How to Perform a Server-to-Server FTP Transfer Using IIS

ID: Q247132

This article discusses a Beta release of a Microsoft product. The information in this article is provided as-is and is subject to change without notice.

No formal product support is available from Microsoft for this Beta product. For information about obtaining support for a Beta release, please see the documentation included with the Beta product files, or check the Web location from which you downloaded the release.

The information in this article applies to:

Microsoft Internet Information Server version 4.0
Microsoft Internet Information Services version 5.0

IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SUMMARY

You can configure IIS to allow server-to-server FTP transfers by changing the EnablePortAttack value in the system registry.

By default, the EnablePortAttack registry key is disabled to prevent malicious attacks against the FTP service. Although details for configuring server-to-server transfers are listed below, Microsoft does not recommend disabling the EnablePortAttack registry key on IIS-based FTP servers connected to the Internet.

MORE INFORMATION

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

Requirements

Two computers running the IIS FTP Service.

Note: The server that issues the literal port command (Server1 in the example below) must have the following value set in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSFTPSVC\Parameters\EnablePortAttack = 1

Command-line FTP included with Windows 95/98 and Windows NT.

Note that if you are running IIS version 4.0 on a computer with Windows NT 4.0 Service Pack 6a or earlier installed, you must apply the fix described in the following Knowledge Base article:
Q246173 The FTP Server will not allow a FTP Server to Server connection
This fix allows the EnablePortAttack registry key to function properly. The EnablePortAttack registry key works correctly in IIS version 5.0.

Example

In normal client/server FTP transfers, the user is only responsible for entering "friendly" commands to the server; the client responds automatically. When a server-to-server FTP transfers is performed, another server is the client. Therefore, the user is responsible for sending all FTP commands to both servers (in RFC959 format, preceded by the "literal" keyword).

The following example lists the steps required to transfer a binary file (called myFile.xls) from Server1 (IP Address: 192.168.0.10) to Server2 (IP Address: 192.168.1.20) using the command-line FTP client on Workstation1. You must have Write permissions enabled on Server2 for this example to work.

Connect to Server1 using a command-line FTP client. (This connection will be referred to as Client1).

Connect to Server2 using a command-line FTP client. (This connection will be referred to as Client2).

Issue the following command in Client2:
literal pasv
The response should be as follows:
227 Entering Passive Mode (192,168,1,20,15,61)
Note that 15,61 represents the low and high order bytes of the port number (port 3901 in this case), which is randomly assigned with each FTP connection. As a result, the last two numbers of this string will be different.

Issue the following command in Client1:
literal port 192,168,1,20,15,61
The response should be as follows:
200 Port Command Successful
Use the IP and port string returned in step 3.

Issue the following command in both Client1 and Client2:
literal type i

The response should be as follows:
200 Type set to I

Issue the following command in Client1:

literal retr myFile.xls
The response should be as follows:
125 Data Connection already open; Transfer Starting

Issue the following command in Client2:
literal stor myFile.xls
The response should be as follows:
Opening BINARY mode data connection for myFile.xls

Continue issuing the following command on Client2 until a 211 response indicating "No data connection: is listed:
literal stat
This 211 response message will be several lines long and indicates that the transfer is no longer in progress.

To transfer files from Server2 to Server1, issue the literal retr command from Client1 and the literal stor command from Client2.

Resources

For additional information on the FTP Bounce attack, click the article number below to view the article in the Microsoft Knowledge Base:
Q185378 IIS 4.0: FTP Bounce Attack and CERT Advisory CA-97.27

For additional information on why the EnablePortAttack registry key does not functioning properly on computers running SP6a and earlier, click the article number below to view the article in the Microsoft Knowledge Base:
Q246173 The FTP Server will not allow a FTP Server to Server connection

Information on PORT, PASV, STOR, RETR, STAT, and other literal FTP commands can be found in RFC959:

RFC 959 - FILE TRANSFER PROTOCOL (FTP)

Information on securing IIS can be found in the Microsoft Internet Information Server 4.0 Security Checklist.

Additional query words:

Keywords :
Version : winnt:4.0,5.0
Platform : winnt
Issue type : kbhowto