Chapter 1 - Internet Information Server Architecture
Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
Microsoft Internet Information Server is a network file and application server included with the Microsoft Windows NT Server operating system.
This chapter explains design principles and the architecture behind Internet Information Server. Internet Information Server supports three information protocols: HTTP, FTP, and Gopher. This chapter explains how these protocols work with Internet Information Server and how to configure their operation.
On This Page
Internet Information Server Design Priorities
Architecture Overview
WWW Service
FTP Service
Gopher Service
Internet Information Server Design Priorities
The design goal for Internet Information Server was to build a set of integrated server services to support File Transfer Protocol (FTP), Gopher, and Hypertext Transport Protocol (HTTP) services.
Internet Information Server is designed for maximum performance, integration, and extensibility.
Performance. Internet Information Server maximizes speed while using the minimum amount of memory (RAM). Internet Information Server uses approximately 400K of RAM when running all three services (HTTP, FTP, Gopher).
Integration. Internet Information Server is integrated with Microsoft Windows NT Server. Internet Information Server uses the same directory database (user accounts) as Windows NT Server. Using the same directory database eliminates the need for additional user account administration. Internet Information Server administration also uses existing Windows NT Server tools such as Performance Monitor, Event Viewer, and Simple Network Management Protocol (SNMP) support to maintain similar administrative procedures.
Extensibility. Internet Information Server is extensible. Internet Information Server supports the Internet Server Application Programming Interface (ISAPI). By using ISAPI you can extend the functionality of the HTTP service: You create programs that can preprocess and postprocess data sent to and from Internet Information Server. ISAPI is also used in Internet Information Server to create connectors, such as the Internet Database Connector. Internet Information Server uses connectors to use the services of other servers, such as ODBC databases.
Architecture Overview
All of the standard Internet services (FTP, Gopher, and HTTP) reside in a process called Inetinfo. This process is about 400K in size. In addition to the Internet services, this process contains the shared thread pool, cache, logging, and SNMP services of Internet Information Server.
Internet Information Server Connectors
Extensions are built into Internet Information Server in the form of connectors. A connector is an ISAPI dynamic-link library (DLL) that acts as a communication pipe between Internet Information Server and a service. The following connectors are supported.
Microsoft BackOffice™ connectors
Microsoft Exchange Server/Web connector supports public folder integration with Internet Information Server.
Internet Database Connector (IDC) connector allows communication with any ODBC-compliant database engine.
Common Gateway Interface (CGI) was developed for UNIX-based systems to extend Web server software. Internet Information Server supports CGI applications for backward compatibility.
ISAPI filters preprocessing packets before they enter or leave the Internet Information Server process. These filters give added flexibility to the Internet Information Server architecture. Secure Sockets Layer (SSL) is one example of an ISAPI filter.
Internet Service Manager
Internet Service Manager enables administrators to manage many Internet Information Server sites from a single location anywhere on the Internet. Internet Service Manager communicates by using remote procedure calls (RPCs). Internet Information Server can be used locally or remotely because of its support for RPCs.
Logging
Internet Information Server logging enables you to track which users access your site and when they access your site. Tracking users helps to identify security and performance issues. Logging can be directed either to a log file that can be processed offline and offers faster performance, or to an ODBC Data Source Name (DSN) for dynamic evaluation.
WWW Service
The World Wide Web (WWW) service uses the Hypertext Transport Protocol. HTTP is implemented through an interface to Windows Sockets. Internet Information Server version 2.0 (included with Windows NT Server version 4.0) supports HTTP version 1.0.
The Hypertext Transport Protocol is an application-level protocol. HTTP is a distributed, collaborative, hypermedia information system that has been in use since 1990. HTTP technology has enabled what most commonly refer to as the World Wide Web.
HTTP grew out of a need for a universal protocol to simplify the way users access Internet information. HTTP is generic, stateless, and object oriented. It can be used for many tasks, such as name servers and distributed object management systems, through extension of its request methods (commands). Because HTTP types and negotiates data representation, systems based on it can be built independently of the data being transferred.
The current specification reflects common usage of the protocol referred to as HTTP/1.0, and is the basis for the information in this section.
Discussion and improvement of the HTTP standard is ongoing. You can find extensive information about HTTP at the Internet address https://www.w3.org/Protocols/.
HTTP Communication Process
Hypertext Transport Protocol is a client/server protocol. This means that the client and server interact to perform a specified task. For example, when a user clicks a link on a Hypertext Markup Language (HTML) page, it apparently causes that page to be replaced with the new page. What actually happens is more complex.
The client browser uses HTTP commands to communicate with the HTTP server.
A connection is established from the client to the server by means of TCP port 80 (the default).
The request message is sent to the server. The requests are typically for a file consisting of images, audio clips, animation clips, video clips, or another hypertext document.
The server sends a response message with the requested data to the client.
For example, when the user clicks a link on an HTML page, the data in the response message comprises the code used to build the page on the client computer.
The server (in most cases) closes the connection.
Table 1.1 defines some of the terms used to refer to the roles played by participants in, and objects of, the HTTP communication process.
Table 1.1 Terms Used in HTTP Communication
Term |
Meaning |
---|---|
connection |
A virtual circuit (in the transport layer) established between two application programs for the purpose of communication. |
message |
The basic unit of HTTP communication. It consists of a structured sequence of octets and is transmitted through the connection. |
request |
An HTTP request message. |
response |
An HTTP response message. |
resource |
A network data object or service that can be identified by a URL. |
entity |
The information transferred as the payload of a request or response. An entity consists of metainformation in the form of entity-header fields and content in the form of an entity-body. |
HTTP Requests
The Simple-Request message to the server is sent in the form of a request method, Uniform Resource Locator (URL), and protocol version. The following is an example of an HTTP request.
get https://www.w3.org/hypertext/WWW/TheProject.html HTTP/1.0
This request uses the elements described in Table 1.2.
Table 1.2 Elements of an HTTP Request
Element |
Purpose |
---|---|
get |
Specifies the request type. |
http: |
Specifies the request protocol. |
//www.w3.org/hypertext/WWW/TheProject.html |
States URL for the object requested. |
HTTP/1.0 |
Indicates that version 1.0 of HTTP will be used. |
In a Full Request message, the additional information is followed by a Multipurpose Internet Mail Extensions (MIME) message containing request modifiers, client information, and sometimes body content.
HTTP Server Response Messages
When an HTTP server receives a request, it responds with a status message that includes the message's protocol version and a success or error code, followed by a MIME message containing server information, entity metainformation, and sometimes body content.
Table 1.3 lists examples of server status messages and their meanings. For more information, see Chapter 8, "Troubleshooting an Internet Information Server Installation."
Table 1.3 Explanations for Server Status Messages
Message |
Type |
Explanation |
---|---|---|
1xx |
Informational |
This series of responses is not currently used. They are reserved for future use. |
2xx |
Success |
The action was successfully received, understood, and accepted. |
3xx: |
Redirection |
Further action must be taken in order to complete the request. |
4xx |
Client Error |
The request contains incorrect syntax or cannot be fulfilled. |
5xx |
Server Error |
The server failed to fulfill an apparently valid request. |
URLs
In all Internet protocols, including HTTP, a client must locate Internet resources by using a Uniform Resource Locator. The URL for an HTTP address can be broken into three parts.
How (scheme). Defines how the request is made. When the HTTP scheme is used, network resources are located by means of the Hypertext Transport Protocol.
Where. Defines the host.
What. Specifies the complete path to the object and the object's name that is being requested by the client.
For example, this is the syntax for a URL that uses the HTTP scheme:
http: // host[**:**port]abs_path
where
host
A legal Internet host domain name or IP address (in dotted-decimal form), as defined by Section 2.1 of RFC 1123.
:port
Port 80 is used if no port is specified. However, by using this optional parameter, you can specify any port.
abs_path
The full path and filename.
The type of scheme used depends upon the object being requested. The following schemes are currently supported by Internet Explorer.
File |
Mailto |
Telnet |
FTP |
News |
WAIS |
Gopher |
NNTP |
|
HTTP |
Prospero |
|
For more information about these and other schemes, see the Internet address https://www.w3.org/pub/WWW/Addressing/schemes.html.
HTTP Browser
On the client side, the browser issues a command when the user either clicks an object or types a URL in the location field.
Included with Microsoft Internet Information Server is a browser (Microsoft Internet Explorer) you can use to access Internet sites. After you connect to the Internet, you can use Internet Explorer to view information on the Internet. You can incorporate this information into your documents, or save it to a file on your computer.
To begin exploring the Internet, click an item in the Internet Explorer main window.
Monitoring HTTP Sessions
You can monitor HTTP sessions by using the netstat TCP/IP utility and the Performance Monitor.
The netstat utility shows static information at a given point in time. Netstat is best used to determine the status of connections. Table 1.4 provides examples of netstat syntax and the results of each.
Table 1.4 Netstat Command Examples
Example syntax |
Result |
---|---|
netstat |
Displays protocol (TCP or User Datagram Protocol) being used, local and foreign (remote) addresses by their friendly names, the port number used on the local computer, and the state of the connection. |
netstat -n |
Displays protocol (TCP or UDP) being used, local and foreign socket addresses, and the state of the connection. |
netstat -s -p tcp |
Displays active opens, passive opens, failed connection attempts, reset connections, current connections, segments received, segments sent, and segments retransmitted. |
For more information on the netstat utility, see the online Command Reference in Windows NT Help.
Performance Monitor shows events happening in real time. Performance Monitor is best used to check the status of users. Table 1.5 shows real-time statistics that Performance Monitor displays for HTTP as well as FTP and Gopher.
Table 1.5 Statistics Displayed by Performance Monitor
Counter |
HTTP service |
Objects for FTP service |
Gopher service |
---|---|---|---|
Aborted Connections |
NA |
NA |
|
Bytes Received/sec |
|||
Bytes Sent/sec |
|||
Bytes Total/sec |
|||
CGI Requests |
NA |
NA |
|
Connection Attempts |
|||
Connection/sec |
NA |
NA |
|
Connections in Error |
NA |
NA |
|
Current Anonymous Users |
|||
Current CGI Requests |
NA |
NA |
|
Current Connections |
|||
Current ISAPI Extension Requests |
NA |
NA |
|
Current NonAnonymous Users |
|||
Directory Listings Sent |
NA |
NA |
|
Files Received |
NA |
||
Files Sent |
|||
Files Total |
NA |
||
Get Requests |
NA |
NA |
|
Gopher Plus Requests |
NA |
NA |
|
Head Requests |
NA |
NA |
|
ISAPI Extension Requests |
NA |
NA |
|
Logon Attempts |
|||
Maximum Anonymous Users |
|||
Maximum CGI Requests |
NA |
NA |
|
Maximum Connections |
|||
Maximum ISAPI Extension Requests |
NA |
NA |
|
Maximum NonAnonymous Users |
|||
Not Found Errors |
NA |
NA |
|
Other Request Methods |
NA |
NA |
|
Post Requests |
NA |
NA |
|
Searches Sent |
NA |
NA |
|
Total Anonymous Users |
|||
Total NonAnonymous Users |
Modifying HTTP Ports
For most installations of Internet Information Server, you keep the HTTP server port number set at the default 80 to allow HTTP clients access to your site. However, it is simple to modify the well-known (standard) port numbers for HTTP.
Warning: Using Registry Editor incorrectly can cause serious, systemwide problems that may require you to reinstall Windows NT to correct them. Microsoft cannot guarantee that any problems resulting from the use of Registry Editor can be solved. Use this tool at your own risk.
When possible, change configuration through Control Panel settings. However, as in the procedure that follows, there are settings that can be changed only by using Registry Editor.
To change the port used by the HTTP service
Start the Registry Editor, Regedt32.exe.
Click the HKEY_LOCAL_MACHINE window and locate the following key:
\System
\CurrentControlSet
\Control
\ServiceProvider
\ServiceTypes
\W3SVC
Click W3SVC, then double-click the TcpPort entry on the right side of the screen.
The DWORD Editor dialog box appears.
Click Decimal, then enter the port number in the Data box.
Click OK and close Registry Editor.
Stop and restart the WWW service.
Your HTTP server now monitors the specified port for all HTTP client requests.
Note: This situation affects the default port on the HTTP server only.
Troubleshooting HTTP with Network Monitor
By using the Microsoft network monitor utility, you can reveal the contents of a specific frame. By examining the HTTP messages, you can determine whether the correct messages were sent.
Network monitor captures the full frame before it reaches the network components and the browser client. Thus, you can isolate the symptoms of events that occur before the frames reach the host computer.
For more information about network monitor, see the Windows NT Server Concepts and Planning Guide.
FTP Service
FTP is the protocol used to transfer files between two computers on a network that uses Transmission Control Protocol/Internet Protocol (TCP/IP). FTP was one of the earliest protocols used on TCP/IP–based networks and the Internet. Although the World Wide Web has replaced most functions of FTP, FTP is still the only way to copy files from a client computer to a server over the Internet.
To use FTP to transfer files between two computers, both computers must support their respective FTP roles. In other words, one needs to be an FTP client and the other an FTP server. The FTP client can issue commands to the server, such as commands to download files, upload files, create directories on the server, and change directories on the server.
FTP uses TCP as its transport protocol for all communication and data exchanges between the client and the server. However, Internet Information Server communicates with Windows Sockets, then Windows Sockets communicates with TCP.
TCP is a connection-oriented protocol. "Connection-oriented" means that the communications session is established between the client and the server before data is transmitted. The connection remains active during the entire FTP session. Connection-oriented sessions are known for their reliability and error-recovery features. This means that FTP file transfers are very reliable.
TCP has the features described in Table 1.6.
Table 1.6 TCP Connection Features
Feature |
Description |
---|---|
Flow control |
Both client and server computers participate in the transmission of the packets, which virtually eliminates potential problems with packet overflows and lost packets. |
Acknowledgment |
The computer sending data packets expects an acknowledgment message (ACK) from the destination computer. This acknowledgment verifies that the packet was successfully received at the destination. |
Retransmission |
If the sending computer does not receive an ACK in a specified period of time, it assumes the packet became lost or corrupted and retransmits the packet. |
Sequencing |
All packets are numbered and sent in order so that the receiving computer reorganizes the data correctly. |
Checksum |
All packets contain a checksum to ensure integrity of the data. If the data is corrupted somewhere during the transmission, the checksum is used to indicate that the data is not the same data that was sent. |
Note: Do not confuse FTP with Trivial File Transfer Protocol (TFTP). TFTP is a fast, simple file transfer protocol that uses the User Datagram Protocol (UDP) transport. UDP, unlike TCP, is a connectionless protocol and cannot retransmit packets. This means that UDP is not as reliable as TCP.
TCP Ports and Sockets
Three identification numbers are commonly used when referring to TCP sockets.
The IP address identifies the computer on the network.
The TCP port number identifies a process or application inside the computer.
The socket identifies both the computer and the process simultaneously. A socket is used as an endpoint.
Note: TCP ports are known by a variety of names. These names include TCP port number, TCP port address, TCP port, port number, port address, port, and data port.
Any application or process that uses TCP for its transport is assigned a unique identification number called a TCP port. TCP ports specify the path of communication between client and server applications. These ports are numbered beginning with zero. Port numbers for client applications are dynamically assigned by the operating system when there is a request for service. Port numbers for server applications are preassigned by the Internet Assigned Numbers Authority (IANA) and do not change.
IANA is the group that assigns processes to port numbers 0 through 1023. This range of numbers is reserved for services. A client application or process that uses TCP as a transport is assigned a port number greater than 1023 by the operating system.
A server application or process that uses TCP as a transport has at least one preassigned port number. For example, the preassigned port numbers for FTP server services are 20 (data) and 21 (control). These port assignments are called the "Well Known Port Numbers" and are documented in RFC 1700 (see https://ds.internic.net/std/std2.txt). Table 1.7 is a short list of some Well Known Port Numbers. (For more port numbers, see Appendix B, "Port Reference for Microsoft TCP/IP," in the Windows NT Server Networking Guide.)
Table 1.7 Some Well Known Port Numbers
Port number |
Process name |
Description |
---|---|---|
1 |
TCPMUX |
TCP Port Service Multiplexer |
5 |
RJE |
Remote Job Entry |
20 |
FTP-DATA |
File Transfer Protocol - Data |
21 |
FTP |
File Transfer Protocol - Control |
23 |
TELNET |
Telnet |
25 |
SMTP |
Simple Mail Transfer Protocol |
42 |
NAMESERV |
Host Name Server |
49 |
LOGIN |
Login Host Protocol |
53 |
DOMAIN |
Domain Name System |
69 |
TFTP |
Trivial File Transfer Protocol |
70 |
GOPHER |
Gopher |
80 |
HTTP |
HTTP |
103 |
X400 |
X.400 |
110 |
POP3 |
Post Office Protocol version 3 |
137 |
NETBIOS-NS |
NetBIOS Name Service |
139 |
NETBIOS-DG |
NetBIOS Datagram Service |
150 |
NETBIOS-SS |
NetBIOS Session Service |
156 |
SQLSRV |
SQL Server |
179 |
BGP |
Border Gateway Protocol |
Port numbers are used in conjunction with an IP address to form a socket. Sockets always have a number (or address) associated with them and designate an endpoint. Examples of socket numbers are shown in Table 1.8.
Table 1.8 Socket Examples
IP address |
Port number |
Socket number |
---|---|---|
10.155.22.99 |
1028 |
#10.155.22.99(1028) |
172.16.16.10 |
21 |
#172.16.16.10(21) |
FTP and Ports
When FTP is running on a server, it constantly monitors port 21, the FTP control port, for a request for service from the FTP server. To connect to the FTP server, the FTP client computer sends a request to TCP port number 21 on the server computer.
For example, assume that computer A is the FTP client, computer B is the FTP server, and that they have the following IP addresses.
Computer A (FTP client) |
Computer B (FTP server) |
---|---|
IP address: 172.16.16.10 |
IP address: 10.155.22.99 |
The communication between the FTP client and FTP server follows this process.
At the command prompt on computer A, the user types the following information:
FTP 10.155.22.99
The operating system assigns a TCP port number greater than 1023 (for example, 1028) to the FTP client application.
TCP creates a packet that includes the following information:
Source IP Address
172.16.16.10
Source TCP Port Number
1028
Destination IP Address
10.155.22.99
Destination TCP Port Number
21
The packet is sent across the network to IP address 10.155.22.99.
Computer B receives the packet and TCP forwards the packet to port 21 (FTP control).
The FTP service on computer B sends an acknowledgment (ACK) back to computer A by using both the IP address (172.16.16.10) and the port number (1028).
The packet cannot be accidentally delivered to a wrong port address on the server because the packet contains the correct port number before it leaves the client computer.
FTP Control and Data Connections
FTP uses two TCP connections to communicate between the client and the server. These connections are called the control connection and the data transfer connection. Connections can be ready in one of two states: passive open (waiting for a transmission) or active open (initiating the transmission).
The control connection starts the communication between the FTP client and the FTP server. The control connection is maintained for the duration of the FTP session. The control connection uses port 21 on the server and an open port that is greater than 1023 on the client.
The control connection is managed by a set of programs called the server Protocol Interpreter (server-PI) and the user Protocol Interpreter (user-PI).
The server-PI maintains a passive open state at port 21 waiting for the arrival of an FTP connection request from a client. When a request arrives, the server-PI establishes a control communication connection, receives standard FTP commands from the user-PI, sends replies, and governs the server Data Transfer Process (server-DTP).
The user-PI initiates the control connection (active open) from its TCP port to the server-PI, initiates FTP commands, and governs the user Data Transfer Process (user-DTP).
The data transfer connection exists only when there is data to be transferred between the client and the server. The data transfer connection closes each time a data transfer is completed. The control connection remains open.
Because of this, a new client data port must be opened each time a new data transfer begins. The server data port is always 20.
The data transfer connection is managed by a set of programs called the server Data Transfer Process (server-DTP) and the user Data Transfer Process (user-DTP). The server-DTP establishes the data connection (active open) with the user-DTP, sets up the parameters for transfer and storage, and transfers data on command from the server-PI. The user-DTP waits at its FTP port (passive open) for a connection from the server-DTP.
Using FTP
This section describes a typical FTP session.
To start an FTP session and connect to an FTP server
Start a command prompt and type the following information:
ftp IPaddress
where IPaddress is a valid IP address. Then press ENTER.
Note: To test TCP/IP on your computer, you can always use the IP address 127.0.0.1. This address is known as the loopback address for your computer. The loopback address uses loopback drivers to reroute outgoing packets back to the source computer. By going through the loopback drivers, the packets can bypass the network adapter card completely and be returned directly to the computer that is performing the test.
When you are prompted to log on with a user name, log on as Anonymous.
When prompted for a password, press enter. An ftp> prompt appears.
At the ftp> prompt, you can enter FTP commands. Some of the common FTP commands are described in Table 1.9. (For a complete list of FTP client commands, see Appendix A, "TCP/IP Utilities Reference," of the Windows NT Server Resource Kit Networking Guide.)
Table 1.9 Common FTP Commands
Command |
Purpose |
---|---|
bye |
Ends the FTP session with the remote computer and exits FTP. |
delete |
Deletes files on the remote computer; requires appropriate permissions. |
dir |
Lists the remote directory's files and subdirectories. |
get |
Copies a remote file to your computer. |
help |
Displays descriptions for FTP commands. |
open |
Connects to the specified FTP server. |
put |
Copies a file from your computer to the remote computer; requires appropriate permissions. |
mkdir |
Creates a directory on the remote computer, requires appropriate permissions. |
! |
Returns you to the Microsoft MS-DOS® shell. FTP is still active; type exit to return to the >ftp prompt. |
! command |
Executes an MS-DOS command on the local computer from the FTP session. |
For example, to copy a file from the server computer, type the following command at the >ftp prompt.
get filename
This command copies the specified file from the server to the client.
After you enter a command, you receive a series of return codes from the FTP server on a number of lines. The return codes let you know the status of each command. Table 1.10 shows some of the common return codes listed in RFC 640. Information in italics is supplied by the server. (A complete list of return codes in RFC 640 can be found at **https://andrew2.andrew.cmu.edu/rfc/rfc640.html**.)
Table 1.10 FTP Server Return Codes
Code |
Meaning |
---|---|
119 |
Terminal not available, will try mailbox. |
120 |
Service ready in nnn minutes. |
125 |
Data connection already open; transfer starting. |
225 |
Data connection open; no transfer in progress. |
150 |
File status okay; about to open data connection. |
151 |
User not local; will forward to user@host. |
152 |
User unknown; mail will be forwarded by the operator. |
250 |
Requested file action okay, completed. |
200 |
Command okay. |
211 |
System status, or system help reply. |
212 |
Directory status. |
213 |
File status. |
214 |
Help message. |
220 |
Service ready for new user. |
221 |
Service closing Telnet connection. |
226 |
Closing data connection; requested file action successful (for example, file transfer or file abort). |
227 |
Entering passive mode. |
230 |
User logged in; proceed. |
331 |
User name okay; need password. |
332 |
Need account for login. |
350 |
Requested file action pending further information. |
450 |
Requested file action not taken: file unavailable (for example, file busy). |
421 |
Service not available, closing Telnet connection. This can be a reply to any command if the service must shut down. |
425 |
Cannot open data connection. |
426 |
Connection closed; transfer aborted. |
530 |
Not logged in. |
532 |
Need account for storing files. |
550 |
Requested action not taken. |
Modifying FTP Ports
It is easy to modify the Well Known Port Number for FTP. However, to allow FTP clients access to your site, keep the FTP server port number set at 21 for most installations of Internet Information Server.
If you want to limit access to your FTP server, you can change the control connection (port 21) to a TCP port number greater than 1023 to "hide" your site.
You can change FTP server TCP port numbers by modifying the Systemroot\System32\Drivers\Etc\Services file or by changing their values in the Registry. The setting in the Services file takes precedence over the Registry setting in all cases. That is, by changing the Services file, you affect both the FTP client and the FTP server. By changing the Registry, you affect only the FTP server.
To change the TCP port in the Services file
At a command prompt, change directories to Systemroot\System32\Drivers\Etc.
Use a text editor to search the Services file for the following two entries:
ftp-data 20/tcp ftp 21/tcp
Modify port 21 to a number greater than 1023. See the following example.
ftp-data 20/tcp # The # sign designates a comment. ftp 1234/tcp # FTP port changed to 1234, was 21.
Save and close the file. To implement the change, stop, then restart the FTP service.
Note: This affects the default TCP ports on both the FTP client and the FTP server.
Your FTP server now waits at port 1234 for all FTP client requests and your FTP client connects only to an FTP server at port 1234.
To verify the new FTP port settings
At a command prompt, type the command ftp.
The ftp> prompt appears.
Type the command open 127.0.0.1 21 and then press ENTER.
The IP address 127.0.0.1 is the loopback address for your computer. You are specifying 21 as the destination port address. The following message appears:
-> ftp: connect:Connection refused
Type the command open 127.0.0.1 and then press ENTER.
The port now reverts to the default number specified in the Services file: 1234. You are prompted with the following logon message:
User <127.0.0.1:<none>>:
This verifies that both the FTP client and FTP server are using port 1234.
To change the Registry entry for FTP
Start the Registry Editor, Regedt32.exe.
Click the HKEY_LOCAL_MACHINE window and locate the following key:
\System
\CurrentControlSet
\Control
\ServiceProvider
\ServiceTypes
\MSFTPSVC
Click MSFTPSVC and then double-click the TcpPort value.
The DWORD Editor dialog box appears.
Click Decimal and enter 5678 in the Data box.
Click OK and close the Registry Editor.
At the command prompt, type the following information:
cd %systemroot%\system32\drivers\etc
ren services services.ok
This prevents the FTP server from using the port address in the Services file after it has been restarted.
To implement the change, stop and restart the FTP service.
Note: This situation affects the default port only on the FTP server.
If you have completed the preceding steps, your FTP server now monitors port 5678 for all FTP client requests and your FTP client connects to an FTP server at port 1234 only.
To verify the new FTP port settings
At a command prompt, type ftp, then press ENTER.
The ftp> prompt appears.
Type the following commands:
open 127.0.0.1
open 127.0.0.1 21
open 127.0.0.1 1234
The following message appears:
-> ftp: connect: Connection refused
Type the command open 127.0.0.1 5678 and then press ENTER.
The port defaults to the number specified in the Registry: 5678. You are prompted with the following logon message:
User <127.0.0.1:<none>>:
This procedure verifies that both the FTP client and FTP server are using port 5678.
Customizing FTP Server
When a client connects to an FTP server, the user often lacks site information. Without site information, the user does not know if this is the correct FTP server, or what the files at the site contain. By adding a welcome message, exit message, and directory contents message, you can supply such information to visitors to your FTP site.
You can use two methods to add information about your FTP site. Both methods can enhance its usability.
You can use the Internet Service Manager to add default Welcome or Exit messages to the FTP server. Double-click the FTP service, then click Messages to add or change FTP service messages.
You can also add an FTP directory description file. For examples of this process, see Chapter 5, "Enterprise Scenarios."
To enable the FTP directory description file
Click the Start button, then point to Run. In the Open box, type regedt32.exe and then click OK.
The Registry Editor appears.
Click the HKEY_LOCAL_MACHINE window and locate the following key:
\System
\CurrentControlSet
\Services
\MSFTPSVC
\Parameters
On the Edit menu, click Add Value.
The Add Value dialog box appears.
In the Value Name text box, type Annotate Directories.
In the Data Type box, select REG_DWORD and then click OK.
The DWORD Editor dialog box appears.
In the Data text box type 1 and click OK.
The Registry Editor adds the new value to the Parameters key.
Close the Registry Editor.
To implement these changes, stop and restart the FTP service.
To add an FTP directory description file
Using a text editor, create the file ~ftpsvc~.ckm
In the file, type the following lines:
Directory for the Terra Flora FTP Server
------------------------------------------------------
Save the file in the root directory of the FTP server and close the editor.
At the command prompt in the root directory of the FTP server, type the following information and then press Enter.
attrib +h ~ftpsvc~.ckm
This step hides the file.
To verify the customized FTP server
At the command prompt, type the following information.
ftp 127.0.0.1
This step uses the IP loopback address to start an FTP session on your local computer.
The FTP client prompts you to log on.
Log on as Anonymous.
The introductory message and the annotated directory listing appear.
At the ftp> command prompt, type the following information.
BYE
The exit message appears.
Monitoring FTP Sessions
You can monitor FTP, just like HTTP sessions, by using the netstat TCP/IP utility and the Performance Monitor.
The netstat utility shows static information at a given point in time. Netstat is best used to determine the status of connections. You can run netstat from a command prompt or inside an FTP session by using the ! command. For examples of netstat command syntax, see Table 1.4, earlier in this chapter.
Performance Monitor shows events happening in real time. Performance Monitor is best used to check the status of users, file transfers, and byte transfers. For a listing of real-time statistics displayed by Performance Monitor for the FTP service, see Table 1.5, earlier in this chapter.
Gopher Service
Gopher is client/server–oriented software that uses a simple protocol to search for and retrieve files from Gopher servers on the Internet. The Gopher service was developed by the University of Minnesota in 1991 to overcome some limitations of the FTP service. Gopher has an easier-to-use interface and also allows administrators to create links to other computers or services, to annotate files and directories, and to create custom menus.
Gopher is not just an Internet tool. Many organizations use Gopher on their local area network to help people within the organization find the information they need quickly and efficiently.
The user of the Gopher client can download files, switch directories, or link to other Gopher servers by using a series of menus. The Gopher server generates menus, links, and annotations by using a series of tag files.
Gopher presents information in a hierarchical structure. Depending on which client software is used and what selections are available on the Gopher server, the user can choose how to view information—for example, as a text file, as a Microsoft Word for Windows document, or in a particular language.
A Gopher client presents the individual user with directory lists. If the user chooses a subdirectory from the displayed list, the listing for that subdirectory is displayed. If the user chooses a file, it is downloaded. Each directory and file can be on a different Gopher server.
You can also configure a Gopher server to search local Wide Area Information Server (WAIS) databases.
Gopher uses TCP as its transport protocol for all communication and data exchanges between the client and the server. Internet Information Server communicates with Windows Sockets, then Windows Sockets communicates with TCP.
TCP is a connection-oriented protocol (that is, the communications session is established between the client and the server before data is transmitted). However, unlike FTP, Gopher does not maintain the connection between requests; this is also known as a stateless connection.
For a description of TCP connection features, see Table 1.6, earlier in this chapter.
Gopher Ports and Connections
The Gopher protocol consists of a client and a server communicating through a TCP connection. The server waits at port 70 for a client request. The client, after initiating the connection, sends a selector to the server. A selector is a line of text that can consist of a series of characters or a null string. The server responds with a block of text terminated with a period on a line by itself. After receiving an acknowledgment from the client, the server closes the connection.
Similar to FTP, the Gopher client always communicates on a port whose number is greater than 1023. This port number changes each time a new transaction begins between the client and the server.
Designing a Gopher Site
Because most computer users are familiar with a hierarchical file system, you should design a Gopher site to resemble a directory tree structure. That is, the root directory contains names of subdirectories, links to other sites, and an explanation (Readme) file. The actual content is stored in subdirectories on the server.
When using Microsoft Internet Information Server, the default root directory is Systemroot\System32\Inetsrv\Gophroot.
Gopher Types
Gopher servers contain Gopher objects and each object has an associated Gopher type. The Gopher type signals the client what to do when that object is selected from the menu. Table 1.11 explains the Gopher types.
Table 1.11 Gopher Types and Client Behavior
Type |
Description |
Client action |
---|---|---|
0 |
Text file, typically an ASCII document |
Usually displayed on the screen. |
1 |
Directory listing |
Expect another Gopher menu. |
2 |
CSO phone book server |
Expect to be queried for a person's name. |
3 |
Error |
|
4 |
Macintosh® BinHex file |
Expect the file to be transferred. |
5 |
MS-DOS .zip or other archive file |
Expect the file to be transferred. |
6 |
UNIX UUENCODE file |
Expect the file to be transferred. |
7 |
Search item |
Expect to be queried for a relevant search string. |
8 |
Telnet session |
Expect the Telnet program installed on your computer to start. |
9 |
Binary file |
Expect the file to be transferred. |
T |
3270 session |
Expect the tn3270 program installed on your computer to start. |
S |
Sound file |
Expect the file to be transferred and then played by a sound application on your computer. |
g |
Graphics file |
Expect the file to be transferred and then displayed by a graphics application on your computer. |
M |
MIME file |
Expect the file to be transferred and then displayed by an application on your computer. |
h |
HTML file |
Expect the file to be transferred and then displayed by an application on your computer. |
I |
Image file |
Expect the file to be transferred and then displayed by an application on your computer. |
i |
In-line text type |
Used to suppress item numbers in text-only clients. |
Gopher Tag Files
You use Gopher tag files to set up links to other Gopher servers and resources, and to give descriptive names to files and directories on Gopher servers. Gopher tag files are configured by using the gdsset utility. This utility creates hidden tag files (*.gtg) in the \Inetsrv\Gophroot directory. The examples in the following three sections demonstrate how to use tag files to customize the Gopher site.
Changing Filename Display
In this example, you have two Readme files and a subdirectory in the \Inetsrv\Gophroot directory on your server. When a Gopher client accesses your computer, the following menu displays.
1 README1.TXT 2 README2.TXT 3 SUBDIR
Readme1.txt describes the mission of this Gopher site. Readme2.txt describes how to contact the site administrator. And Subdir is a subdirectory that contains the content of this Gopher site.
To change these filenames to a descriptive name format, type the following gdsset commands at a command prompt.
gdsset -c -g0 -f "The Mission of this Gopher Site" README1.TXT
gdsset -c -g0 -f "Contact the Site Administrator" README2.TXT
gdsset -c -g0 -f "Contents of this Gopher Site" SUBDIR
These commands create three hidden tag files in the \Inetsrv\Gophroot directory: Readme1.txt.gtg, Readme2.txt.gtg, and Subdir.gtg. The tag files set up an association between the descriptive name and the filename. The next time a Gopher client accesses your computer, the following menu displays.
1 The Mission of this Gopher Site 2 Contact the Site Administrator 3 Contents of this Gopher Site
When a user clicks The Mission of this Gopher Site, the Gopher client displays the contents of Readme1.txt. Clicking Contact the Site Administrator displays the contents of Readme2.txt, and clicking Contents of this Gopher Site displays the contents of the directory Subdir. The original filenames and directory names are hidden from the Gopher client.
Creating Links to Directories
In this example, you have five subdirectories under the root Gopher directory (\Inetsrv\Gophroot) on your server.
\Inetsrv\Gophroot\Subdir1\Subdir2\Subdir3\Subdir4\Subdir5
When a Gopher client accesses your machine, the user sees the following menu display.
SUBDIR1
If a user wants to access files in Subdir5, the user must access four additional subdirectories to access Subdir5.
To establish a link to Subdir5 from the root directory and provide a descriptive name format for Subdir5, use the following gdsset commands at a command prompt.
gdsset -c -l -g1 -f "Microsoft Windows Printer Drivers Location" -s \Subdir1\Subdir2\Subdir3\Subdir4\Subdir5 link.subdir5
This command creates a hidden tag file, called Link.Subdir5.gtg, in the \Inetsrv\Gophroot directory.
Note: All link files must start with the prefix "link"; however, do not use the prefix "link" for any other tag files.
The next time a Gopher client accesses your computer, the following menu is displayed.
SUBDIR1 Microsoft Windows Printer Drivers Location
Clicking Microsoft Windows Printer Drivers Location brings the user directly to Subdir5.
Creating Links to Other Gopher Sites
To link to another Gopher site, add the host name or IP address to the gdsset command. For example, to link to the Greater London, England Gopher Server, you issue the following command from an >ftp command prompt.
gdsset -c -l -g1 -f "Link to the Greater London, England Gopher Server"
-s -hgopher.london.com link.london
The links, files, friendly names, and directories that appear on the server are in alphabetical order.
Using Gopher
Internet Explorer works as a Gopher client. To connect to a Gopher server, start Internet Explorer and enter a Gopher address in the address box. For example, you can enter
gopher://gopher.college.edu/
If the name or IP address of the Gopher server is known, but the server is not using the standard TCP port address (70), you can alter the address on the client to match the server. For example, if the Gopher server is monitoring port 1938, use the following command.
gopher://gopher.college.edu:1938
Modifying Gopher Ports
For most installations of Internet Information Server, you keep the Gopher server port number set to the default 70 to allow other Gopher clients access to your site. However, if you want to limit access to your Gopher server, you can change the control connection (port 70) to a port number greater than 1023 to "hide" your site.
You can change Gopher server port numbers by modifying the Systemroot\System32\Drivers\Etc\Services file or by modifying their values in the Registry. The setting in the Services file takes precedence over the Registry setting in all cases. By changing the Services file or the Registry, you affect only the Gopher server.
Note: By changing the port number, you can break some or all of your tags and links. You must rebuild these by using the -p option of the gdsset command to change the port number. For example, if you change the port number to 2345, you rebuild the new tag by typing the following line:
gdsset -c -g0 -f "The Mission of this Gopher Site" Readme1.Txt -p2345
To change the Gopher port in the Services file
At a command prompt, change directories to Systemroot\System32\Drivers\Etc.
Use a text editor to search the Services file for the following entry.
gopher 70/tcp
Modify port 70 to a number greater than 1023 and add a comment (#) to show the default. For example, if you change to port 2345, add the following line.
gopher 2345/tcp # gopher 70/tcp
Save and close the file.
To implement the change, stop then restart the Gopher service.
Note: This affects the default ports on the Gopher server.
Your Gopher server now waits at port 2345 for all Gopher client requests.
To verify the new Gopher port settings
Start Internet Explorer. In the address box, type gopher://127.0.0.1 and then press ENTER.
The following message appears.
The attempt to load 'gopher:127.0.0.1' failed.
Click OK to dismiss the message.
In the address box, type gopher://127.0.0.1:2345 and then press ENTER.
The Gopher menu appears on your screen.
To change the Registry entry for Gopher
Start the Registry Editor, Regedt32.exe.
Click the HKEY_LOCAL_MACHINE window and locate the following key.
\System
\CurrentControlSet
\Control
\ServiceProvider
\ServiceTypes
\GOPHERSVC
Click GOPHERSVC and then double-click the TcpPort value.
The DWORD Editor dialog box appears.
Click Decimal and enter 6789 in the Data box.
Click OK and close the Registry Editor.
At the command prompt, type the following information:
cd %systemroot%\system32\drivers\etc
ren services services.ok
This step prevents the Gopher server from using the port address in the Services file after it has been restarted.
To implement the change, stop and restart the Gopher server.
Note: This affects the default port only on the Gopher server.
Your Gopher server now monitors port 6789 for all Gopher client requests and your Gopher client connects to a Gopher server at port 6789 only.
To verify the new Gopher port settings
Start Internet Explorer. In the address box, type gopher://127.0.0.1 and then press ENTER.
The following message appears.
The attempt to load 'gopher:127.0.0.1' failed.
Click OK to dismiss the message.
In the address box, type gopher://127.0.0.1:6789 and then press ENTER.
The Gopher menu appears.
Monitoring Gopher Sessions
You can monitor Gopher sessions by using the Performance Monitor and, to a lesser extent, netstat.
The netstat utility can be difficult to use with Gopher because Gopher sessions are very short and you cannot always activate netstat in time to receive any meaningful data. Netstat shows static information at a given point in time. Netstat is best used to determine the status of connections.
You can run netstat from a command prompt. For an explanation of netstat command syntax, see Table 1.4, earlier in this chapter.
Performance Monitor shows events happening in real time. Performance Monitor is best used to check the status of users, file transfers, and byte transfers. For a listing of real-time statistics displayed by Performance Monitor for Gopher, see Table 1.5, earlier in this chapter.