Chapter 2 – Getting Started

Icon40 IPS

2.1 – What Do I Need?

2.1.1 – Operating System

IPS is designed to run on a large variety of operating system. You will need one of the following operating systems running on an Intel platform to be able to setup and run IPS:

PLEASE NOTE

You are advised to always keep your operating system and other components updated to the latest available patch level from the manufacturer. The operating system updates are to be considered mandatory requirements for running an IPS based server.

Please take the time to peruse Appendix B for quick links to operating system updates, and apply them.

2.1.2 – 3rd Party Utilities

A few 3rd party utilities are used by IPS at various situations, these are:

2.1.3 – InetPowerServer

Since new functionality, fixes and security enhancements are always in development, it's advised that administrators keep their IPS releases up-to-date with the latest version. Please visit the InetPowerServer site regularly and check the download page for new versions.

That wraps it up! This document will walk the prospective IPS administrator through the various steps for configuration.

2.2 – Installing IPS

2.2.1 – First Time Installation

Once the IPS distribution is downloaded, an unzip utility is required to unpack it to the directory of choice. The distribution unpacks as a tree structure, so appropriate options should be set within the unzip utility that will preserve the original path names. The "IPS root directory", as it's known is ips\, and beneath this is where all of IPS's related files and subdirectories are found. For more information about the IPS directory tree, and the various IPS-related files, please refer to Chapter 5.

After the archive is unpacked, all that needs to be done is to run the ips2.exe (OS/2 users) or ips32.exe (Windows users). As a note for Windows users, a user with Administrator rights must be logged in to install IPS. OS/2 users will see folders and icons created on their desktop. In the case of either OS, IPS will carry out it's installation tasks, and you should see something similar to that shown below (ips32.exe shown):

Console Output

------------------------------------------------------------------------------
InetPowerServer/32 v0.9.3                   (c) 1996-2001 by Terje Flaaronning
Build ID: Apr 29 2001 12:00 (Beta)             http://www.InetPowerServer.com/

Checking for new server binary ...
New server binary found, testing file ...
File tested ok, upgrading ...
- Copied new file "binaries\ips32upd.exe" to "binaries\ips32srv.exe".
- Deleted update file "binaries\ips32upd.exe".

Calling server binary "binaries\ips32srv.exe" ...
------------------------------------------------------------------------------
InetPowerServer/32 v0.9.3 Server            (c) 1996-2001 by Terje Flaaronning
Build ID: Apr 29 2001 12:00 (Beta)             http://www.InetPowerServer.com/

Archiving log files into "20010429-234136.zip" ...
Starting system configuration check ...
Checking directory structure ...
- "config" created
- "messages" created
- "scripts" created
- "tmp" created
Installing default configuration ...
- "config\main" created
- "config\main\stats" created
- "config\main\users" created
- "config\main\vfs" created
- "config\main\vfs\drives" created
- "config\main\vfs\drives\c" created
- "config\main\vfs\drives\d" created
- "config\main\vfs\drives\e" created
- "config\main\vfs\drives\f" created
- "config\main\vfs\drives\g" created
- "config\main\vfs\ftp" created
- "config\main\vfs\html" created
- "config\main\vfs\html\!documentation" created
- "config\main\vfs\html\cgi-bin" created
Installing system message files ...
- "messages\ftp" created
- "messages\http" created
- "messages\http\icons" created
- "messages\imap4" created
- "messages\pop3" created
- "messages\smtp" created
Installing default script files ...
- "scripts\ftp" created
- "scripts\http" created
- "scripts\imap4" created
- "scripts\pop3" created
- "scripts\smtp" created
Removing command files ...

Starting IPS Server (8756) ...

[   1] Starting management service ...
[   1] - Service thread created and started
[   1] Starting IPS Console ...
[   2] ADMINd service /ADMIN created (127.0.0.1:4321)
[   1] Scanning for site personality groups ...
[   1] - Site personality group "main" found
[   2] ADMINd service /ADMIN running
[   1] - Site personality group "main" created
[   1] Starting created site personality groups ...
[   1] - Starting site personality group "main"
[   1] 
[   1] =[ CRITICAL SECURITY WARNING ]=========================================
[   1] - Default password present for account "admin"!
[   1] - Default password present for account "user"!
[   1] =======================================================================
[   1] 
[   1] Stability monitor is running ... -[ Press Alt+X to shutdown ]-
[   4] FTPd service main/FTP-1 created (127.0.0.1:21)
[   5] HTTPd service main/HTTP-1 created (127.0.0.1:80)
[   6] POP3d service main/POP3-1 created (127.0.0.1:110)
[   7] SMTPd service main/SMTP-1 created (127.0.0.1:25)
[   5] HTTPd service main/HTTP-1 running
[   7] SMTPd service main/SMTP-1 running
[   4] FTPd service main/FTP-1 running
[   6] POP3d service main/POP3-1 running

IPS is now running. Services are bound to standard ports, using the loopback address (127.0.0.1), as shown above. IPS can be shut down by pressing Alt-X. Note that if any connections with the site are open at the time Alt-X is pressed (ie: users are logged into the FTP site), IPS will wait until those users have logged off the site before proceeding with shutdown. In the event that the administrator wishes to shut down IPS immediately, an Alt-X is to be pressed a second time. A second Alt-X will cause a forced disconnect all open connections, and IPS will shut itself down completely.

In the output above, the warning message "*** WARNING - Default admin password still present" is a reminder that the administrative account (admin) still has a default password configured for it. Please note the default admin account (login and password shown below) allows administrative access throughout the IPS site.

Login

Password

admin

adminpassword

user

password

anonymous

(no password needed)

Since an account with administrative access is allowed complete control of the IPS system, it's highly advised that the password (at the very least) be changed immediately. Methods of creation and editing of account information is covered in verbose detail in Chapter 3.

PLEASE NOTE

In order to avoid security breaches or damage to your system by others, it is highly advised that the admin account password be changed IMMEDIATELY. Configuration of the admin account (as well as other accounts) is covered in Chapter 3.

When connected to through a browser, the HTTP service will announce it's availability with an "InetPowerServer at your service" heading, followed by two links (one to the documentation and one to the site adminstration section of the site). The "Administer site" link, once clicked, will result in a prompt for authentication (obviously for security reasons). This is the point where a non-default admin password becomes critical.

The FTP service can be connected to anonymously or via the admin account. Administrators will be presented with three directories: "drives", "ftp" and "html". The drives directory contains virtual mappings to drive letters (that may, or may not exist) on the system on which it is installed. Take note that this is a mere example VFS mapping, and can be changed (or even eliminated) at any time. The ftp directory is by default, empty, but the html directory mapping will present the cgi-bin subdirectory as well as the IPS documentation (documentation) directory.

Anonymous users logging on to the default FTP site will "arrive" in an empty directory found at .\config\main\vfs\ftp. This directory has been defined to be the 'root' directory of the site (the "RootDirectory=/ftp" line in the 'main' CF does this). The illusion of this 'root' definition is such that the user is not able to navigate to parent directories when at this location. The anonymous does, however, has sufficient access permissions to create directories and to upload & download files. Also note that if the Administrator was to put a file in .\config\main\vfs\ftp, it would appear to this user.

In contrast, the administrative account allows more room to "move around", as shown below. Note the differences in the UNIX permissions column (the left-most column in the directory listing):

Default Configuration FTP Session Example (admin user)

ftp> pwd
257 "/" is current directory.
ftp> ls -al
200 PORT command completed.
150 Opening Text/AscII data connection for "/*".
drwx------   5 admin    users          0 Apr 29 23:41 .
drwx------   7 admin    users          0 Apr 29 23:41 drives
drwxrwxrwx   2 admin    users          0 Apr 29 23:41 ftp
drwxr-xr-x   4 admin    users          0 Apr 29 23:41 html
226 Directory listing complete.
ftp: 238 bytes received in 0,04Seconds 5,95Kbytes/sec.
ftp> cd html
250 "/html" is current directory.
ftp> ls -al
200 PORT command completed.
150 Opening Text/AscII data connection for "/html/*".
dr-xr-xr-x   6 admin    users          0 Apr 29 23:41 !documentation
drwxr-xr-x   4 admin    users          0 Apr 29 23:41 .
drwx------   5 admin    users          0 Apr 29 23:41 ..
d--x--x--x   2 admin    users          0 Apr 29 23:41 cgi-bin
-rwxr-xr-x   1 admin    users        913 Apr 16 22:27 index.html
226 Directory listing complete.
ftp: 314 bytes received in 0,05Seconds 6,28Kbytes/sec.
ftp>

At this point it is clear from these two examples, that security can be defined at user, group, file and directory levels. Further, more verbose information on configuring security can be found in Chapter 3.

Future startups of default-configured IPS systems will show more abbreviated output, since setup of files is already handled the first time the ips2.exe or ips32.exe executables are run. An example follows:

Console output

------------------------------------------------------------------------------
InetPowerServer/32 v0.9.3                   (c) 1996-2001 by Terje Flaaronning
Build ID: Apr 29 2001 12:00 (Beta)             http://www.InetPowerServer.com/

Checking for new server binary ...
Calling server binary "binaries\ips32srv.exe" ...
------------------------------------------------------------------------------
InetPowerServer/32 v0.9.3 Server            (c) 1996-2001 by Terje Flaaronning
Build ID: Apr 29 2001 12:00 (Beta)             http://www.InetPowerServer.com/

Archiving log files into "20010429-234900.zip" ...
Starting system configuration check ...
Checking directory structure ...
Removing command files ...

Starting IPS Server (8756) ...

[   1] Starting management service ...
[   1] - Service thread created and started
[   1] Starting IPS Console ...
[   1] Scanning for site personality groups ...
[   1] - Site personality group "main" found
[   1] - Site personality group "main" created
[   1] Starting created site personality groups ...
[   1] - Starting site personality group "main"
[   2] ADMINd service /ADMIN created (127.0.0.1:4321)
[   1]
[   1] =[ CRITICAL SECURITY WARNING ]=========================================
[   2] ADMINd service /ADMIN running
[   1] - Default password present for account "admin"!
[   1] - Default password present for account "user"!
[   1] =======================================================================
[   1]
[   1] Stability monitor is running ... -[ Press Alt+X to shutdown ]-
[   3] FTPd service main/FTP-1 created (127.0.0.1:21)
[   4] HTTPd service main/HTTP-1 created (127.0.0.1:80)
[   6] SMTPd service main/SMTP-1 created (127.0.0.1:25)
[   5] POP3d service main/POP3-1 created (127.0.0.1:110)
[   3] FTPd service main/FTP-1 running
[   5] POP3d service main/POP3-1 running
[   6] SMTPd service main/SMTP-1 running
[   4] HTTPd service main/HTTP-1 running

The only thing left to do now is to customize IPS for the way you want it to operate. This is an involved process, but an easy one and is covered in general in Chapter 3. Advanced configuration topics are covered in Chapter 4.

2.2.2 – Version Upgrades



2.3 – Support Availability

Two support channels for IPS exist: The IPS Mailing List and the #IPS channel on the EFnet IRC network. Details of how to use these support channels are detailed below.

2.3.1 – The IPS Mailing List

The IPS Mailing List is the best support resource for IPS users and enthusiasts alike.

The IPS Mailing List has been setup for IPS support at Yahoo! Groups, where all discussion (including general questions and technical support) are submitted. It's a information-rich, ever-changing resource that all IPS users take part in building, and we encourage you to participate! Features include announcements, technical support, feedback and comment submission. Check out the web-based mailing list!

For those who haven't participated in a mailing list before, here's how it works:

Participation can be done through the web or via e-mail. The user merely subscribes to the mailing list, and then they can participate in the discussion. Web users can use the web interface at http://groups.yahoo.com/ to read and post messages, whereas those who choose to use e-mail, use their e-mail client software to do the reading and posting. Details on how to subscribe to, post to and unsubscribe from the IPS Mailing List are found below.

PLEASE NOTE

The author of IPS does generally not accept direct emails for technical support. Repeating messages through direct email, and again through the mailing list is time consuming for the author, and unnecessary. Users are advised to use either the IPS Mailing List as outlined above, or the #IPS channel on the EFnet IRC network, as described in the section below.

To eliminate any confusion, please be advised that technical support e-mails sent directly to the software author or documentation author will most likely be ignored.

Subscribing To the IPS Mailing List

The list server will send mailing list postings to the account that sends the subscription request. For those with multiple accounts, those users must be sure to send the subscription request from the email account with which they want to participate. To subscribe, all that needs to be done is to send a blank e-mail to ips-list-subscribe@yahoogroups.com.

The list server will then return an e-mail to the originating address, acknowledging the subscription to the mailing list. That's all there is to it. See the next section below on how to post messages to the list.

Posting To the IPS Mailing List

Participating in the mailing list could never be simpler. Upon quick inspection, all messages from the list server have the "From:" address of ips-list@yahoogroups.com. This is also the "Reply-to:" address. Replying to an existing posting requires the same action as replying to a regular e-mail, which is writing the reply and telling the e-mail software to reply to the original message. Starting a new subject requires only sending an e-mail to the address above. In either case, the message must be addressed to the list server at the address above in order to be posted to the list. From that point, the list server will distribute that message to each mailing list subscriber, and so on, and so forth.

Using web-based access, from the Yahoo! Groups groups list, a click on the word "Post" (located to the left of the ips-list group name) is all that is required to begin the posting. From there, a subject should be entered, followed by the message itself, and then a selection of the language the message was written in (from the pull-down box at the bottom). After the writer has completed their message, they simply click on "Send Message", and that message is then posted to the mailing list automatically.

Unsubscribing From the IPS Mailing List

Though we don't recommend doing so, users can unsubscribe from the IPS mailing list at any time. If participation in the mailing list is no longer desired, however, the user has two ways to choose from to unsubscribe: through e-mail, or through the Yahoo! Groups web site.

Through e-mail, a blank e-mail to ips-list-unsubscribe@yahoogroups.com, sent through the mail account the user subscribed from, is all that is required. If the subscribed account isn't used to send the un-subscription request, the un-subscription will fail. Shortly after having sent the request from your subscribing account, you should receive a message from the Yahoo! Groups list server later that confirms your un-subscription from the list. From that point onward, you shouldn't get any more e-mail from the IPS Mailing List.

Through web-based access, simply sign in to Yahoo! Groups, click on the "ips-list" group from the list of groups you are a member of, and then click on "Unsubscribe" in the upper-right hand corner of the new page that's displayed. If you have questions about, or experience problems with the Yahoo! Groups service, please visit http://groups.yahoo.com/.

Changing E-mail Accounts

Who would have thought moving could be so easy? One day you might want the IPS Mailing List to be sent to a different email account. Should this day come, simply un-subscribe from the list (refer to the "Unsubscribing from the IPS Mailing List" section just above), and then subscribe using the new e-mail account (refer to the "Subscribing to the IPS Mailing List" section). If you're a web user, you can Unsubscribe from the Yahoo! Groups list, and then re-subscribe as a new member (refer to the Subscribing and Unsubscribing web sections above).

2.3.2 – Internet Relay Chat (IRC)

EFnet IRC is the host of the Official IPS Support Channel, which is #IPS. This is a channel where informal chats on IPS take place. The various methods of using IRC is beyond the scope of this document. If you haven't had experience using IRC before, quite simply put, it's a way for large or small groups of people to communicate with one another in real-time, through text messages and file transfers. To communicate on IRC, you will need to download an "IRC client" (See Appendix B for links to many popular IRC clients). Try downloading one of these clients and peruse the help they provide.

2.3.3 – The IPS Support Web Site

The IPS Support Web Site always contains the latest releases, maintenance releases, enhancements and other files related to IPS. The official address is http://www.InetPowerServer.com/.

PLEASE NOTE

If you have created RexxHooks of your own and you'd like to share them with other IPS users, please feel free to e-mail them to the IPS author and they may be added to the downloads page.

2.3.4 – The IPS Author

If you need to contact Terje Flaarønning directly, you can do so at author (at) inetpowerserver.com. Once again, technical support issues will not be addressed outside the mailing list.

This document is the exclusive property of Terje Flaarønning.

Jump to http://www.InetPowerServer.com/