FILE README.TXT FOR SERV-U BETAS
================================

IMPORTANT NOTE: THIS IS A BETA VERSION! THIS MEANS THERE MAY BE MORE 
BUGS THAN WOULD BE ACCEPTABLE IN A RELEASE VERSION, AND IT IS PRIMARILY 
INTENDED FOR TESTING. ALSO, THIS BETA VERSION DOES NOT COME WITH THE 
USUAL AUTOMATED INSTALL PROGRAM NOR DOCUMENTATION, AND IS *NOT* 
INTENDED FOR FIRST-TIME SERV-U USERS. PLEASE SEE 
FTP://FTP.CAT-SOFT.COM/ FOR THE CURRENT RELEASE VERSION. 

IF YOU FOUND THIS BETA VIA A DOWNLOAD SERVICE PLEASE PASS THEIR URL ON 
TO ME (ROB@CAT-SOFT.COM) SO I CAN POINT OUT TO THEM THEY SHOULD NOT 
DISTRIBITE THE BETA VERSION BUT LINK TO THE RELEASE VERSION INSTEAD.

The current beta version is v2.4a build 2. Please see the VERSION.TXT 
file for a full list of changes between versions. To use the beta 
version, simply copy it over an existing Serv-U executable. The file 
SERV-U16.ZIP contains the 16-bit version, SERV-U32.ZIP contains the 
32-bit SERV-U.EXE program. Please report any problems or bugs to 
Rob@cat-soft.com. 

If you want to be kept informed about new beta test versions of Serv-U
please subscribe to the beta mailing list by sending a message to:

        beta-request@cat-soft.com

with a single line in the message body, reading:

        subscribe

You should receive notification of your subscription within a minute or 
so, and every message posted to the beta list will have instructions on 
how to unsubscribe.

NOTABLE CHANGES
===============

A complete list of changes can be found in the VERSION.TXT file for the 
current beta. Below follows a description of some of the more interesting
changes and some notes on how to use new features.

OTP S/KEY
---------
These cryptive terms stand for "One Time Password", and S/KEY is a form 
of one-time password orgininally invented by the Naval Research 
Laboratories. 

Normally FTP sends all passwords via the network in clear-text. Anyone 
with a packet sniffer at the right place can see them. OTP changes 
this, it never sends a password over the network. Instead, it sends a 
one-way encrypted version of the password called 'hash' over the net. 
There is no way known to man to retrieve the original password from 
this hash, so it is pretty safe. 

This beta of Serv-U supports a popular form of OTP, S/KEY (which in 
turn comes in two variants, MD4 and MD5, which is about the hash 
function it uses and both are supported in Serv-U). You can enable 
S/KEY for individual user accounts via the 'setup - users - 
miscellaneous' menu choice. Don't forget to type in a new password for 
that user in case you are storing passwords in encrypted form since 
Serv-U needs to know the password when using S/KEY.

To use S/KEY you either need a FTP client which implicitely supports it 
(The only one I know is FTP Voyager, see www.ftpvoyager.com), or a 
client which lets you intercept the USER response and manually enter 
your password each time you log in (The command line FTP client will 
do). In the latter case you need the S/KEY 'calculator' which you can 
also find in the beta directory on ftp.cat-soft.com. It's use is 
trivial.

Links
-----
There has been a change in Serv-U handling of "links". In case a link 
points to the user's current directory it will no longer show up in 
directory listings. In other words, if you have a link "TempDir" which 
points to c:\temp, this link will not show when the user lists c:\temp.

This change was made to avoid infinite recursion by some FTP clients 
when they download entire directory trees and the same links show up in 
every directory.

User interface changes
----------------------
To make life somewhat easier there have been a number of user interface 
changes. First, in the 32-bit version only, there is a button in the 
disk quota setup to preset the 'current' quota value with whatever is 
present in the user's home directory and all dirs below it.

Next change is in 'setup - logging' where you can now choose your very 
own log font.

The final change is in the multi-homed IP setup in 'setup - server - IP 
homes' where a drop down list is added with all the server's current IP 
addresses. 

New message directives
----------------------
Serv-U supports three new message directives for use in messages:

   %LoggedInAll     - total no. of logged in users since server 
                      start
   %ServerAvg       - average bandwidth used by the server since server 
                      start
   %ServerKBps      - current server bandwidth use

Multi-homed IP
--------------
For sites that have multiple IP homes set up things have been made 
slightly easier. This build adds support for a descriptive name, which 
is also shown in the user setup. Anything goes for the name, typically 
one would put the symbolica IP name of the address in there but any 
text will work. See the 'setup - server - IP homes' menu choice.
 
The same dialogbox has one more entry, for an IP address to use for 
passive data transfers. More about this in the next section.

Passive data transfer redirection
---------------------------------
The dialogbox in 'setup - server - IP homes' lets you enter an 
(optional) IP address which Serv-U can use to redirect passive data 
transfers. Those are initiated by the FTP command "PASV". Normally the 
server tells the client to connect to the server's IP address for 
passive transfers but this won't work in case the server is behind a 
firewall/proxy server with IP redirection. By setting up the proper IP 
address under which the outside client can reach the server passive 
transfers can be made to work. Of course, the firewall/proxy server 
needs to be set up to properly forward those incoming connections.

For a multi-homed setup each home IP can have its own redirection IP. 
In case the server has only a single IP address but passive redirection 
is needed this can be done by setting up a home-IP for the server's 
address with the required address for passive transfers. The user 
accounts do not need to be specifically set to this home-IP, any 
passive transfer request involving the server's IP will be redirected.
