FTP server
8:03 AM
By
Rajashekar Reddy BusiReddy
File Transfer Protocol
File
Transfer Protocol is the one of the oldest network protocols to transfer which
is used to transfer the the files with strong security
FTp
server allows anonymous users to upload content and it will restrict the
downloading of files by anonymous users
FTP
user can download content from the FTP server that was uploaded by some
other FTP user
ActiveFTP
Your client connects to
the FTP server by establishing an FTP control connection to port 21 of the
server. Your commands such as 'ls' and 'get' are sent over this connection.
Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server, and the destination port is a high port (greaterthan1024)on the client.
Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server, and the destination port is a high port (greaterthan1024)on the client.
Thus the ls listing that you asked for comes
back over the port 20 to high port connection, not the port 21 control
connection.
FTP active mode therefore transfers data in a counter intuitive way to the TCP standard, as it selects port 20 as it's source port (not a random high port that's greater than 1024) and connects back to the client on a random high port that has been pre-negotiated on the port 21 control connection.
Active FTP may fail in cases where the client is protected from the Internet via many to one NAT .This is because the firewall will not know which of the many servers behind it should receive the return connection.
FTP active mode therefore transfers data in a counter intuitive way to the TCP standard, as it selects port 20 as it's source port (not a random high port that's greater than 1024) and connects back to the client on a random high port that has been pre-negotiated on the port 21 control connection.
Active FTP may fail in cases where the client is protected from the Internet via many to one NAT .This is because the firewall will not know which of the many servers behind it should receive the return connection.
Passive FTP
Your client
connects to the FTP server by establishing an FTP control connection to port 21
of the server. Your commands such as ls and get are sent over that connection.
Whenever the client requests data over
the control connection, the client initiates the data transfer connections to
the server. The source port of these data transfer connections is always a high
port on the client with a destination port of a high port on the server.
Passive FTP should be viewed as the server never making an active attempt to connect to the client for FTP data transfers. Because client always initiates the required connections, passive FTP works better for clients protected by a firewall.
As Windows defaults to active FTP, and Linux defaults to passive, you'll probably have to accommodate both forms when deciding upon a security policy for your FTP server
Passive FTP should be viewed as the server never making an active attempt to connect to the client for FTP data transfers. Because client always initiates the required connections, passive FTP works better for clients protected by a firewall.
As Windows defaults to active FTP, and Linux defaults to passive, you'll probably have to accommodate both forms when deciding upon a security policy for your FTP server
Regular FTP
By
default, the VSFTPD package allows regular Linux users to copy files to and
from their home directories with an FTP client using their Linux usernames and
passwords as their login credentials.
VSFTPD
also has the option of allowing this type of access to only a group of Linux
users, enabling you to restrict the addition of new files to your system to
authorized personnel.
The
disadvantage of regular FTP is that it isn't suitable for general download
distribution of software as everyone either has to get a unique Linux user
account or has to use a shared username and password. Anonymous FTP allows you
to avoid this difficulty.
Anonymous FTP
Anonymous
FTP is the choice of Web sites that need to exchange files with numerous
unknown remote users. Common uses include downloading software updates . Anonymous
FTP requires only a username of anonymous and your email address for the
password. Once logged in to a VSFTPD server, you automatically have access to
only the default anonymous FTP directory (/var/ftp in the case of VSFTPD) and
all its subdirectories.
Configuration
of FTP server
Service profile
Service: vsftpd
Package: vsftpd
Port no:20 for download
21 for upload
Configuration file: /etc/vsftpd/vsftpd.conf
/etc/vsftpd/ftpusers
/etc/vsftpd/user_list
/etc/pam.d/vsftpd
/etc/vsftpd/chroot_list
Script file: /etc/init.d/vsftpd
Daemons: vsftpd
Step:1
Install packages
[root@ftp~]#yum install
vsftpd* -y
Step:2
Create the resources on the ftp server
Create user and assign to whom you want to allow logging
through ftp `
[root@ftp~]#useradd raju
[root@ftp~]#passwd yyyyyy
Create or Copy files inside /var/ftp/pub
[root@ftp~]#cd
/var/ftp/pub
[root@pub]#touch
file[1..10]
[root@pub]#ls
Create a Upload folder for anonymous users and give full
permissions for read/write
[root@ftp~]#mkdir
/var/ftp/upload
[root@ftp~]#chmod 777
/var/ftp/upload
Step:3
Edit the main configuration
[root@ftp~]#vi
/etc/vsftpd/vsftpd.conf
anonymous_enable=YES
local_enable=YES
anon_upload_enable=YES
:wq!
[root@ftp~]#chkconfig
vsftpd on
[root@ftp~]#service
vsftpd restart
|
Stay Connected With Free Updates! Subscribe via Email
|
Follow me! 
|
Leave Your Comment Below If You Like This Post
may i know, the configuration this is for ftp right? how about sftp? i means secured ftp. how to secure it?
ReplyDeleteThe secured ftp is used to transfer the files on the secured shell.......FTP and SFTP are different protocols
ReplyDelete