1
21 Overview
3
4 FTimes is a system baselining and evidence collection tool. The
5 primary purpose of FTimes is to gather and/or develop topographical
6 information and attributes about specified directories and files in
7 a manner conducive to intrusion and forensic analysis. FTimes is
8 available at:
9
10 This document explains how to build FTimes, configure an Apache
11 Web server to handle FTimes requests, and perform basic client-server
12 functionality tests.
13
14 FTimes is available at: http://ftimes.sourceforge.net/FTimes/
15
161.1 Revision
17
18 $Id: README.INSTALL,v 1.25 2010/01/22 02:56:43 mavrik Exp $
19
201.2 Table of Contents
21
22 Section 1 .................... Overview
23 Section 1.1 .................. Revision
24 Section 1.2 .................. Table of Contents
25 Section 1.3 .................. Background
26 Section 1.4 .................. Caveats
27 Section 2 .................... Building FTimes
28 Section 2.1 .................. Requirements
29 Section 2.2 .................. Unpack the Source Archive
30 Section 2.3 .................. Verify Installation of Optional Components
31 Section 2.3.1 ................ Verify Installation of PCRE
32 Section 2.3.2 ................ Verify Installation of OpenSSL
33 Section 2.4 .................. UNIX Build Instructions
34 Section 2.4.1 ................ UNIX Build Gotchas
35 Section 2.5 .................. WINX Visual Studio Build Instructions
36 Section 2.5.1 ................ WINX Visual Studio Build Gotchas
37 Section 2.6 .................. WINX MinGW/MSYS Build Instructions
38 Section 2.6.1 ................ WINX MinGW/MSYS Build Gotchas
39 Section 3 .................... Web Server Configuration
40 Section 3.1 .................. Requirements
41 Section 3.2 .................. CGI Script Setup
42 Section 3.2.1 ................ Environment Variables
43 Section 3.2.2 ................ CGI Directory Setup
44 Section 3.2.3 ................ Script Setup
45 Section 3.2.4 ................ Access Control Setup
46 Section 3.3 .................. Verify Client-Server Connectivity
47 Section 3.3.1 ................ Server Configuration
48 Section 3.3.2 ................ Client Configuration
49 Section 3.3.3 ................ Test Client-Server Connectivity
50
511.3 Background
52
53 FTimes is a system baselining and evidence collection tool. The
54 primary purpose of FTimes is to gather and/or develop information
55 about specified directories and files in a manner conducive to
56 intrusion analysis.
57
58 FTimes is a lightweight tool in the sense that it doesn't need
59 to be "installed" on a given system to work on that system, it
60 is small enough to fit on a single floppy, and it provides only
61 a command line interface.
62
63 Preserving records of all activity that occurs during a snapshot
64 is important for intrusion analysis and evidence admissibility.
65 For this reason, FTimes was designed to log four types of
66 information: configuration settings, progress indicators, metrics,
67 and errors. Output produced by FTimes is delimited text, and
68 therefore, is easily assimilated by a wide variety of existing
69 tools.
70
71 FTimes basically implements two general capabilities: file
72 topography and string search. File topography is the process of
73 mapping key attributes of directories and files on a given file
74 system. String search is the process of digging through directories
75 and files on a given file system while looking for a specific
76 sequence of bytes. Respectively, these capabilities are referred
77 to as map mode and dig mode.
78
79 FTimes supports two operating environments: workbench and
80 client-server. In the workbench environment, the operator uses
81 FTimes to do things such as examine evidence (e.g., a disk image
82 or files from a compromised system), analyze snapshots for change,
83 search for files that have specific attributes, verify file
84 integrity, and so on. In the client-server environment, the focus
85 shifts from what the operator can do locally to how the operator
86 can efficiently monitor, manage, and aggregate snapshot data for
87 many hosts. In the client-server environment, the primary goal
88 is to move collected data from the host to a centralized system,
89 known as an Integrity Server, in a secure and authenticated
90 fashion. An Integrity Server is a hardened system that has been
91 configured to handle FTimes GET, PING, and PUT HTTP/S requests.
92
93 The FTimes distribution contains a script called nph-ftimes.cgi
94 that may be used in conjunction with a Web server to implement a
95 public Integrity Server interface.
96
971.4 Caveats
98
99 The various programs and scripts referenced throughout this
100 document are generally specified using relative paths. To avoid
101 potential complications, you can either make sure that your PATH
102 environment variable is configured properly or provide full path
103 information as needed.
104
1052 Building FTimes
106
107 This section describes the process for building and installing
108 FTimes.
109
1102.1 Requirements
111
112 Building FTimes in UNIX environments requires:
113
114 Make
115 GNU or FreeBSD make is best. Do not attempt to build with the
116 native version of make under Solaris.
117
118 GCC
119 Most any version will do. The lowest version currently used for
120 test builds is 2.95.4.
121
122 Perl
123 Most any version will do, but it must include pod2man and
124 pod2html. If it doesn't, be sure to add them.
125
126 Autoconf
127 This tool is only required if you need to remake the configure
128 script. By default, the configure script is pre-built and
129 included in each release.
130
131 Building FTimes in WINX environments requires:
132
133 MinGW+MSYS or Visual Studio
134 Webjob can be built with PCRE and OpenSSL support under MinGW
135 5.1.4 and MSYS 1.0.10. Avoid lower versions of MinGW and MSYS,
136 or be prepared to work through the warnings/issues.
137
138 Webjob can be built with OpenSSL support under Visual Studio
139 6.0. Avoid higher versions of Visual Studio, or be prepared to
140 work through the compiler warnings/issues.
141
142 Active Perl
143 The lowest version currently used is 5.8.8 build 822. Also, you
144 must have pod2man and pod2html. For MinGW/MSYS builds, these
145 tools must be in the MSYS path.
146
147 By default, PCRE and SSL support is enabled in FTimes. This means
148 that PCRE and OpenSSL must be be installed and/or available on the
149 build system.
150
1512.2 Unpack the Source Archive
152
153 The source archive needs to be unpacked in a suitable location
154 before the build process can commence. All commands presented
155 in this section attempt to unpack the source archive in the current
156 working directory.
157
158 On UNIX platforms this can be accomplished as follows:
159
160 $ tar -zxvf <archive>
161
162 If your version of tar doesn't support the 'z' flag, then try the
163 following command pipeline:
164
165 $ gunzip -c <archive> | tar -xvf -
166
167 On WINX platforms WinZip may be used to unpack the archive.
168 Since the source archive is actually a gzipped tar file, WinZip
169 will ask if you wish to decompress and open it -- answer yes.
170 The command line syntax for WinZip is given here:
171
172 > winzip32.exe -min -e <archive>
173
1742.3 Verify Installation of Optional Components
175
1762.3.1 Verify Installation of PCRE
177
178 By default, PCRE support is enabled in FTimes. This means that
179 PCRE libraries must be installed and/or available on the build
180 system. The PCRE project is located at http://www.pcre.org.
181 Refer to PCRE's documentation for details on how to do this.
182
1832.3.2 Verify Installation of OpenSSL
184
185 By default, SSL support is enabled in FTimes. This means that
186 OpenSSL must be installed and/or available on the build system.
187 The OpenSSL project is located at http://www.openssl.org. Refer
188 to OpenSSL's documentation for details on how to do this.
189
1902.4 UNIX Build Instructions
191
192 Typically, the build process is simply a matter of running configure
193 and make. In general, you are not required to specify any extra
194 options/arguments when invoking either command. The most basic
195 build sequence is as follows:
196
197 $ ./configure && make
198
199 By default, PCRE and SSL support is enabled. This means that the
200 configure script will attempt to locate PCRE and OpenSSL components
201 (e.g., libraries and include files) on your system. If either
202 of these components are not found in one of several common
203 locations, the script will abort. To override that behavior, you
204 can specify alternate locations using the --with-pcre=DIR and
205 --with-ssl=DIR configure options. For example, if your copy of
206 OpenSSL was installed in /usr/local/my_openssl, the build sequence
207 would be as follows:
208
209 $ ./configure --with-ssl=/usr/local/my_openssl && make
210
211 To disable SSL support, use the --without-ssl option as follows:
212
213 $ ./configure --without-ssl && make
214
215 To disable PCRE support, use the --without-pcre option as follows:
216
217 $ ./configure --without-pcre && make
218
219 FTimes also supports file typing via XMagic. If this capability is
220 desired, pass the --enable-xmagic flag to configure.
221
222 Note: As of version 3.6.0, you must enable PCRE support if you wish
223 to include XMagic support.
224
225 The default FTimes installation directory is /usr/local/ftimes.
226 If you want to install in a different location, set the --prefix
227 configure option. For example, if you wanted to install in the
228 directory /usr/local/my_ftimes, the build sequence would be as
229 follows:
230
231 $ ./configure --prefix=/usr/local/my_ftimes && make
232
233 To see a listing of all available configure options execute the
234 following command:
235
236 $ ./configure --help
237
238 When the software has been built to your satisfaction, it can be
239 tested and installed with the following commands:
240
241 # make test
242 # make install
243
2442.4.1 UNIX Build Gotchas
245
246 When experimenting with different build/configure options, be
247 sure to do a "make clean-all" between builds. This ensures that
248 any intermediate files are removed. In certain situations, build
249 problems could arise if this is not done.
250
251 Do not use the native version of make on Solaris platforms as the
252 build/test process will, in all likelihood, fail. Use GNU Make 3.80
253 or higher instead (i.e., gmake).
254
255 Executing the built-in tests (i.e., the test target) can take a
256 considerable amount of time -- especially on older/slower systems.
257 Also, these tests may fail if you don't have the necessary Perl
258 modules installed.
259
260 Make sure pod2man and pod2html are installed and in your PATH. The
261 documentation will not build properly without these utilities.
262
263 Make sure strip(1) is in your PATH. Typically, this is only a
264 problem on Solaris platforms where it lives in /usr/ccs/bin. Also,
265 if /usr/ccs/bin is in your PATH, make sure it follows the path to
266 GNU make -- see above for that gotcha.
267
2682.5 WINX Visual Studio Build Instructions
269
270 Note: As of version 3.9.0, the preferred build process for WINX
271 platforms is MinGW+MSYS. See section 2.6 for details.
272
273 FTimes has compiled successfully on WINX using Microsoft's Visual
274 Studio 6.0. The build process is simply a matter of setting up a
275 build environment and running nmake. WINX binaries are built using
276 the following Makefile: Makefile.vs. Note that there is no
277 equivalent configure process for NT/2K/XP builds.
278
279 When building FTimes from the command line, you may need to run
280 the batch script VCVARS32.BAT to establish a build environment.
281 One quick test is to check the LIB and INCLUDE variables with:
282
283 > set LIB
284 > set INCLUDE
285
286 If neither variable is defined or you are in doubt, run
287 VCVARS32.BAT. Usually, this script is kept in Visual Studio's bin
288 directory. Once you have located the script, simply execute it.
289
290 Because PCRE support is enabled by default, you need to make sure
291 that the PCRE_DIR macro in Makefile.vs has an appropriate value.
292 Basically, Makefile.vs was written with the assumption that your
293 version of PCRE was installed in C:\PCRE. Adjust PCRE_DIR as
294 necessary, if this is not the case.
295
296 Because SSL support is enabled by default, you need to make sure
297 that the SSL_DIR macro in Makefile.vs has an appropriate value.
298 Basically, Makefile.vs was written with the assumption that your
299 version of OpenSSL was installed in C:\OpenSSL. Adjust SSL_DIR
300 as necessary, if this is not the case.
301
302 Assuming that you are required to run VCVARS32.BAT and all the
303 required libraries and header files are installed in their default
304 locations, the build sequence would be as follows:
305
306 > VCVARS32.BAT
307 > nmake -f Makefile.vs
308
309 If you don't want PCRE support, set the USE_PCRE macro to 'N'.
310 This can be done from the command line as follows:
311
312 > nmake -f Makefile.vs USE_PCRE=N
313
314 If you don't want SSL support, set the USE_SSL macro to 'N'. This
315 can be done from the command line as follows:
316
317 > nmake -f Makefile.vs USE_SSL=N
318
319 If you want to turn on debugging, set the BUILD_TYPE macro to
320 'DEBUG'. This can be done from the command line as follows:
321
322 > nmake -f Makefile.vs BUILD_TYPE=DEBUG
323
324 FTimes also supports file typing via XMagic. To enable this
325 capability, set the USE_XMAGIC macro to 'Y'.
326
327 Note: As of version 3.6.0, you must enable PCRE support if you wish
328 to include XMagic support.
329
330 The various macros described in this section may be combined in
331 any given build. For example, to build a debug release without
332 SSL support, invoke nmake as follows:
333
334 > nmake -f Makefile.vs BUILD_TYPE=DEBUG USE_SSL=N
335
336 When the software has been built to your satisfaction, it can be
337 tested and installed with the following commands:
338
339 > nmake -f Makefile.vs test
340 > nmake -f Makefile.vs install
341
342 Note: Testing require ActivePerl.
343
344 FTimes' default installation directory is C:\FTimes. If you
345 want to install in a different location, adjust the INSTALL_DIR
346 macro as appropriate -- either in the makefile or on the command
347 line. For example, to install FTimes in the 'Program Files'
348 directory, invoke nmake as follows:
349
350 > nmake -f Makefile.vs install INSTALL_DIR="C:\Program Files\FTimes"
351
3522.5.1 WINX Visual Studio Build Gotchas
353
354 You may have trouble compiling with nmake if your environment
355 settings aren't correct. When this happens, try running the batch
356 file VCVARS32.BAT provided with Visual Studio. If all else fails,
357 try creating a Visual Studio project and import the source code.
358
359 When experimenting with different build options (e.g., BUILD_TYPE,
360 USE_SSL, etc.), be sure to do a "make clean-all" between builds.
361
362 > nmake -f Makefile.vs clean-all
363
364 This will ensure that everything is rebuilt correctly. In certain
365 situations, build problems could arise if this is not done.
366
367 You may have trouble linking against static OpenSSL libraries.
368 If that happens check to see if the OpenSSL Makefile (ms\nt.mak)
369 is using /MT -- by default it uses /MD (as of openssl-0.9.7f).
370
371 Executing the built-in tests (i.e., the test target) can take a
372 considerable amount of time -- especially on older/slower systems.
373 Also, these tests may fail if you don't have ActivePerl and the
374 necessary Perl modules installed.
375
376 Make sure pod2man and pod2html are installed and in your PATH. The
377 documentation will not build properly without these utilities.
378
3792.6 WINX MinGW/MSYS Build Instructions
380
381 Typically, the build process is simply a matter of running configure
382 and make. Going on the assumption that you have static versions of
383 PCRE (7.6 or higher) and OpenSSL (0.9.8h or higher), the most basic
384 build sequence is as follows:
385
386 $ ./configure CFLAGS=-DPCRE_STATIC && make
387 $ make install
388
389 If you need to build static versions of OpenSSL and PCRE, follow the
390 instructions documented in these recipes:
391
392 http://ftimes.sourceforge.net/Files/Recipes/openssl-compile-mingw.txt
393
394 and
395
396 http://ftimes.sourceforge.net/Files/Recipes/pcre-compile-mingw.txt
397
3982.6.1 WINX MinGW/MSYS Build Gotchas
399
400 The process documented in the previous section is known to work with
401 the stated versions of Active Perl, MinGW, MSYS, OpenSSL, and PCRE.
402 Other combinations are not supported at this time.
403
404 You may encounter errors building the man pages. If that happens,
405 put copies of pod2man and pod2html in MinGW's bin directory
406 (typically C:\MinGW\bin).
407
4083 Web Server Configuration
409
410 This section describes how to configure an Apache Web server
411 running on a UNIX platform to handle FTimes requests. It is
412 assumed that Apache is installed and running correctly.
413
414 Throughout this section, the terms username and clientid are used
415 interchangeably. By default, nph-ftimes.cgi expects a clientid
416 to conform to the following regular expression:
417
418 ^[0-9A-Za-z_-]{1,64}$
419
4203.1 Requirements
421
422 To configure a UNIX based Apache Web server to handle FTimes
423 requests you will need nph-ftimes.cgi, Apache, and Perl.
424
425 The name of the FTimes CGI script must begin with the string
426 "nph-". This naming convention, which stands for Non Parsed
427 Headers, informs the Web server that the CGI application is
428 responsible for generating the entire HTTP response. Non Parsed
429 Headers are used by this application because they allow it to
430 take full advantage of HTTP status code extensions. This simplifies
431 client-side error checking without giving up the ability to
432 generate application specific responses.
433
434 The tree structure depicted here is used by the server to support
435 FTimes request processing. Each top-level directory is explained
436 in the following paragraphs.
437
438 ftimes
439 |
440 - incoming
441 | |
442 | - clientid_timestamp_runtype.out
443 | - clientid_timestamp_runtype.err
444 | - clientid_timestamp_runtype.env
445 | - clientid_timestamp_runtype.rdy
446 | - ...
447 |
448 - logfiles
449 | |
450 | - nph-ftimes.log
451 |
452 - profiles
453 |
454 - <clientid-1>
455 | |
456 | - cfgfiles
457 | |
458 | - dig.cfg
459 | - map.cfg
460 |
461 - <clientid-2>
462 - ...
463
464 The incoming directory is where uploaded snapshots are stored.
465 Files in this directory are created automatically as snapshots
466 are posted to the server.
467
468 The logfiles directory is self-explanatory.
469
470 The profiles directory contains one directory for each client
471 profile (i.e., clientid) that is managed by the server. Each
472 clientid directory contains a cfgfiles directory. This is where
473 the dig and map config files are kept. Clients may download
474 either of these files by running FTimes in get mode.
475
4763.2 CGI Script Setup
477
478 This section describes how to install nph-ftimes.cgi. It also
479 explains how to modify Apache's configuration to recognize the
480 script's location and restrict access to the script through basic
481 authentication.
482
4833.2.1 Environment Variables
484
485 The variable APACHE_DIR refers to the location where Apache is
486 installed. This document assumes that APACHE_DIR is set to the
487 value "/usr/local/apache". You may set this variable on your
488 system as follows:
489
490 Bourne shell variants:
491
492 # export APACHE_DIR=/usr/local/apache
493
494 C shell variants:
495
496 # setenv APACHE_DIR /usr/local/apache
497
498 The variable CGI_DIR refers to the location where nph-ftimes.cgi
499 will be installed. This document assumes that CGI_DIR is set to
500 the value "${APACHE_DIR}/cgi-client". You may set this variable
501 on your system as follows:
502
503 Bourne shell variants:
504
505 # export CGI_DIR=${APACHE_DIR}/cgi-client
506
507 C shell variants:
508
509 # setenv CGI_DIR ${APACHE_DIR}/cgi-client
510
511 The variable ETC_DIR refers to the location where nph-ftimes.cfg
512 will be installed. This document assumes that ETC_DIR is set to
513 the value "${APACHE_DIR}/etc". You may set this variable on your
514 system as follows:
515
516 Bourne shell variants:
517
518 # export ETC_DIR=${APACHE_DIR}/etc
519
520 C shell variants:
521
522 # setenv ETC_DIR ${APACHE_DIR}/etc
523
524 For the remainder of this document, it is assumed that these
525 variables have been set in your shell.
526
5273.2.2 CGI Directory Setup
528
529 The script nph-ftimes.cgi should be installed in a directory that
530 is strictly dedicated to one purpose: access control. The major
531 factor here is that this application is designed to write data
532 to the server's local disk. Whenever access of this kind is
533 allowed by potentially hostile clients, you want to maintain a
534 tight rein.
535
536 If your environment is set up as described in section 3.2.1, you
537 may create a dedicated CGI directory as follows:
538
539 # mkdir -p -m 755 ${CGI_DIR} ${ETC_DIR}
540 # chown 0:0 ${CGI_DIR} ${ETC_DIR}
541
542 Next, assuming that you have just created a script directory that
543 Apache is not yet aware of, you will need to update httpd.conf.
544 Locate this file and place the following snippet in the alias
545 section. The alias section may be located by searching for the
546 following string: <IfModule mod_alias.c>
547
548 Note: You must manually replace ${CGI_DIR} and ${ETC_DIR} with
549 their literal values.
550
551 --- snippet ---
552 SetEnv FTIMES_PROPERTIES_FILE ${ETC_DIR}/nph-ftimes.cfg
553
554 ScriptAlias /cgi-client/ "${CGI_DIR}/"
555
556 <Directory "${CGI_DIR}">
557 AllowOverride AuthConfig
558 Options None
559 Order allow,deny
560 Allow from all
561 </Directory>
562 --- snippet ---
563
564 After modifying httpd.conf, you should verify its syntax and, if
565 that is successful, signal Apache to restart. To verify syntax
566 use the following command:
567
568 # apachectl configtest
569
570 If necessary, correct syntax errors. Otherwise, tell Apache to
571 restart with:
572
573 # apachectl restart
574
575 At this point, you are ready to install nph-ftimes.{cgi,cfg}.
576
5773.2.3 Script Setup
578
579 Locate nph-ftimes.cgi in the FTimes distribution tree. It should
580 be in the cgi directory. Change to this directory, and install
581 the script in ${CGI_DIR} as follows:
582
583 # cp nph-ftimes.cgi ${CGI_DIR}
584 # chmod 755 ${CGI_DIR}/nph-ftimes.cgi
585 # chown 0:0 ${CGI_DIR}/nph-ftimes.cgi
586
587 Verify that your Perl interpreter is located at /usr/bin/perl.
588 If this is not the case, modify the first line of the script to
589 reflect the true location of the interpreter. Typically, that
590 line should look like this:
591
592 --- snippet ---
593 #!/usr/bin/perl -w
594 --- snippet ---
595
596 Locate nph-ftimes.cfg.sample in the FTimes distribution tree. It
597 should be in the etc directory. Change to this directory, and
598 install the config file in ${ETC_DIR} as follows:
599
600 # cp nph-ftimes.cfg.sample ${ETC_DIR}/nph-ftimes.cfg
601 # chmod 644 ${ETC_DIR}/nph-ftimes.cfg
602 # chown 0:0 ${ETC_DIR}/nph-ftimes.cfg
603
604 Next, you need to create the following basic tree structure:
605
606 ftimes
607 |
608 - incoming
609 |
610 - logfiles
611 |
612 - profiles
613
614 By default, nph-ftimes.cgi expects to find this tree in the root
615 directory (i.e., /var/ftimes). If a different location is desired,
616 modify the BaseDirectory property in nph-ftimes.cfg as appropriate.
617 Otherwise, use the following command sequence to create the tree.
618 However, before doing this, you need to determine the uid and/or
619 username that Apache uses. This document assumes that Apache
620 runs in the context of the www user. If your configuration is
621 different, replace www with the appropriate username as necessary.
622
623 # mkdir -m 755 /var/ftimes
624 # chown 0:0 /var/ftimes
625 # cd /var/ftimes
626 # mkdir -m 755 incoming logfiles profiles
627 # chown www:0 incoming
628
629 Finally, you need to create the nph-ftimes log file. This is
630 done as follows:
631
632 # touch /var/ftimes/logfiles/nph-ftimes.log
633 # chown www:0 /var/ftimes/logfiles/nph-ftimes.log
634 # chmod 644 /var/ftimes/logfiles/nph-ftimes.log
635
636 The final configuration objective is to establish an access control
637 mechanism.
638
6393.2.4 Access Control Setup
640
641 By default, nph-ftimes.cgi expects Apache's basic authentication
642 to be enabled. Therefore, you'll need to create and install an
643 access file in ${CGI_DIR}. To determine the name of access files
644 on your system, check the AccessFileName directive in httpd.conf.
645 Typically, this directive contains the value .htaccess. The
646 following snippet may be used to create a suitable access file.
647
648 Note: Be sure to replace ${APACHE_DIR} with its literal value.
649
650 --- snippet ---
651 AuthType Basic
652 AuthName "FTimes Client Realm"
653 AuthUserFile ${APACHE_DIR}/htusers
654 require valid-user
655 --- snippet ---
656
657 Assuming that Apache's AccessFileName directive contains the value
658 .htaccess, the following command sequence may be used to create
659 and install a suitable access file in ${CGI_DIR}.
660
661 # echo "AuthType Basic" > ${CGI_DIR}/.htaccess
662 # echo "AuthName 'FTimes Client Realm'" >> ${CGI_DIR}/.htaccess
663 # echo "AuthUserFile ${APACHE_DIR}/htusers" >> ${CGI_DIR}/.htaccess
664 # echo "require valid-user" >> ${CGI_DIR}/.htaccess
665 # chmod 644 ${CGI_DIR}/.htaccess
666 # chown 0:0 ${CGI_DIR}/.htaccess
667
668 To complete access control setup, you must create a password file
669 and insert a new user. The purpose of the AuthUserFile directive
670 is to bind a particular access file to a particular password file.
671 Therefore, be sure to use the filename assigned to AuthUserFile
672 when creating the password file. The following command will
673 create a password file and insert an entry for the client_1 user.
674 You will be prompted to enter the user's password.
675
676 # htpasswd -c ${APACHE_DIR}/htusers client_1
677
678 Set the permissions and ownership on this file as follows:
679
680 # chmod 644 ${APACHE_DIR}/htusers
681 # chown 0:0 ${APACHE_DIR}/htusers
682
683 Finally, verify that the password file is not accessible to remote
684 Web browsers.
685
686 Once you have established a working authentication scheme, you
687 are ready to begin testing client-server connectivity.
688
6893.3 Verify Client-Server Connectivity
690
691 Before tackling this section, read the FTimes man page. Pay
692 particular attention to Example 5.
693
694 The purpose of this section is to test connectivity. This will
695 be done by configuring FTimes to run in get mode and request a
696 config file from the server. In section 3.2.4 you created an
697 access file on the server and inserted the user client_1. Get
698 the password for that user handy. You will need it in the coming
699 sections to complete the verification process.
700
7013.3.1 Server Configuration
702
703 On the server you need to create directories for client_1 and
704 insert the following config file as map.cfg.
705
706 The directories may be created as follows:
707
708 # umask 22
709 # cd /var/ftimes/profiles
710 # mkdir -p -m 755 client_1/cfgfiles
711 # chown -R 0:0 client_1
712
713 Go to /var/ftimes/profiles/client_1/cfgfiles and create map.cfg.
714 Make sure you replace <password> with its real value. Also, don't
715 forget to modify URLPutURL as appropriate.
716
717 --- map.cfg ---
718 BaseName=client_1
719 OutDir=.
720 URLPutSnapshot=Y
721 URLPutURL=http://web.server.net/cgi-client/nph-ftimes.cgi
722 URLUsername=client_1
723 URLPassword=<password>
724 URLAuthType=basic
725 Include=/tmp # or c:\temp
726 FieldMask=ALL-magic
727 --- map.cfg ---
728
7293.3.2 Client Configuration
730
731 On the client you need to install FTimes, and create the following
732 config file as get.cfg. Refer to section 2 for more information
733 on how to install FTimes.
734
735 Go to /tmp or some other suitable location, and create get.cfg.
736 Make sure you replace <password> with its real value. Also, don't
737 forget to modify URLGetURL as appropriate.
738
739 --- get.cfg ---
740 BaseName=client_1
741 GetAndExec=N
742 GetFileName=remote.cfg
743 URLGetURL=http://web.server.net/cgi-client/nph-ftimes.cgi
744 URLUsername=client_1
745 URLPassword=<password>
746 URLAuthType=basic
747 URLGetRequest=MapConfig
748 --- get.cfg ---
749
750 To avoid having to type a long path each time you invoke FTimes,
751 you may want to add /usr/local/ftimes/bin to your path.
752
7533.3.3 Test Client-Server Connectivity
754
755 At this point you are ready to test client-server connectivity.
756 Run the following command from the client. It should produce a
757 file named remote.cfg in the current directory.
758
759 $ ftimes --get get.cfg
760
761 or (for NT/2K/XP)
762
763 > ftimes --get get.cfg
764
765 If that worked, your almost there. Enable the GetAndExec control
766 in get.cfg, and rerun FTimes. This should produce three files
767 in the client's current working directory and three files in the
768 server's incoming directory. If these files don't exist, double
769 check FTimes' return status. Also, check Apache's log files and
770 nph-ftimes.log for any signs of trouble.
771
772
1
21 Overview
3
4 This document contains License information for The FTimes Project
5 ("Project"), which was established by Klayton Monroe in 2000.
6 Unless specifically excluded, all files in the Project fall under
7 the terms and conditions of the new BSD license.
8
91.1 Revision
10
11 $Id: README.LICENSE,v 1.15 2014/07/18 06:40:43 mavrik Exp $
12
131.2 Table of Contents
14
15 Section 1 .................... Overview
16 Section 1.1 .................. Revision
17 Section 1.2 .................. Table of Contents
18 Section 2 .................... The New BSD License
19 Section 3 .................... The Apache License
20 Section 4 .................... The MIT License
21
222 The New BSD License
23
24 Copyright 2000-2014 The FTimes Project
25
26 All rights reserved.
27
28 Redistribution and use in source and binary forms, with or without
29 modification, are permitted provided that the following conditions
30 are met:
31
32 1. Redistributions of source code must retain the above copyright
33 notice, this list of conditions and the following disclaimer.
34
35 2. Redistributions in binary form must reproduce the above copyright
36 notice, this list of conditions and the following disclaimer in
37 the documentation and/or other materials provided with the
38 distribution.
39
40 3. Neither the names of the copyright holders nor the names of any
41 contributors may be used to endorse or promote products derived
42 from this software without specific prior written permission.
43
44 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
45 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
46 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
47 FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
48 COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
49 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
50 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
51 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
53 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
54 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
55 OF THE POSSIBILITY OF SUCH DAMAGE.
56
573 The Apache License
58
59 This project includes software developed by the Apache Group for
60 use in the Apache HTTP server project (http://www.apache.org/).
61 The Apache code used by this project is contained exclusively in
62 the following files: ap_snprintf.[ch]
63
64 Copyright (c) 1995-1999 The Apache Group. All rights reserved.
65
66 Redistribution and use in source and binary forms, with or without
67 modification, are permitted provided that the following conditions
68 are met:
69
70 1. Redistributions of source code must retain the above copyright
71 notice, this list of conditions and the following disclaimer.
72
73 2. Redistributions in binary form must reproduce the above copyright
74 notice, this list of conditions and the following disclaimer in
75 the documentation and/or other materials provided with the
76 distribution.
77
78 3. All advertising materials mentioning features or use of this
79 software must display the following acknowledgment:
80 "This product includes software developed by the Apache Group
81 for use in the Apache HTTP server project (http://www.apache.org/)."
82
83 4. The names "Apache Server" and "Apache Group" must not be used to
84 endorse or promote products derived from this software without
85 prior written permission. For written permission, please contact
86 apache@apache.org.
87
88 5. Products derived from this software may not be called "Apache"
89 nor may "Apache" appear in their names without prior written
90 permission of the Apache Group.
91
92 6. Redistributions of any form whatsoever must retain the following
93 acknowledgment:
94 "This product includes software developed by the Apache Group
95 for use in the Apache HTTP server project (http://www.apache.org/)."
96
97 THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
98 EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
99 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
100 PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
101 ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
102 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
103 NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
104 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
105 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
106 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
107 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
108 OF THE POSSIBILITY OF SUCH DAMAGE.
109
110 This software consists of voluntary contributions made by many
111 individuals on behalf of the Apache Group and was originally based
112 on public domain software written at the National Center for
113 Supercomputing Applications, University of Illinois, Urbana-Champaign.
114 For more information on the Apache Group and the Apache HTTP server
115 project, please see <http://www.apache.org/>.
116
1174 The MIT License
118
119 This project includes software developed by Massachusetts Institute
120 of Technology. The MIT code used by this project is contained
121 exclusively in install-sh. The following text reiterates MIT's
122 terms and conditions.
123
124 Copyright 1991 by the Massachusetts Institute of Technology
125
126 Permission to use, copy, modify, distribute, and sell this
127 software and its documentation for any purpose is hereby granted
128 without fee, provided that the above copyright notice appear
129 in all copies and that both that copyright notice and this
130 permission notice appear in supporting documentation, and that
131 the name of M.I.T. not be used in advertising or publicity
132 pertaining to distribution of the software without specific,
133 written prior permission. M.I.T. makes no representations
134 about the suitability of this software for any purpose. It is
135 provided "as is" without express or implied warranty.
136
137