I would like to generate a report using /var/logs/xferlog showing the traffic for a particular user, for a particular month.
First you configure your log file setup, then you can use awstats normally with FTP files just as you would monitor your regular http traffic.
http://awstats.sourceforge.net/docs/awstats_faq.html#FTP
Hope it helps.
Related
My requirement is like this.
We have ftp servers on different locations like USA,India,China. So the users from respective countries download some softwares from those ftp servers. This is manual process, no problem
In automation process, we want to pick the nearest ftp server for the machine respective to location.
My idea is that based on ping response time, i can pick the nearest server.
is there any better solutions or can this idea achievable or not ?
Ping response time is good parameter in a stable connection. Maybe you can add the ftp server IP address as a parameter, because you can look up IP address and find where it's location. So first try to determine the ftp server based on it's IP address and then get ping response time. If the ping response is not good, move to another server to ensure the quality of the connection.
I've literally searched the internet for the last 5 hours and I have tried every suggestion out there and I'm starting to wonder if what I want to do is simply not possible....
Most webservers only allow X simultaneous connections for uploading/downloading. I simply want to upload my many files faster, by connecting/uploading through various proxies. However, no program I can find has anything for automatic proxy configuration, and only for a specific proxy IP. I have an account with a proxy service that gives you a different IP address for every request/connection made through it. I can connect to this fine from any FTP program but it appears that the servers are confused when they see different IP's connecting, and there's no way to manually whitelist/authenticate them on the server side, so it simply closes all connections. I even have a list of IP addresses with port/user/pass that I am willing to use, but I can't figure out how to do anything other than use a specific proxy to upload/download from servers.... Is this even possible????
ANY HELP/INPUT IS GREATLY APPRECIATED!!
I'm thinking about writing an anti-keylogger/anti RAT application. Basically, what I want it to do is this:
Monitor outgoing ftp traffic (maybe monitor all outgoing traffic and have an option to filter by ftp)
Analyze headers to find potential keyloggers/RATs
Sniff out the FTP address for any such connections
Block (or give user the option to block) connections to these addresses
I think I can handle steps 1-3, and I know I could block all FTP traffic, but how could I go about blocking specific addresses?
On a side note, can anyone suggest some libraries that might make steps 1-3 easier? Or libaries that'll do step 4, if they exist. I don't mind writing code to target multiple OS.
Snort allows you to monitor incoming/outgoing traffic and works based on a set of rules specified in a file. Once you've detected traffic going out that has a certain IP/port/body using snort, use SnortSAM in conjunction with a firewall to block traffic to that IP/port.
When trying to receive a (large, approx. 100MB) file using an FTP adapter in BizTalk 2006, we run into the following problem, which causes the file to be processed over and over again.
Retrieving the file succeeds; it is placed into the MessageBox and processed properly
When the FTP adapter issues the DELE statement, it never reaches the FTP server the file is on (we have verified this by taking a look at the FTP server's logs)
there are no signs of timeouts on the FTP server; the FTP server log does not mention a timeout occurring
After the interval time set on the adapter expires, the FTP server will still find the large file that we have already processed in the previous run, because the DELE statement failed
The event log in BizTalk states that ‘The connection to the FTP server was broken prematurely’. That is why we think there is a timeout issue.
We have seen that retrieval of the file takes around 35 minutes. The FTP server timeout is set to 1 hour. no problems there I guess.
Then we found the following article: http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html#FirewallTimeouts. It states that a firewall / routing device might be responsible for the timeouts. The team managing our firewalls and routers told us that there were no timeouts set here.
Which leaves us in the dark on the cause of our problem. Does anyone of you have any suggestions? Or even better, the solution!!
Have you tried the solutions in this article?
I avoid using the FTP adapter. Instead I use a third party utility to retrieve files and move the transferred file to a file adapter receive location. Third party utilities allow you to configure rules, recovery actions etc, freeing BizTalk from having to manage the transfer.
I just want to know how you upload datasets specifying its characeteristics?
E.G. using the command quote site lrecl=500 recfm=fb
Well, the command was accepted when I tried to use it, but the problem is that when I tried to upload the file using the command 'send' ftp hangs up, and definitley closes the session.
This is the sample:http://www.mvsforums.com/helpboards/recent.php?sid=dab6b1f3cda149c7d7db855d90acaab1
ftp> quote site lrecl=500 recfm=fb
200 SITE command was accepted
ftp> send C:\test\test.txt 'ADM.SAMPLE.TEST'
200 Port request OK.
425 Can't open data connection.
ftp>
Any help will be appreciated.
Thanks.
I sometimes get this error because of firewall problems when trying to ftp behind a router. You might try switching to active or passive mode (depending of what you are currently using) to see if this helps.
I have a couple of programs that do this, but without specifying record size. The blocking command should be okay. Are you sure you don't have a permissions issue? Does ADM.SAMPLE.TEST already exist, and is it 500 bytes at least? If not, have them create it for you and see if the ftp works then.
You should be able to specify the data set allocation parameters using the site command.
site u=SYSDA rec=VB lr=6144 blk=0 ucount=2 tr pri=3000 sec=200
That translates to:
unit=SYSDA
record format=variable block
logical record length=6144
block size=0
unit count=2
track (allocation units)
primary space=3000
secondary space=200