0
What is FTP Server?

FTP ( File Transfer Protocol ) it is Standard network protocol & used for file transferring protocol.
Or other miens 
File Transfer Protocol is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server.

Interdiction of FTP Server:
The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet. Most web based download sites use the built in FTP capabilities of web browsers and therefore most server oriented operating systems usually include an FTP server application as part of the software suite. Linux is no exception. 

Step by Step :


FTP Server

This section covers the File Transport Protocol (FTP) information needed for both the RHCSA and RHCE exams.

FTP Server : Installation

Issue the following command to install the FTP server.
# yum install vsftpd
Turn on the FTP server and make sure it starts automatically on reboot.
# service vsftpd start
# chkconfig vsftpd on
The FTP server is now installed and running. The FTP configuration files are located under the "/etc/vsftpd" directory, specifically the "/etc/vsftpd/vsftpd.conf" file. The default directory for anonymous connections is "/var/ftp". Changes to the "/etc/vsftpd/vsftpd.conf" file have to be followed by a reload or a restart of the httpd service.
# service vsftpd reload
# # OR
# service vsftpd restart

FTP Server : Firewall

You need to punch a hole in the firewall for port 21 to make sure the FTP server can be accessed from the network. There are several ways to do this:
  • The "Firewall Configuration" dialog from the menu (System > Administration > Firewall) or initiated from the command line by running the system-config-firewall command. On the "Trusted Services" section, scroll down the list and check the "FTP" option, then click the "Apply" button.
  • The text-based "Firewall Configuration" utility (system-config-firewall-tui). This is the text-based version of the above dialog.
  • Using the iptables service directly, as described here. In this case we could need the following entry.
    iptables -A INPUT -p tcp --dport 21 -j ACCEPT

FTP Server : SELinux

If you are using SELinux, you will need to consider the following points.
The SELinux booleans associated with the vsftpd service are displayed using the getsebool command.
# getsebool -a | grep ftpd
allow_ftpd_anon_write --> off
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> off
ftpd_connect_db --> off
ftpd_use_passive_mode --> off
#
The setsebool command is used to set a specific boolean value.
# setsebool ftpd_use_passive_mode on
# setsebool ftpd_use_passive_mode off
The public_content_t context should be assigned to all public content.
# semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"
# restorecon -F -R -v /var/ftp
You can check the current context setting on files and directories using the "ls -alZ" command.
More information on SELinux can be found here.

FTP Server : Security

By default the FTP installation allows anonymous access, which is potentially dangerous. This is fine for the RHCSA exam, but on real servers you would probably want to disable anonymous access. To do this, edit the "/etc/vsftpd/vsftpd.conf" file, setting the "anonymous_enable" entry as follows.
anonymous_enable=NO
local_enable=YES
The "local_enable" options indicates that local user accounts can be used for authentication.
Restart or reload the FTP service for the changes to take effect.
# service vsftpd reload
The RHCE exam has a requirement for configuring an anonymous-only download FTP server. This can be done by setting the following values in the "/etc/vsftpd/vsftpd.conf" file, then restarting the service.
anonymous_enable=YES
anon_upload_enable=NO
local_enable=NO
Try and ping ftp server connect for Example :


Go on client system and check banner it will appear before user login




 EndCall:
FTP is a very useful software application that can have enormous benefit to a Web site or to collaborative computing in which files need to be shared between business partners. Although insecure, it is universally accessible, because FTP clients are a part of all operating systems and Web browsers. If data encryption security is of great importance to you, then you should probably consider SCP as a possible alternative

For more information :




Post a Comment

 
Top