Introduction

This tutorial should not be used to exploit webservers. Some of de techniques used here have certain outputs that can crash old servers makin’ them unusable. Throughout this tutorial, techniques will be passed on from exploits found in de ‘windows’ OS. That ‘ACTUALLY’ helps in de prevention of deletion. There are lots of methods in stoppin’ a deleter, without de ANY restrictions set on de server but most have some weak point. After comin’ across four new techniques, makin’ a folder ‘invisible’ or undetectable from an ftp client LIST fuction. Makin’ folders/directories inaccessable and clone prevention, creatin’ smart directories which slows
down de users attempt. I’m sure most users would thank me for this, ‘undeletable files’ after experiencin’ rock solid protection and safe files.

Invisible Directories

The idea of invisible directoires came about when I came across paths that were “/ /example/” and was not listed in de main folder but was still ‘accessable’. These can be created in all directories without oder users knowin’ it exists unless bein’ searched for ‘MANUALLY’, which takes ages at de present time to search through each folder for “/ /”.

Creatin’ Invisible Directories

1. before
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/

2. after
./ /~/temp/tagged/for/team/warezpiratez/fxp/ <- hidden folder
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/

To create de hidden folders, make a new dir. as follows usin' this method. [backslash][space][backslash][foldername1][backslash][foldername2].

ie. / /foldername1/foldername2/...

The 'space' isn't a name but a 'character' that does not get listed, derefore makin' de directories impossible to view.

NOTE: Makin’ de hidden folders several LAYERS/SUB-DIRECTORIES deep is recommended.

ie. / / / /~/temp/tagged/for/ /team/warez/ /piratez/fxp/

This technique is not ‘anti-deletion proof’ but hidden from deletion proof! Read more to find out how to combine ALL THREE TECHNIQUE to make it ‘REMOTELY’ impossible to delete. Please note de ‘quotes’, REMOTELY in a sense that remote/local host.

Inaccessable Directories

Inaccessable directories prevents de user from ‘enterin'’ de folder. The user will not be able to enter de folders unless knowin’ de ‘entire’ remote path.

Creatin’ Inaccessable Directories

1. before
./temp/tagged/for/team/warezpiratez/fxp/
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/

2. after
./COM1 / temp/tagged/for/team/warezpiratez/fxp/ <- inaccessable directories, due to 'COM1' former windows bug.
./pub/
./images/
./_vti_pvt/
./_vti_cnf/
./_vti_log/
./temp/

To create inaccessable folders, use de followin' list of 'UNUSABLE NAMES'

COM1 COM1 COM3 COM4 (Windows COM PORTS)
LPT1 LPT2 LPT3 LPT4 (Windows Printer Ports)
AUX
NUL

Make a new folder "COM1[space][backslash][space][backslash] ie. /COM1 / /

NOTE: This makes de folder inaccessable, even to de siteadmin.(unless accessed from DOS, local with access to de machine.)

To use de dir. Create a new folder called “COM1[space][backslash][space][foldername1][backslash][foldername2] ie. /COM1 / / ~/temp/tagged/

NOTE: This folder is still inaccessable, if a user attempts to enter it. To gain access to de folder, de ‘full path’ must be known. To enter de folder use de RAW command ‘CWD’ change dir. path. to enter de folder. ie. CWD /COM1 / / ~/temp/tagged/ and voila de folder is usable and workin’.

TIP: Creatin’ de folder ’several’ LAYERS/SUB-DRIECTORIES deep. It is impossible to enter.

Smart Directories

This technique involves, de creation of directories that are ‘COPYRIGHT’. How’s that for a simple description. The idea is to create directories that would contain [periods] thorough each of de subdirectories or segmenets. The use of this is quite sipmle, note de word ‘COPYRIGHT. Most users use de ftp://login :password at ip :port/path/ format for faster access to an ftp.

Creatin’ Smart Directories

To create ’smart’ directories. Make de folder names of each sub directories contain a period before, inside, and after words within de subdirectories creatin’ a fake ‘file’ recognition. The Widows based clients will assume de folders to be files with windows usin’ its 8.3 format for file names.

1. before
ftp://anonymous@anonymous@123.456.789:21/temp/tagged/for/team/warezpiratez/f
xp/

2. after
ftp://anonymous@anonymous@123.456.789:21/temp/tagged ./for . /team. /. warez
.piratez/fxp

NOTE: Be as creative as possible with de dot formation, to prevent COPYING of all folders through each directories. The idea is to make de directories act as file extensions derefore when copied, it will be ‘queued’ and de user has to enter de directories MANUALLY. Oder ‘SYMBOLS’ can be used NOT ONLY just periods. But I find this most common, if de creator intends to create a catch phrase ‘memorable’ to him alone.

QUEUE: 1. /temp/tagged ./for . /team. /. warez .piratez/fxp <- result of folder extensions

Undeletable Files

Sad that we had to resolve to this but, this might be de end of deletion as we speak. I find no oder method out dere that can accomplish this task except settin’ restrictions from de server. This method involves de file bein’ self-protected. Meanin’ de files are ‘accessable’/'downloadable’ but can NOT be deleted. The idea is to make de file corrupted/crash makin’ it ‘in use’.

Creatin’ Undeletable Files

To create a self protected file, rename de entire file includin’ de extensions to de followin’ format:

filename[space][period]/[space]/ ie. filename ./ / The / / in de name as shown above in de previous example of creatin’ invisible directories makes de .extesion impossible to view on de pub as a windows recognized mime but, once dowloaded it will be shown and accessable. How’s that for wits.

1. before
warezpiratez.rar <- rar mime, winrar.

2. renamin’
warezpiratez ./ /

3. results
-warezpiratez <- unknown file(undeletable,downloadable) <- file will take de correct mime format on localhost

Ultimate Protection

The ultimate protection is obviously, yourself and your wits against de deleters. Use private FTPs, get fast sites T1+, but in this case, it would be de combination of all four techniques. Usin’ them into one major and thoughtout plan.

Creatin’ The Ultimate Protection

To create de ultimate protection that is desirable, first of all, create de invisible folders as shown above, several sub.dirs deep. Then creatin’ an ‘inaccesable’ folder within those invisible folders. Then de next step is to create those smart directories so it slows down ANY attempt to gain full access, and also it makes to user run into inaccessable folders. The idea is to trap de user before those folders usin’ de smart directories idea. I didn’t think that was ingenieus but just common sense and seemd smart!.

1. before
/temp/tagged/for/team/warezpiratez/fxp/ <- no protection

2. after
/ / /./ ./COM1 / temp/tagged ./for . /team. /. warez .piratez/fxp <-
protection(still weak)

NOTE: You can be creative with this technique, make it more complex, I didn’t do it in this tutorial because den that would make you just confused. I hope this helps, and please understand. It is not hard, unless you didn’t read from de Introduction. I made this well detailed. For it to be as simple as possible.

FAQ

1. What is a SUB-DIRECTORY
- It is de folder that is second/inside anoder folder. ie. firstfolder/subdir/

2. What is a pub
- Short for public ftp. There are, no restrictions/protection on de access over files. Some have them in most cases but den uploads/downloads are denied. Some would not allow fxp.

3. What does all this mean?
- It provides de internet safer from all de deleters.

4. Who are deleters?
- Deleters are mean and NASTY people who deletes files. Consists of spammers too.

Tools Needed:

SmartFTP [ smartftp.com ]
NAPALM FTP Search Site [ search.ftphost.net ]
vcdquality.com Release Nfo Site
DAMN NFO Viewer or just notepad [www.damn.to ]

This tutorial is so i can stop answerin’ tha same questions everyday in this tutorial I’ll explain how to use search sites like NAPALM effectively. basically better search results and a quality release. We are goin’ to use a movie as de example so here we go.

First thin’ I do is try and figure who released it and if any were nuked and why most of de time you can find de NFO at de sites below

www.deisonews.com - www.nforce.nl - www.vcdquality.com
we are goin’ use vcdquality to find out NFO on Tomb Raider: The Cradle Of Life
h**p://www.vcdquality.com/index.php?imdbid=0325703

Say you chose de copy Centropy released

Here is de link to de nfo file

h**p://www.vcdquality.com/nfo.php/ctp-tr2.nfo?id=16662&show=text&save=1

If you read it you see a section that says Archives [56/56*15]

Ok so now you know your lookin’ for 2 CD’s and that are Split RAR files at 15mb each. You will also see this (( password is “drudgereportdotcom” )). Im sure that will help later so now to go find de file names by doin’ a search.

Here are some sites you can use

NAPALM - RELIZ - AMUN - FTPSpider

Im goin’ to use NAPALM for de example do an un-filtered search for “tomb raider centropy” without de quotes. But I wouldn’t recommend always searchin’ as above because de name of tha Movie/App/Game/ReleaseGroup isnt always goin’ to be in file name or url. So results could be limited but it helps on gettin’ correct file names. You should notice that de file name seems to be in this format ctp-tr1.r54 and ctp-tr2.r54. “ctp-tr1.r54″ is in a file from CD1 and “ctp-tr2.r54″ is in a file from CD2

Ok so now we know de file names, so search for ctp-tr2.r54 and you will have more streamlined results before we had over 100 results from each ftp that had this movie. With one result per file at over 50 files per cd, that would take way to lon’ to go through page by page till you get to each FTP site.

Now that we have tha search narrowed down by a sin’le file name each result is a different ftp site. Notice also that I have searched for a high number file from cd 2. The reason for this is because it is more likely that it has been fully uploaded and not missin’ any files because most people start uploadin’ from cd1 and in order of first split file .rar .r00 .r01 and NOT from cd2 and backwards .r50 .r49 .r48.

Ok that was easy enough but now we get to de hopefully not slow part of DOWNLOADING de files. Normally you can get better speeds from an anonymous server because you can use multiple connections at once. Say de server only gives ya 4k download, you may be able to connect 50 times at once and get more like 200k download, but a FTP that needs a Password and user name normally isnt that easy. The reason is normally bacause only 1 connection per IP is allowed and amount of users at one time is limited to about 15 or less, so dere are always a lon’ line of peope waitin’ to get in. Basically even if we could have more than one connection per IP, if it took 9 hours to get access you would need to wait that lon’ for each connection or thread. By de time anoder thread connected you would have probably already finished downloadin’ de file anyway.

NAPALM search site has nice search and filter option that will only show anonymous servers in de results page. Now open up SmartFTP and dere are a few options we want to be sure and change.

Tools > Settin’s > General:
Set Default Download Path to whatever you want

Tools > Settin’s > Connection:
Set Max Retries to -1 (( -1 = unlimited ))
Set Retry Delay to @ least 40 sec.*

*(( because some ftp will ban if you hammer/try and login to often ))
*(( read welcome messages on tha ftp log/status window for possible hammer rules ))

Tools > Settin’s > Connection > Keep Alive:
Make sure Keepalive is checked
Set interval to about 40
(( if set to low will be anoyin’ & to high may not be effective on some sitez ))
Highlight NOOP in de list and push Remove
Now type LIST into de box and push tha Add
(( This is de command that keepalive uses to pretend your not idle ))
(( some ftps will kick you out if you are idle to lon’ ))
(( and some still do with tha NOOP command we so have changed it to LIST
(( if you want you can change it to somethin’ better all i know is this works for me ))
(( nobody wants to sit for 9 hours waitin’ to get in den get kicked out ))

SmartFTP also has Clipboard monitorin’, so all you need to do is have smart ftp runnin’. Go Back to NAPALM. Right click a link and select “Copy Shortcut” from tha menu and smartFtp will popup and say FTP URL in clipboard detected. If you want to open that site, just cick yes.

But it can be even more simple than that if you want.

Tools > Settin’s > Display > Prompts:
Uncheck: On URL Catch
(( Now it will just open tha FTP without any prompt ))

When you are conectin’ to ftp you need to watch tha log/status window

For possibe crap links (( dead links and/or ratio sites )), dese are tha most common errorz to look for:

530 Account Disabled.
No connection could be made because de target machine actively refused it. A connection attempt failed because de connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

550 Permission denied
While tryin’ to download a file
(( this is probably a ratio site if it has everythin’ you ever wanted and more & looks to good to be true ))
(( it probably is and id just move on to tha next site ))

Anoder problem you may find on anonymous ftp is that tha files or folders are not dere. 2 reasons for that is dey were eider deleted or just moved. If dey were moved this could be a problem most people uploadin’ to anonymous ftp, made a huge maze of locked folders to hide deir files and that makes for an endless task tryin’ to find de files unless you have an application that can spider de ftp and has de capability to get through locked folders. To have a list of every file on de ftp I dont know of any public application i can recommend with that capability. But dey do exist. This app can get through locked folders and may help. It seems like a crap program, but de best i could find on google in about 5 min worth of searchin’ is:

PubView.zip - www.jtpfxp.net has nfo about dir lockin’ & breakin’ dirs

Ill go over some basic instructions on downloadin’ from Anonymous and NonAnonymous Sites, or maybe i should say sites that allow more than one connection per IP and ones that dont.

We will start with anonymous or multiple thread capable FTP

Once you have de ftp open and you see de files you want. Just drag and drop them into de Global Queue tab on de transfers window and den just push de start button. We should have de In Speed at bottom right status bar. If its not goin’ fast enough, you can adjust de amount of connections/threads you have runnin’. Keep addin’ threads until your bandwidth is maxed or until your total In Speed doesnt get any faster. Anoder thin’ you may wanna keep in mind is that you can connect to more than one ftp downloadin’ CD1 from one site and CD2 from de oder etc. for a combined speed.

Now we go onto NonAnonymous Sitez

You cant use Global Queue because you cant have multiple threads, so just right click de file or folder you want and select Download > Direct > Select Folder. Most of dese sites will be slow and could take hours maybe days to get into, so what i do is just open every sin’le result in NAPALM at de same time. I figure that i have a better chance waitin’ on 10 sites rader than 1. So when you have them all open just close out de ones that have de errors mentioned above, den you can walk away and check every so often to see if you have gotten in one yet. This is where de keepalive option helps out and of course if you happen to get into more than one at a time
just go for tha combined speed method if it is goin’ slow.

Requirements:
Serv-U
No-IP.com Website

Step 1. Gettin’ a static IP address.

Get a static address for your FTP server. You will want to do this as opposed to usin’ your IP address for several reasons. First, it�s easier keepin’ up-to-date. Imagine havin’ to change all of your settin’ every time your IP changed. With No-IP, de No-IP service runs in background on your computer and updates your current IP address with your FTP server�s URL (for example, you get rkchoolie.serveftp.com). Second reason, you don�t want your IP address posted out dere for everyone to see.

1. Go to www.No-IP.com to create a new user account.
2. Fill in de information that is required and de click Register button.
3. Your account has now been created and your account password has been emailed to you.
4. Check your email mailbox and wait for de mail that contains your password
5. Go back to www.No-IP.com and type your email address and password to login to your account.
6. Once in your account, click on Add a host in de left menu
7. Type in de Hostname you want (example: rkchoolie) and pick a Domain from de list (example: ftpserve.com)
8. Check Allow Wildcards and click de Submit button
9. You now have your static address (example: rkchoolie.serveftp.com)
10. Click on your OS link in de Dyn-Update Client in de bottom right menu and follow links to download de client
11. Once downloaded, install de software and type in your email address and password when asked.
12. Finally tick de checkbox near your static address.

You now have a static web address .

Step 2. Installin’ and settin’ de FTP server

1. Install Serv-U 4.0.
2. Start Serv-U and use de wizard to setup your ftp.
3. Click next until you’re asked for an IP address, leave it blank and den click next.
4. Type de domain name you’ve just registered above (example: preacher.serveftp.com) in de domain name field and den click Next.
5. You are asked if you want to allow anonymous access, select No and den click next.
6. You are den asked to create a named account, check yes and den click next.
7. Type in de user name you wish for this account (example: Harrie) and click next.
8. Type a password for this account (example: $p3c1aL). For security reasons, try to create a password with some letters, numbers and special characters. Then click next.
9. You will den be asked for de Home directory of de account you just created. Select de directory and den click next.
10. Select yes to lock this account to de Home directory. You want to do this so that de user can not go any furder up that his home directory. Click next.
11. The account is now set so click finish.

Step 3. Configurin’ user accounts

1. In de left tree-menu, select de account you’ve just created and den click on de General tab.
2. Check Hide �Hidden� Files.
3. Check Allow only and enter de number one in de box.
4. Set de Max. download speed to what ever you want. If this is an account that many will be usin’, set it low to save on your bandwidth. I usually have mine set between 10 � 20. If you leave it blank, users will be able to download from you at full bandwidth.
5. Set de Max no. of users to how many you want to be able to log on at one time. This depends on your connection speed but try dese (56 - 1, ISDN - 3, ADSL or cable - 5-6 users.)
6. Now, click on de Dir Access tab.
7. You should see de home folder in dere. Highlight it and make your permissions.
8. If you only want users to be able to download check only Read, List, & Inherit.
9. If you want users to be able to upload, but to only one particular folder but not download, click de add button and den select that folder. Now highlight de folder and set dese permissions on that folder. Check Write, Append, List, Create, & Inherit. Once you have made de permissions click on de up arrow that is located at de bottom right-hand corner. You want this special upload folder to be list first, before de home folder.
10. If dere is a folder that you don�t want anyone to have access to, but it is inside de home folder, den click de add button and den select that folder. Now highlight de folder and make sure that all checkboxes are left. Once you have made de permissions click on de up arrow that is located at de bottom right-hand corner. You want this no access folder to be listed at de very top.
11. There are many oder different sets of permissions you can play with. I just covered your basics.
12. Your server is now set!
13. Try loggin’ on with de username and password and see if it works.

I thought that perhaps this tutorial might be pretty helpful for those interested in knowin’ how to configure deir Bulletproof FTP Server that don’t already know how… Here’s how to get started�

This is for de BulletProof FTP Server 2.10. However, It should work fine on most followin’ versions as well.

I’m assumin’ you have it installed and cracked.

Basics
1. Start de program.
2. Click on Setup > Main > General from de pull-down menu.
3. Enter your server name into de ‘Server Name’ box. Under Connection set de �Max number of users” to any number. This is de limit as to how many users can be on your sever at any time.
4. Click on de ‘options’ tab of that same panel (on de side)
5. Look at de bottom, under IP Options. Put a check in de box �Refuse Multiple Connections from de same IP�. This will prevent one person from blockin’ your FTP to oders.
6. Also put a check in de ‘Blocked Banned IP (instead of notifyin’ client). VERY IMPORTANT! If somebody decides to ‘Hammer’ (attempt to login numerous times VERY quickly) your server/computer may CRASH if you don’t enable this.
7. Click on de ‘advanced’ tab
8. At de bottom again look at de ‘hammerin’ area’
9. Enable ‘anti-hammer’ and ‘do not reply to people hammerin’’ Set it for de followin’: Block IP 120 min if 5 connections in 60 sec. You can set this at whatever you want to but that is pretty much a standard Click ‘OK’

Addin’ Users
11. Setup > User accounts form pull-down.
12. Right click in de empty ‘User Accounts’ area on de right: choose ‘Add’
13. Enter account name. (ie: logon name)
14. In de ‘Access rights’ box right click: choose �Add�.
15. Browse until you find de directory (folder) you want to share. In de right column you will see a bunch of checkboxes. Put a check in de followin’ ones: Read, Write, Append, Make, List, and +Subdirs. Press ’select’.
16. Enter a password for your new FTP account.
17. Click on ‘Miscellaneous’ in de left column. Make sure ‘Enable Account’ is selected. Enable ‘Max Number of Users’ set it at a number oder than zero. 1 for a personal account and more that one for a group account. Enable ‘Max. no. of connects per IP’ set it at 1

18. Under ‘Files’ enable ’show relative path’ this is a security issue. A FTP client will now not be able to see de ENTIRE path of de FTP. It will only see de path from de main directory. Hide hidden flies as well.

Put a tick in both of dese.

Advanced:
You don’t need to do any of this stuff, but It will help tweak your server and help you maintain order on it. All of de followin’ will be broken down into small little areas that will tell you how to do one thin’ at a time.

Chan’in’ de Port
The default port is always 21, but you can change this. Many ISPs will routinely do a scan of its own users to find a ftp server, also when people scan for pubs dey may scan your IP, thus findin’ your ftp server. If you do decide to change it many suggest that you make de port over 10,000.
1. Setup > Main > General
2. In de ‘Connection’ Area is a settin’ labeled ‘Listen on Port Number:’
3. Make it any number you want. That will be your port number.
4. Click ‘OK’

Makin’ an ‘Upload Only’ or ‘Download Only’ ftp server.
This is for de entire SERVER, not just a user.
1. Setup > Main > Advanced
2. In de advanced window you will have de followin’ options: uploads and downloads, downloads only, and uploads only. By default upload and download will be checked. Change it to whatever you want.
3. Click ‘OK�

While you are runnin’ your server, usually you will end up spendin’ more time at your computer than you normally do. Don’t be afraid to ban IP’s. Remember, on your FTP you do as you want.

When you are online you must also select de open server button next to de on-line button which is de on-line Button

You also have to use de actual Numbered ip Address ie: 66.250.216.67

Or even Better yet, get a no-ip.com address