vsFTP in Linux

Introduction to FTP

The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet.

Regular FTP The VSFTP allows Linux users to copy files to and from their

home directories with an FTP client.

Anonymous FTP Anonymous FTP a username of ‘anonymous’ and your email

address for the password. Once logged in to a FTP server, you automatically have access

to only the default anonymous FTP directory

Start VSFTP

Use the ‘chkconfig’ command to configure VSFTP to start at boot: chkconfig vsftpd on

Use ‘service vsftpd’ to start,stop, and restart VSFTP after booting: service vsftpd start service vsftpd stop service vsftpd restart

Configuration file: /etc/vsftpd/vsftpd.conf

Anonymous FTP settings

Before going to change vsftpd.conf, remember to make a backup: cp vsftpd.conf vsftpd.conf.bak

anonymous_enable=YES Allow Anonymous

anon_upload_enable=YES Allow Anonymous upload

anon_mkdir_write_enable=YES Allow Anonymous upload to create directory

Anonymous FTP settings (2)

no_anon_password=YES Do not ask password for anonymous login

anon_max_rate=30000 Limit the transfer rate of anonymous, e.g.

30000 = 30k byte per second

anon_root=/data/directory Directory for anonymous is ‘/var/ftp’

Local users’ settings

local_enable=YES Allow Linux users to use VSFTPD

chroot_list_enable=YES VSFTPD will use a file to limit some users to

change their home directories after login

chroot_list_file=/etc/vsftpd/chroot_list A text file which contain a list of Linux usernames. These users will limit to their home directories

Local users’ settings (2)

userlist_deny=YES VSFTPD will use a file to reject some users.

userlist_file=/etc/vsftpd/user_list A text file which contain a list of Linux

usernames which DO NOT allow to use VSFTP.

local_max_rate=30000 Limit the transfer rate of local user, e.g. 30000 =

30k byte per second

Other Settings

max_clients=10 Limiting the maximum number of client connections

max_per_ip=1 Limiting the number of connections by same IP address

idle_session_timeout=600 Disconnect the idle connection after 600 seconds.

xferlog_enable=YES Record all the file transfer records.

xferlog_file=/var/log/vsftpd.log Filename and directory of log file.

Limit the access on hosts

FTP server usually can use tcp_wrappers to allow or deny a host’s access.Add this statement to vsftpd.conf: tcp_wrappers = yes

Under /etc, create a new file hosts.deny:

If you want to allow a specific host, create a hosts.allow with same format.Power of hosts.allow > hosts.deny

vsftpd : 192.168.1.0/24 192.168.0.2vsftpd : .vtc.edu.hk alan.ict.edu.hk

Samba – Windows File Server in Linux

Introduction of Samba

Samba is a server that allows your Linux to share files with Windows.

Samba can make your Linux into a Windows Primary Domain Controller (PDC) or a server for a Windows Workgroup.

Samba can make users to access their Linux home directory with Windows.

Start Samba

Use the ‘chkconfig’ command to configure Samba to start at boot: chkconfig smb on

Use ‘service smb’ to start,stop, and restart Samba after booting: service smb start service smb stop service smb restart

Configuration file: /etc/samba/smb.conf

Swat – tools to configure Samba

Before going to change smb.conf, remember to make a backup: cp smb.conf smb.conf.bak

Swat, Samba's web based configuration tool enables you configure your smb.conf file without you needing to remember all the formatting.

Configuration file of swat: /etc/xinetd.d/swat

Configure Swat

To limit the use of swat, add ‘only_from’ statement to swat configuration file.

In above case, only allow localhost and PC with IP 192.168.1.3 .

service swat{    port            = 901    socket_type     = stream    protocol        = tcp    wait            = no    user            = root    server          = /usr/sbin/swat    log_on_failure  += USERID    disable         = no    only_from       = localhost 192.168.1.3}

[global] section

workgroup = tyict The name of the Windows domain we'll create.

server string = Linux Samba Server Server Description (show on browser)

netbios name = mySamba1 Computer Name show on network browser

[global] section (2)

client code page = 950 Important! View Chinese filename in

Windows.

log file = /var/log/samba/log.%m Log filename and location.

max log size = 500 File size of log file, 500 = 500Kb

[global] section (3)

security = user User level security (request username and

password), strongly recommended.

encrypt passwords = yes Protect your password

smb passwd file = /etc/samba/smbpasswd Filename and location of password file

[homes] section

read only = No Allows the samba user to also write to their Samba Linux

directory.browseable = No Doesn't allow others to browse the contents of the directory

create mode = 0744 Makes new files created by the user to have “744"

permissions. You want to change this to "0700" so that only the login user has access to files.

directory mode = 0755 Makes new sub-directories created by the user to have "775"

permissions. You want to change this to "0700" so that only the login user has access to directories.

[MyShare] section

You can create a new section to share a folder in Linux.

Sample configuration:

public = yes Allow all samba users to access this share.

[MyShare]      path         = /share/pub    read only    = no    public       = yes    writable = yes    create mode = 0664    directory mode = 0775

Samba Users

A Linux user cannot directly use Samba’s share folders.We need to convert a Linux user to a Samba user: smbpasswd -a linuxuser

smbpasswd -d username Disable a user

smbpasswd -e username Enable a disabled user

smbpasswd -x username Delete a user

We cannot add a NON LINUX USER!

IIS – Internet Information Service in WindowsXP

Professional

http, ftp services in WindowsXP

IIS is an additional functions of Windows XP Professional.

You cannot find this service in Windows XP Home.

This service allow only ten connections.

For enterprise purpose, you should use IIS of Windows 2003 Server.

http service

Open the ‘Start Menu’ and go to ‘Programs’ > ‘Administrative Tools’ > ‘Internet Services Manager’.

Once the IIS page opens, find the name of the computer and click the plus (+) sign next to it.

This will display the FTP, HTTP, and SMTP Virtual Server icons.

Click on the ‘Default Web Site icon’ to display the default web site contents and the directories where the content files are stored.

http service (2)Right-click the ‘Default Web Site icon’ and choose ‘Properties’.From this page, the user can configure all the properties and control what will be displayed on the HTTP site.You will find that the default home page is ‘default.htm’ and the folder contain ‘wwwroot’ is ‘C:\inetpub’.

AIM&IT

Summary/ Conclusion

Detailed Summary or Conclusion about Data Communication

AIM&IT

Question & Answers

Question & Answer for the session