Setting up a Windows Apache Web Server
The Server in the Cellar - Page 3
Remote Control :-
During October 2003, remote control of computers seemed to have been a subject that cropped up a lot in my life. At college, we were given demonstrations of Proxy by Funk Software and Citrix. I was talking to an accountant, it seems she had a client a couple of hours drive away and asked me if there was a way for me to have access to the client's files and do the accounts from home. I've used PCAnywhere by Symantec before but I wondered if there was a cheaper (or free) solution. I found the following products and installed them on the "Server in the Cellar".
When you use this software ensure you remember to set the passwords as these programs can give full control to anyone who needs it.
NetRunner - Very easy to set up. On the machine you want to remotely control just open the zip file and start one of the servers. On the other machine just start the client software. That?s it, no installation at all. I had trouble getting NR_server working but NR_server2 worked first time. Not so good as Proxy but it is free.
Remote Home ? This is FTP server software. I just couldn?t get this to work at all, even after adjusting the remote controlled computer file sharing. This may be that I?ve already got a HTTP server already running on this computer though. It has good reviews in many download sites.
Specrem - Very easy to set up. Because I use firewalls on my machines I found I had to use the callback function to make it work properly. The remote control screen on the client is very slow, but that may be my internet connection.
TightVNC - Very easy to set up. Worked first time.
TridiaVNC - Very easy to set up. Worked first time.
UltraVNC - This is good. Like the others it is very easy to set up and worked first time. One of the quickest and also contains file transfer software so you can swap files between the computers.
VNC - Very easy to set up. Worked first time. This is seems to be one of the quickest in operation. Also has Mac and Novell versions.
VNC Admin Console - An interface to control VNC servers and hosts.
I now use UltraVNC to control the "Server in the Cellar" from the computer upstairs. After all going up and down the flight of stairs to the cellar is so very tedious!
The "Server in the Cellar" desktop on top of another computer's desktop.
This is the server being controlled by another computer using UltraVNC
FTP Servers :-
I'd been thinking for a while that I should really install an FTP server on the "Server in the Cellar." Because I want to keep that server separate from the other computers at home I've been using old fashioned "sneakernet." That is, I've been putting the files I want to transfer onto disk and running up and down the stairs exchanging files from one computer to the other like that. While I was messing around the remote control software I decided to look at FTP servers as well. I tried the following programs
1308 FTP Server, AutoFTP Server, Cerberus FTP Server, Cesar FTP Server, Fictional Daemon, FileZilla FTP Server, Guild FTP Server, NetFile FTP Server, Nite Server, Personal FTP Server, Smallftpd, SolarWinds TFTP Server, TYPSoft FTP Server and War FTP Server
Fictional Daemon - More than FTP server this also allows you to execute programs from the remote computer. It also includes a scheduler.
NetFile FTP Server - This also has a web server
Smallftpd - I couldn?t get this to work
SolarWinds TFTP Server - TFTP is not the same FTP!
TYPSoft FTP Server - This is the one I?m using on the ?Server in the Cellar?
War FTP Server - In its day was the #1 Windows FTP server
As with the remote control software be sure to set the passwords for these programs. Most allow you to set the minimum directory level or virtual root directory that the FTPer is allowed into, it's a good idea to set this too.
Setting the users password and root directory in TYPSoft FTP Server
Once the FTP server is setup then to FTP files from it then open up a FTP client program, set the FTP address, the username and password and you can transfer files to and from the machine with the FTP server on it. You can even use an Internet browser, the address should begin with FTP:// rather than HTTP://
So that I am able to share files easily between friends I set up an anonymous FTP server account. Looking through the anonymous FTP account folder in February 2005, I noticed a directory and two files that shouldn't of been there. The directory name was 05013018142p and the two files in the main anonymous FTP folder were named 1mbtest.ptf and space.asp. All were created on 30th January 2005. Curious, I looked through the FTP server log and found these entries...
[1:15:01 PM] -  Connect to 220.127.116.11. Get Username.
[1:15:01 PM] -  User ANONYMOUS Connected
[1:15:01 PM] -  ANONYMOUS: Current Directory: D:\anonFTP\
[1:15:03 PM] -  ANONYMOUS: Current Directory: D:\anonFTP\
[1:15:04 PM] -  ANONYMOUS: Create Directory: D:\anonFTP\050130181429p
[1:15:05 PM] -  Client ANONYMOUS, 18.104.22.168 Disconnected (00:00:04 Min)
[1:36:28 PM] -  Connect to 22.214.171.124. Get Username.
[1:36:28 PM] -  User ANONYMOUS Connected
[1:36:28 PM] -  ANONYMOUS: Current Directory: D:\anonFTP\
[1:36:30 PM] -  ANONYMOUS: Current Directory: D:\anonFTP\
[1:36:33 PM] -  ANONYMOUS: Start Upload of D:\anonFTP\1mbtest.ptf
[1:38:25 PM] -  ANONYMOUS: File Uploaded: D:\anonFTP\1mbtest.ptf (9.14 K/S - 1 048 578 bytes)
[1:38:26 PM] -  ANONYMOUS: Start Download of D:\anonFTP\1mbtest.ptf
[1:40:17 PM] -  ANONYMOUS: File Downloaded OK: D:\anonFTP\1mbtest.ptf (9.31 K/S - 1 048 578 bytes)
[1:40:20 PM] -  ANONYMOUS: Start Upload of D:\anonFTP\space.asp
[1:40:22 PM] -  ANONYMOUS: File Uploaded: D:\anonFTP\space.asp (2.59 K/S - 2 648 bytes)
[1:40:24 PM] -  Client ANONYMOUS, 126.96.36.199 Disconnected (00:03:56 Min)
The file "1mbtest.ptf" is used to test the bandwidth of your server. Its also a trademark of people that use anonymous access FTP servers to store ripped movies and pirate software.
Another article, "Hacking the Hacker" at Tech Republic says that...
1mbtest.ptf is used by the hacker to measure the available bandwidth of the server and gauge the efficacy of using this machine to conduct other attacks. The Space.asp Active Server Page was used to enumerate drives and their free space on the server. These files illustrate the dangers of anonymous uploads.
Using the Search options in Windows Explorer I looked for all the files modified, created and accessed the day that 188.8.131.52 accessed the FTP server. Luckily for me, and unlike the server in the "Hacking the Hacker" article, no other files or folders appear to have been disturbed.
Dynamic DNS :-
It's now the end of April 2004, and the "Server in the Cellar" has been running for around 11 months. There was always a couple of problems with it that I knew was there, but didn't get around to fixing. When someone went to http://brisray.com GoDaddy's DNS servers would direct people to my server but the address bar would show something like http://184.108.40.206 or whatever the IP address was at the time. As the IP address is dynamic this would create problems for people trying to bookmark the pages. Also, when the IP address changed I would have to go to the domain management page at GoDaddy and manually change the IP address the DNS servers needed.
I now use a dynamic DNS server provided by EveryDNS. Using this service is easy. As the domain is registered with GoDaddy the first thing I did after registering with EveryDNS was to go to the GoDaddy domain management site and change the name servers from GoDaddy's to EveryDNS's. Next I downloaded and installed Matt Whitlock's dynamic DNS helper - this is available from EveryDNS. What this program does is contact the nameservers and informs them of the server's IP address. The program is very simplistic and I found the best way to use it is to write a batch file and run it daily using Windows Scheduler.
The site used to be available from http://www.brisray.com or http://brisray.com but when I changed to the EverDNS service I found that http://www.brisray.com was no longer available. I added a CNAME record to the main A Record and the site can now be accessed by both addresses again.
An A (address) record is a DNS database entry that points the domain to the IP address of the server it is run from.
A CNAME (Canonical Name) record is a DNS database entry that points an alias, usually a sub-domain, to the domain listed in the A Record. A sub-domain is simply a part of a larger domain and can be addressed as mysub.brisray.com. The sub-domain may actually be part of the directory structure of the website, using the previous example, website/mysub/.
Apparently, I could use a * wildcard in either of the A or CNAME records, this would even point typo's such as wwwww.brisray.com to the server. I'll have to check this though as I've read on some forums that wildcards can cause problems in these records. Sub-domains pointing to different directories or pages on the web server can be set up using Virtual host entries in the Apache web server httpd.conf configuration file. I'll leave this to another day though.
The A and CNAME records for my site
DNS Primer gives a nice explanation of some of these concepts.
There are lists of both static and dynamic DNS servers to be found at ...
Default Pages, Directory Listings & .htaccess :-
By default, Apache requires that the home page of a site be named index.html. This can be added to or changed by simply changing the line in the httpd.conf file DirectoryIndex index.html to something like DirectoryIndex index.html index.htm.
This means that the home page for the site hosted on the server can be index.html or index.htm. If a user just types the domain name ie brisray.com then, if it exists, Apache will automatically display the default home page. If it can't find one, then it will automatically give a directory listing of the files in the current folder. This behaviour is also true of subdirectories. Suppose a user simply types brisray.com/test, then as this folder doesn't contain index.html or index.htm then a directory listing is displayed. To change this behaviour and to stop the directory listing being displayed find the line Options Indexes FollowSymLinks MultiViews and simply put a minus sign in front of Indexes. The line should now read Options -Indexes FollowSymLinks MultiViews. Now instead of seeing a directory listing the viewer sees a "Forbidden" message.
Disabled directory listing
There are other ways of stopping the directory listing from being displayed. A HTML file with the name of the default home page will be displayed instead of the listing. Also, these lines can be added to a .htaccess file, either in the root or a specific folder.
DirectoryIndex index.html index.htm
Because of the odd name, some operating systems, such as Windows, won't allow a file name such as .htaccess. In this case find the line in the Apache httpd.conf file that says AccessFileName .htaccess and change it to something else, such as AccessFileName config.acl. In this case Apache now looks for the file config.acl instead of .htaccess.
If the name of .htaccess is changed remember that the line <Files ~ "^\.ht"> needs to be changed to <Files ~ "^\.ac">
Ad-Aware - free spyware cleaner
Analog - web site statistics analyzer
An Atlas of Cyberspace - article on visual treceroutes
Apache - free web server software
AVG - free anti-virus software
AWStats - web site statistics analyzer
brisray.com - my home hosted website
checkip - online IP address checker
DNS Stuff - DNS lookups and other tools
GoDaddy - domain name seller
How Stuff Works - article on web servers
Sam Spade - Internet tools
Webalizer - web site statistics analyzer
whatismyip - online IP address checker
Zone Alarm - free software firewall
This page created 28th December 2004, last modified 25th April 2008