1. What software do I need to run a server ?
 
You will need FTP server software. It is this program that enables people to logon to your computer and to download files. 
None of this can happen at random or at will: it is you who gives permissions, decides which files people can or cannot download, can or cannot see, etc. 
There are many server applications but the most popular ones in use in alt.2600.warez are G6, Serv-U and WarFTP.

In all cases, and not only when you are running a server of any kind, using a firewall is a good idea. 
This will prevent or at least discourage attempts to hack into your computer, to gain illegal access to it. 
A firewall also enables you to block scans from your ISP. 
Most ISP's do not condone their customers operating servers of any kind. 
Some ISP's scan ports from their customers to see if they get a reply back that is associated with a certain type of server. 
You can block these scans by adding the IP address from your ISP to your block rules and putting that rule "on top" of your list. 
Good firewalls will not respond at all: it is as if your computer simply is not there. Others will tell them that the port is closed or blocked. 
As with server applications there are many firewalls. 
Very excellent and easy to configure is AtGuard 3.22.11 (for Windows 95/98/NT/2000) or its new version Norton Personal Firewall 2001 
(Windows Millennium).. ZoneAlarm, which comes in a free flavour and a paid "Pro" version, is very easy to configure as well. 
Although opinions vary on this some people like to run a "regular" firewall, such as AtGuard, together with ZoneAlarm for added safety.
Both AtGuard/Norton Personal Firewall 2001 and ZoneAlarm feature easy to use learning modes and alert you to programs that try to access the web. 
For more information on firewalls see the relevant FAQ's.

When you are on a dial-up connection, and often when you are on DSL, your IP address changes each time you re-connect to your ISP. 
This is called a dynamic IP. In order to let people know where they can reach your server you have to post this different IP number each time. 
For you this can be nagging but especially for your regular visitors, some of which you might have given an account, 
it is not handy to not be able to add your site to their site manager. 
For this reason many people use a service that will give their server a domain name, 
while running a little application that tells this service what your current IP is - automatically. 
Some of these services are commercial, like dynip, others are free. 
A redirect service stands or falls with the accuracy and availability of its servers. The Deerfield company runs an excellent free service. 
Have a look at www.dns2go.com.

To present people with the opportunity to see what is on your site without having to browse through all the folders use a site indexer. 
Two widely used ones are Phuzz Indexer and RedFox Indexer. These will generate a site index.  


2. Preparing, organizing, indexing your FTP site 
 
Commonly people will make a folder that will hold the or most of the content of their site. For example "c:\My Site".
Within this folder make subfolders like "Games", "Internet", "Multimedia" etc. 
Depending on how many programs you have per category you can decide to make subfolders within these as well. 
"Firewalls" could be a subfolder of "Internet" if you have enough content to warrant it.
Some sites are so large that much of their content is arranged by company name. 
Norton Internet Security would not be found in the "Internet" folder but in the "Norton" folder.
If you plan on accepting uploads you will need to create a Upload folder as well. 
For this folder you need to set special permissions in your server. See the relevant FAQ's for more information on how to do so.
To avoid receiving uploads that you either already have or do not want place a Wish List text file in your FTP's root folder.

It is common practice to have a Site Index text file in your FTP's root folder.
A site index prevents people needlessly browsing through folder after folder; 
to enable them to press CTRL + F and search your site for a specific program and even browse your site offline. 
 

3. Why you should not serve on port 21 
 
Every internet protocol is associated with a standard port. The standard port for FTP servers is port 21. 
If your ISP prohibits you from running a FTP server this is one of the firsts ports they will not only scan but look for traffic on as well. 
Traffic on this port draws their attention. For this reason it is good to stay away from serving on port 21.
Naturally if your ISP allows you to run a server you can use this port anyway.

 
4. What port should I serve on 
 
Good choices for your server to run on are ports that are normally or often used for online gaming. 
Serving on a port like this more or less explains traffic on them.

Some possible ports to choose from are:

7777 Unreal, Klingon Honor Guard
7778 Unreal Tournament
22450 Sin
26000 Quake
26900 Hexen 2
26950 HexenWorld
27015 Half-life, Team Fortress Classic (TFC)
27500 QuakeWorld
27910 Quake 2
28910 Heretic 2
28000-28008 Starsiege TRIBES (TRIBES.DYNAMIX.COM)
27960 Quake 3 Arena 


5. How many users should I allow at once  

This depends on your own type of connection and on the type of users you want to allow access for. 
It also depends on the size of the average download you are providing. 
Downloading 1 MegaByte at 1 KiloByte per second is feasable; downloading 640 MegaByte at the same speed is hardly doable.

Typically, and these are only guidelines, servers running over a 56.6 telephone connection will generally allow 3 to 5 users to download.
On high speed connections you might allow up to 10 people to download without them experiencing major drawbacks in bandwith.
Many servers will also open for look accounts. 
As look accounts can only browse your site, and occasionally are allowed to download a site index and/or wish list, 
they hardly take any noticable bandwith. On almost any kind of connection you can allow 10 to 20 of them.  


6. Posting your UP message  

When you put your server up you announce this to the world by posting an UP message. 
This message can be constructed any way you see fit but should contain the following information:
Your server's IP address or redirect.
If you open for accounts only you mention this.
When you open for anonymous access you have to mention the login and password to gain access to your server.
Although more or less standard rules apply for connecting to servers posting in the newsgroup you might want to mention your 
demands for the minimum setting of the retry rate.
If you ban people on conditions such as not using a valid email to login, if you have set anonymous access up that way, 
it is fair to mention these conditions as well as what people can do if they suspect they are banned (i.e., email you, ICQ you, forgert about it, etc.)  


7. Posting your DOWN message 
 
When you close your server or take your server down it is proper and good conduct to post a message to that regard. 
It prevents people from still trying to connect to your server.
It is preferable to keep all your messages about your (current) server session in one thread. 
You achieve this by replying to your own original UP message.  


8. Should I post about/for people I banned
  
No.
The combined number of posts from all the servers that are up on this issue would easily outway any other kind of post.

Your only way to specifically mention one person hammering would be to mention a part of their IP address of that person. 
Most people not running a server are not aware of what their IP might be....
If you want to ban someone for not using a valid email as login - 
why try to contact someone who has just made clear he doesn't want to provide you with the means to be contacted?
In any case you have already provided people with the procedure to get unbanned in your UP post.....  


9. Should I post about people who upload a virus/trojan
  
Probably not. Most likely the person in question has no idea the upload contained the virus or trojan. 
You could try to contact the person in private (ICQ, email, etc.) and warn about the problem.  


10. I was port scanned - what should I do ?
 
Nothing.
If you were scanned by your ISP and you have your ISP blocked in your firewall they won't get anywhere. 
If you haven't blocked your ISP yet and your ISP prohibits you from running a server, 
add them to your block rules in your firewall and make sure your server is not operating on port 21 
(see also: "Why you should not serve on port 21" and "What port should I serve on").
If you were scanned by someone else don't worry. With more and more people have permanent, 
high-speed connections to the internet port scans are becoming a very common occurance. 
Scanners are looking for open, active ports to find a system that they can exploit. 
Usually scanners are looking for responses that indicate the presence of a trojan on your system. 
The combination of a firewall and a good anti-virus program prevent you from becoming the victim of a trojan attack. 
If no trojan is present on your system these scans are harmless.
Last but not least, in many cases what is perceived as port scans actually are your visitor's FTP clients and your server negotiating transfers. 
The actual transfer of files does not take place on the port that you are serving on but on another port, randomly chosen by the operating system.