see none of those options here. I've looked though it all, including the help files. from my understanding, imo, after reading the help files, bp ftp is just used fof personal downloading and uploading to a server. I need a proggy so the public can ftp those sets off of me. It doesn't need to be free, as you get what you pay for. DJ Lithium (http://www.djlihtium.com) is who I'm helping out.
I could pay to have someone like Extremedreams serve them, but I got a deadicated machine {ECS D6VAA Dualie} and 80 g's of Hdd room and a small fat pipe (dsl) and I want to learn about all this too.
should I just wait til I purchuse 2000 server? I look at apache for windows and don't know where begin.
Thanks.

Oh sheese! I downloaded the wrong bp ftp. I didn't get the sever version. I'll grab that now and report back in a bit. Hehehe I feel like sureall now, hehehehe.
(no offence sureall)
{ya, I can't spell worth turds, deal with it :)}

hehe :) Thats ok...I know you're on the right track now!

oppsss