Vous êtes sur la page 1sur 26

vsFTP in Linux

Introduction to FTP
The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet. Regular FTP

The VSFTP allows Linux users to copy files to and from their home directories with an FTP client. Anonymous FTP a username of anonymous and your email address for the password. Once logged in to a FTP server, you automatically have access to only the default anonymous FTP directory

Anonymous FTP

Use the chkconfig command to configure VSFTP to start at boot:

chkconfig vsftpd on

Use service vsftpd to start,stop, and restart VSFTP after booting:

service vsftpd start service vsftpd stop service vsftpd restart

Configuration file: /etc/vsftpd/vsftpd.conf

Anonymous FTP settings

Before going to change vsftpd.conf, remember to make a backup:

cp vsftpd.conf vsftpd.conf.bak Allow Anonymous Allow Anonymous upload Allow Anonymous upload to create directory




Anonymous FTP settings (2)


Do not ask password for anonymous login


Limit the transfer rate of anonymous, e.g. 30000 = 30k byte per second
Directory for anonymous is /var/ftp


Local users settings


Allow Linux users to use VSFTPD


VSFTPD will use a file to limit some users to change their home directories after login

A text file which contain a list of Linux usernames. These users will limit to their home directories

Local users settings (2)


VSFTPD will use a file to reject some users.


A text file which contain a list of Linux usernames which DO NOT allow to use VSFTP.
Limit the transfer rate of local user, e.g. 30000 = 30k byte per second


Other Settings

Limiting the maximum number of client connections


Limiting the number of connections by same IP address

Disconnect the idle connection after 600 seconds. Record all the file transfer records. Filename and directory of log file.




Limit the access on hosts

FTP server usually can use tcp_wrappers to allow or deny a hosts access. Add this statement to vsftpd.conf:

tcp_wrappers = yes

vsftpd : vsftpd : .vtc.edu.hk alan.ict.edu.hk

Under /etc, create a new file hosts.deny:

If you want to allow a specific host, create a hosts.allow with same format.

Samba Windows File Server in Linux

Introduction of Samba
Samba is a server that allows your Linux to share files with Windows. Samba can make your Linux into a Windows Primary Domain Controller (PDC) or a server for a Windows Workgroup. Samba can make users to access their Linux home directory with Windows.

Start Samba
Use the chkconfig command to configure Samba to start at boot:

chkconfig smb on

Use service smb to start,stop, and restart Samba after booting:

service smb start service smb stop service smb restart

Configuration file: /etc/samba/smb.conf

Swat tools to configure Samba

Before going to change smb.conf, remember to make a backup:

cp smb.conf smb.conf.bak

Swat, Samba's web based configuration tool enables you configure your smb.conf file without you needing to remember all the formatting. Configuration file of swat: /etc/xinetd.d/swat

Configure Swat
To limit the use of swat, add only_from service swat statement to swat configuration file. {
port socket_type protocol wait user server log_on_failure disable only_from } = 901 = stream = tcp = no = root = /usr/sbin/swat += USERID = no = localhost

In above case, only allow localhost and PC

[global] section
workgroup = tyict

The name of the Windows domain we'll create.

server string = Linux Samba Server

Server Description (show on browser)

Computer Name show on network browser

netbios name = mySamba1

[global] section (2)

client code page = 950

Important! View Chinese filename in Windows. Log filename and location. File size of log file, 500 = 500Kb

log file = /var/log/samba/log.%m

max log size = 500

[global] section (3)

security = user

User level security (request username and password), strongly recommended. Protect your password Filename and location of password file

encrypt passwords = yes

smb passwd file = /etc/samba/smbpasswd

[homes] section
read only = No

Allows the samba user to also write to their Samba Linux directory.

browseable = No

Doesn't allow others to browse the contents of the directory

Makes new files created by the user to have 744" permissions. You want to change this to "0700" so that only the login user has access to files. Makes new sub-directories created by the user to have "775" permissions. You want to change this to "0700" so that only the login user has access to directories.

create mode = 0744

directory mode = 0755

[MyShare] section
You can create a new section to share a folder in Linux. [MyShare] Sample configuration: path = /share/pub
read only = public = writable = create mode directory mode no yes yes = 0664 = 0775

public = yes

Samba Users
A Linux user cannot directly use Sambas share folders. We need to convert a Linux user to a Samba user:

smbpasswd -a linuxuser Disable a user

smbpasswd -d username

smbpasswd -e username

Enable a disabled user

Delete a user

smbpasswd -x username

We cannot add a NON LINUX USER!

IIS Internet Information Service in WindowsXP Professional

http, ftp services in WindowsXP

IIS is an additional functions of Windows XP Professional. You cannot find this service in Windows XP Home. This service allow only ten connections. For enterprise purpose, you should use IIS of Windows 2003 Server.

http service
Open the Start Menu and go to Programs > Administrative Tools > Internet Services Manager. Once the IIS page opens, find the name of the computer and click the plus (+) sign next to it. This will display the FTP, HTTP, and SMTP Virtual Server icons. Click on the Default Web Site icon to

http service (2)

Right-click the Default Web Site icon and choose Properties. From this page, the user can configure all the properties and control what will be displayed on the HTTP site. You will find that the default home page is default.htm and the folder contain wwwroot is C:\inetpub.

Summary/ Conclusion
Detailed Summary or Conclusion about Data Communication


Question & Answers

Question & Answer for the session