Webdav Raiders

on Windows 2003 server R2 Generally, file sharing is usually carried out in the LAN through the file protocol, which is common file sharing; on the Internet, it is usually done using ftp or http protocol. However, the use of http is generally only one-way sharing, which is not convenient for file uploading, and ftp is traditionally used. But windows server can also use webdav (web-based distributed authoring and versioning) for file sharing.

webdav is a communication protocol based on http 1.1. It adds some extensions to http 1.1 (that is, adding some new methods in addition to several http standard methods such as get, post, and head), so that the application can directly write the file to the web server, and when writing the file, Lock the file, unlock the file after writing, and support version control of the file. It is said that it is expected to replace ftp and become the standard method for moving files on the internet.

This article describes the specific method of configuring Webdav on Windows 2003 server R2? IIS. WebDAV (WebDistributedAuthoringandVersioning) extends the functionality of the HTTP 1.1 communication protocol, allowing users with appropriate permissions to manage files in the WebDAV folder of remote websites directly through browsers and network neighborhoods. We follow the steps below to explain how the WebDAV feature is used. Start the WebDAV function on the website. Create the WebDAV virtual directory? WebDAV client settings? WebDAV Redirector? WebDAV security policy? 1. Start the WebDAV function on the website. For security reasons, IIS does not start the WebDAV function by default, so it must be In addition to activate it, start "“IIS Manager", expand the local computer, select "Web Service Extension", right click on the right side of Figure 1 "WebDAV", select the "Allow" path to start WebDAV feature. Figure 1 Start WebDAV function on the website 2. Create WebDAV virtual directory WebDAV function is realized by virtual directory, so you should first create a folder for the virtual directory, we set the folder name to WebDAV, you can also Use a different name. Next we will create a virtual directory on the website, assuming that the website to start the WebDAV function is "default website". Step 1 Select Start & ldquo; IIS Manager, expand your local computer, select “Website", right-click “Default Web Site", select “New”→“Virtual Directory”. Step 2 appears when you are welcome to use the Virtual Directory Creation Wizard & Screen; click the Next button. Step 3 In Figure 2, set the alias of this virtual directory (for example, WebDAV), and then select the real folder corresponding to this virtual directory. Figure 2 Creating a WebDAV Virtual Directory Step 4 Select the permissions for "Write" & "Browse" in Figure 3. Figure 3 Setting Access Rights Step 5 appears “When you have successfully completed the Virtual Directory Creation Wizard” screen, click the Finish button. 3. WebDAV client settings WebDAV client computer must run the "WebClient" service, in Windows Server 2003R2, you can choose "Start", right-click "My Computer", select "Computer Management", Then check to see if the "WebClient" service has been started as shown in Figure 4. If it is not already activated, please activate it by right clicking on the service and selecting “Start & rdquo;. If the service is disabled, first change it to “automatic> or<quo;manual” and then activate. Figure 4 Enable “WebClient" Service Users can connect to the WebDAV virtual directory on their computer via Internet Explorer or "Network Neighborhood". IE browser mode? Please start Internet Explorer to select the "Files" menu, select "Open", then enter the URL and select "Open as a Web folder", as shown in Figure 5, enter the permission connection Username and password for the WebDAV folder. Figure 5 IE settings will see the screen shown in Figure 6, you can access the files in this WebDAV folder, such as adding, modifying, deleting files. Figure 6 Using IE way Network Neighborhood mode? Take WindowsServer2003 as an example, select “Start”→“Windows Explorer”→"Network Neighborhood", double-click “Add Network Neighborhood”. At this point, there will be one more network connection in the “Network Neighborhood” (see Figure 7). Users can click this connection to access files in the WebDAV folder, such as adding, modifying, and deleting files. Figure 7 Network Neighborhood Mode? 4.WebDAV Redirector (Redirection) WebDAV Redirector (Redirect) is a remote file system based on the WebDAV communication protocol, which allows Windows Server 2003, Windows XP clients to connect and access by means of mapped network drives. WebDAV folder. For example, in Windows XP Professional, you can connect to the WebDAV folder by opening the "Windows Explorer" &rarquo;“Tools”→“Map Network Drive", the specified drive is Z:, The path is \\\\Website's IP address\\WebDAV or \\\\computername\\WebDAV. The actual folder corresponding to the WebDAV virtual directory does not need to be set as a shared folder. Figure 8 shows the screen that is seen through “Windows Explorer after the connection is successful. Figure 8 WebDAV Redirector (Redirecting) Description: The WebDAV-enabled website must be a pure WebDAV website. All headers created by FrontPage must be removed. Right-click on the website and select “Properties"→“HTTP header ”, clear all the headers in the "custom HTTP header". 5. WebDAV Security Policy In order to ensure the security of files in the WebDAV folder, the security measures must be set separately for the WebDAV virtual directory and its corresponding real folder. WebDAV virtual directory permissions start "IIS Manager", then right click on the WebDAV virtual directory, select "properties", set permissions as shown in Figure 9, where "directory browsing" allows users to see WebDAV The files in the folder. Figure 9 Setting WebDAV Security Policy If you select “Script Resource Access", the user will have the ability to modify the script file in the WebADV folder. In addition to the virtual directory permissions here, you also need to rely on NTFS permissions to determine if the user has permission to access files in the WebDAV folder. The NTFS permissions of the WebDAV folder give the user the appropriate NTFS permissions. First, please set the Everyone group to have only the permission to read ” and then give the user the right to write ” for example, we give the user the permission to write to User”. Select the method to verify the user's identity to start "IIS Manager", then right click on the WebDAV virtual directory, select "Attributes" & "&rar;; directory security" <; Edit button, then select the verification method through Figure 10. Please do not select “Enable anonymous access" to avoid incurring attacks. Please select a safer verification method below the screen and select “Integrated Windows Authentication”. Figure 10 Integrated Windows Authentication

Attached to webdav and ftp: ? ftp requires an operating system account. Webdav does not need to apply for any operating system account, it uses a self-defined security-enhanced authentication mechanism. All data of ftp (including login information) is transmitted in plain text. Encryption must be implemented by itself. For example, gpg can be used to do this manually, but it is still inconvenient. With webdav, you can use https to transfer data. The encryption and decryption operations are done automatically at the lower level. Ftp transfer data transfer efficiency is relatively low, a new tcp connection needs to be opened for each file transfer, and webdav only needs one tcp connection to transfer all files. ? ftp is not as easy to traverse the firewall as http, and the scope of application in the WAN is much smaller than http. And webdav has all the advantages of http because it is based on http. The ftp client tool does not have the convenience of the webdav client tool. You have just seen that after the webdav server is configured, accessing the web folder via the windows folder of windows 2000/xp is not much different from accessing the local folder. If your application supports the webdav protocol (for example, word 2000), you can open the files in the web folder and edit them, then save them directly in the original web folder.