BPFTP Server – Page 4 – BulletProof FTP Server

Issue: “I can’t see any files…”

FTP-User can login, but can’t see any directory-listing:
aka “Unable to retrieve directory-listing”
aka “Internet Explorer cannot display the webpage”
aka “Oops! Google Chrome could not connect to FTP.YOURHOST.COM”

this also appears in the Log-Watch for BulletProof FTP Server 2011 as
2012-01-31 13:12:33 – mmc [000005] [12.13.14.15] – PASV
2012-01-31 13:12:33 – mmc [000005] [12.13.14.15] – 227 Entering Passive Mode (12,13,14,15,156,119)
2012-01-31 13:12:34 – mmc [000005] [12.13.14.15] – INFO: user disconnected gracefully. (00:00:01)

REASON: Stateful-Packet-Inspection (SPI) and Passive-Mode:
The first thing to do when setting up BulletProof FTP Server 2011 is to configure it to operate behind your NAT/Firewall (HOWTO).

This is called Passive-Mode (PASV) support and is a must for most installations. However many NAT/Firewalls have a “feature” called Stateful-Packet-Inspection or SPI (INFO) that sniffs the network-traffic for FTP packets and mangles the information in the packets to dynamically open ports on your firewall. Sadly, it almost always fails to correctly change the entire packet. In order to “help” SPI, it’s recommend to change the Static IP Address to the Listening IP address for your machine running BPFTP Server.

In order to better “cooperate” with SPI, it’s recommend that you try changing the Static IP Address under Management -> Settings -> NAT/Firewall to the Listening IP on the left side of the main-screen under Server Info.

SCREENSHOT: Management -> Settings -> NAT/Firewall

HOWTO: Share a UNC Folder via FTP

In the latest version of BulletProof FTP Server, you can also offer a UNC Share to your FTP-Clients.. even when the BPFTP Server is running as Windows System-Service!

This posting builds upon a previous article on how to expose Drive-Letters using “Virtual Folders” in BulletProof FTP Server, by showing how to use UNC Paths as well…

HOWTO: Using Virtual-Folders to Share Additional Drives/Folders via FTP
http://blog.builtbp.com/2011/12/howto-using-virtual-folders-to-share-additional-drivesfolders-via-ftp/

HOWTO: Windows System-Service. Also, please see the extended list of postings related to running BPFTP Server as a Windows System-Service:
http://blog.builtbp.com/2011/09/howto-windows-system-service/
http://blog.builtbp.com/category/bpftp-server/windows-system-service/

“User Manager -> Edit User -> Access”, right-click in the list and choose “Quick Add”.

After clicking on “Quick Add”, an entry will be created for “C:\”.. just start-typing the UNC path for the share you would like to offer and hit ENTER.

After clicking on “Quick Add”, if you missed the over-type. Never fear. You can right-click any unneeded entry and click “Quick Edit”.

Next, we need to create a name for the “Virtual Folder” that is being offered from the UNC Share. Right-Click and choose “Create ShortCut in User’s Home”.

Lastly, type in the name of the “Virtual Folder” that you want displayed to the FTP-Client for the UNC Share.

HOWTO: Using Virtual-Folders to Share Additional Drives/Folders via FTP

BulletProof FTP Server supports the ability to create “Virtual Folders” for your ftp-users to access additional drives, folders and network-shares; allowing your ftp-users access to a wide variety of folder-locations on your local computer, as well as mounted-shares in your network.

Example Usage:

Providing Access to Web-Server documents via FTP
Accessing the files on your home-computer from work
Allowing telecommuters to update company files, spreadsheets, etc from home
Facilitating the transfer of very large files over the internet (too big for email)
Trade files between friends and family using their web-browser

Additional Info:
TIPS: How to serve your Network-Drives via FTP
HOWTO: Share a UNC Folder via FTP

Edit the FTP-User account and choose “Add” to create a new Access-Right for the drive/folder you would like to virtualize.

Select the Drive/Folder to be Virtualized and the Access-Rights you would like to give the ftp-user account.

Edit the FTP-User account, setup Access-Rights to the drive/folder to be virtualized and define the name for the folder.

Enable Virtual-Folders and configure it as see in this image.

Using your ftp-client, connect to the FTP-Server and see the virtualized folder!

FAQ: My License-Code doesn’t work in the Latest Version

When you purchase our software, you are sent a license-code aka registration-code. This license-code is a secret set of letters and numbers which will turn the demo/trial version into the full version. This license-code is tied to the version of the product that was purchased and will only work in the version that purchased.

In other words, if you purchased BulletProof FTP Client 2009, the license-code you are sent will only work in Version 2009 of the product. It will not work in Version 2008 of the product, nor will it work in Version 2010 of the product.

Please Note: All orders come with 1-FREE-YEAR of supports and updates, this includes major updates and often times (depending on the release date of the next version) you’ll get the next full-version with this FREE year of support/updates. So, please search your email for anything from automated@builtbp.com as you may have another license-code.

You have two options….

1) If you do not want to upgrade to the latest version, then please go to our website and click one of the Download links for the product and scroll down to “Older Versions” and find the version that matches the license-code you purchased.

Please Note: Older versions do not have the latest changes needed to run on modern versions of Windows. Nor do they include updates and/or bug-fixes that were achieved in the latest version of the product.

2) You can upgrade to the latest version, which will renew the support and updates and you will be sent a new license-code. In addition, you could be eligible for a discount for being a previous customer. Please check the MEMBERS section of our website or Contact Us with the customer information for your previous order and we’ll locate the order and send you a discount coupon-code.

FAQ: Can I Upgrade and retain all my Users, Groups and Settings?

Yes!! You can certainly upgrade and retain all of the Users, Groups and Settings that you currently have defined in any version of BulletProof FTP Server.

In designing the latest version of BulletProof FTP Server, it has been a paramount concern that upgrades from a previous versions are supported 100% for our previous customers. This includes customers running versions: v2.21, v2.3, v2.3.1.26, v2.4, v2.5, v2010, v2011, any version!

The storage-format for the Users, Groups and Settings is a simple flat-text-file called an INI File. This file format has been around since the earliest days of Windows and we’ve found it to be extremely easy to maintain, edit and backup/restore. The only change over the years has been the location where this file is stored, see below for the location and file-name for these files:
FAQ: Where does BPFTP Server store the Users, Groups and Settings?

NOTE: The original files will not be harmed in anyway and you can even run the previous and current version of the software on the same computer without them conflicting.

Same Computer: Migrating the Users, Groups and Settings from a previous version is very simple and automatically provided when the latest version of BulletProof FTP Server is installed and started for the first time on a machine that currently runs a previous version.

Management -> Settings -> Upgrade -> Auto Upgrade

New Computer: If you are creating a new Windows machine to run the latest version of BulletProof FTP Server; and would like to migrate the Users, Groups and Settings from this previous machine, you would simply copy the *.INI files to location that the new Windows machine can access (USB drive, network share, emailed attachment, etc).

Management -> Settings -> Upgrade -> Manual Upgrade

Choose the Directory for the previous INI Files

FAQ: Where does BPFTP Server store the Users, Groups and Settings?

FAQ: Where does BPFTP Server store the Users, Groups and Settings?

The Users, Groups and Settings for BulletProof FTP Server are stored in simple flat-text-files called INI Files. These files have not changed over previous versions, however the location for these files has changed slightly to reflect Microsoft’s suggestions for security and reliability:

Version	Default Storage-Location	File Names
v2018 v2017 v2016 v2015 v2014	%LOCALAPPDATA%\BulletProof Software\BulletProof FTP Server\ As of v2014/v2016, the program will no longer store the files in a “version specific” location on the local computer. In the future, this will streamline the upgrade process for later versions.	bpftpserver.ini bpftpserver-ui.ini bpftpserver-users.ini bpftpserver-groups.ini
v2013	%LOCALAPPDATA%\BulletProof Software\BulletProof FTP Server\2013\	bpftpserver.ini bpftpserver-ui.ini bpftpserver-users.ini bpftpserver-groups.ini
v2011	%LOCALAPPDATA%\BulletProof Software\BulletProof FTP Server\2011\	bpftpserver.ini bpftpserver-ui.ini bpftpserver-users.ini bpftpserver-groups.ini
v2010	%LOCALAPPDATA%\BulletProof Software\BulletProof FTP Server\2010\	bpftpserver.ini bpftpserver-ui.ini bpftpserver-users.ini bpftpserver-groups.ini
v2.3.1.26	%ProgramFiles%\BulletProof FTP Server 2.3.1.26\	ftpsrv.ini users.ini groups.ini
v2.3	%ProgramFiles%\BulletProof FTP Server 2.3\	ftpsrv.ini users.ini groups.ini
v2.21	%ProgramFiles%\BPFTP Server\	ftpsrv.ini users.ini groups.ini

TIPS: How to serve your Network-Drives via FTP

BulletProof FTP Server has the ability to serve files on your Mapped Network Drive via FTP. But you will need to add some special parameters to make sure that the credentials for the mapped drive are saved and the connection is toggled as persistent.

This is best done via the command-line (CLI) using the NET.EXE USE command.

Take the following example:
c:> %SystemRoot%\system32\net.exe use h: \\myserver\myshare /user:myusername /persistent:yes

In this example we are mapping drive-letter “H:” to a computer named “myserver” with a share-name of “myshare”, where the credentials needed to login to the machine are specified as “myusername” (if you were part of a domain, it would be “mydomain\myuser). The “/persistent:yes” instructs Windows to reconnect the drive at login.

Full Docs on the NET.EXE USE command:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_use.mspx?mfr=true

Microsoft Windows, by default, disconnect network-drives after X minutes of inactivity. Remapping the drive is done quickly and usually without any interruption. However if you have any problems, it’s recommended that you increase the default 600 seconds (10 minutes) to a larger number:
Mapped Drive Connection to Network Share May Be Lost

SERVICE: User-Access Control (UAC) prevents running Windows System-Service

NOTE: This ONLY effects the OLDER version of BulletProof FTP Server 2011. This problem does not exist in the current version.

This week, we discovered the source of a problem with running BulletProof FTP Server 2011.1.0.71 (and prior) as a Windows System-Service and the default settings for User-Access-Control (UAC). User-Access-Control (UAC) was first-introduced in Windows Vista as a tool to help isolate programs from making unauthorized changes to the Windows Registry; and is now included by default in Windows 7, Server 2008 and R2.

User-Access-Control blocks and prevents some of the functionality in BulletProof FTP Server 2011.1.0.71 (and prior), specifically the code dealing with Windows System-Services. This includes the installation of the SERVICE and it’s internal communications to the SERVICE when running the GUI.

Bottom Line: In order to run BulletProof FTP Server 2011.1.0.71 (and prior) as a Windows System-Service, you will need to modify the User-Access-Control (UAC) and change it’s settings to “Never Notify”.

We understand this presents a security-risk in some environments and will be releasing an update in the coming days to address the problem.

Please see the detailed steps below for changing the settings in UAC, starting in the Windows Start -> Control Panel.

Click on “User Accounts and Family Safety”

Click the link to “Change the User Account Control Settings”

Slide the bar on the left, to the very bottom for “Never Notify”.

One could argue that UAC was a big reason for the universal opinion that Vista was a flop; but still other techies are fans, as it can help protect the computer (if you don’t always click Continue without thinking).

Crash on Program Start: Windows Update KB2533623

Faulting application bpftpserver-2011.exe, version 2011.1.0.71, time stamp 0x4e8f8103, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc000001d, fault offset 0x03094c99, process id 0x818, application start time 0x01cc9567a0e85aad

We’ve experienced some random crashes, at start-up in the program that have been found to be related to a patch from Microsoft Update with Microsoft Security Advisory: Insecure library loading could allow remote code execution (KB 2533623).

Technically, this patch prevents the loading of external DLL’s without a fully-qualified-path to the DLL. Unfortunately, we utilize a virtualized DLL that is loaded at program start that does not load a DLL-file on the system, so it can fail when KB2533623 is applied to this system.

Is KB2533623 installed on my installation of Windows?

Windows GUI: You can list all of the updates for your installation of Windows from the following location:

Alternatively, Internet Explorer can take you there with the following:
http://go.microsoft.com/fwlink/?LinkID=3326

Windows CLI: Alternatively you can execute the following at a command-line:
C:\Users\myusername> wmic qfe list | find "2533623" http://support.microsoft.com/?kbid=2533623 MYCOMPUTERNAME Update KB2533623 MYCOMPUTERNAME\myusername 7/15/2011

How do I uninstall KB2533623?

Windows GUI: You can uninstall individual updates from Microsoft by loading the following:

Windows CLI: If you are using Windows 2008 R2, you can then uninstall it from the command line using the WUSA.EXE command. (If you aren’t using Windows 2008 R2, you’ll need to use the above GUI method).
C:\Users\myusername> wusa /uninstall /kb:2533623

HOWTO: Overridding the Storage-Path for Settings, Users and Groups

The latest version of BulletProof FTP Server (by default) stores everything related to the program’s operation, including “Settings, Users and Groups” in the non-roaming, local user storage location %LOCALAPPDATA%. This allows for a constant, microsoft certified location for the storage of files and settings related to a program. This path is user-specific, in that, it is private to the OS-USER that you use to login to Windows. In some environments, you may want to change this location to something that complies with your own standards .. or perhaps you would like to run the SERVICE as a different user than the GUI.

Starting with BulletProof FTP Server v2010 (including later versions), the path for storing the “Settings, Users and Groups” was changed as a result of security improvements to Windows (starting with Vista). Previously, the BulletProof FTP Server stored everything in the “Installation-Directory” for the software. However, with the development of User-Access-Control (UAC) in Windows Vista/2008, the storage-path for these files were redirected to the Virtual Store. This redirection of file-writes to now protected paths, such as the %ProgramFiles%, proved to be very cumbersome of difficult for our customers to manage. For this reason, we embraced the new location Microsoft has specified and developed the ability to OVERRIDE it for customers that wanted to retain control of this location.

Table-Listing of Storage-Locations over the past several versions of BulletProof FTP Server:
Q: Can I backup the Settings, Users and Groups?

In the following example, you are stepped through the process of “Overriding the Storage-Path” in the program and the subsequent process that BulletProof FTP Server goes through to migrate the files containing the “Settings, Users and Groups”. Please note, this process can also be used to restore a backed up copy of your files.