1, FTP Introduction
In network applications, the most widely undoubtedly the WWW and FTP both. File Transport Protocol FTP is the abbreviation for File Transfer Protocol, FTP server to the network to provide file transfer services. FTP server, object-based services can be divided into anonymous server (Anonymous FtpServer) and the system FTP server. The former can be used by anyone, which can only be in the FTP server who have a legitimate account to use.
Second, ProFTPD Introduction
Currently under UNIX and LINUX, free FTP server software used primarily Wu-FTP and ProFTP both. Wu-FTP is widely used in many Unix and Linux systems, RedHat Linux is the default FTP server software, but was found to have quite a lot of security holes. ProFTP is the weakness for the Wu-FTP was developed, in addition to improved security, but also many Wu-FTP with no features, such as the setting is simple, able to run, etc. Stand-alone mode. ProFTP has become the Wu-FTP after the most popular FTP server software, more and more sites use it to build safe and efficient FTP site, TurboLinux is an example.
3, ProFTP settings
Set goals: to IP as 10.0.8.39 for RedHat Linux configured for FTP server, and allow anonymous access to anonymous FTP servers, and only allows the same network segment (10.0.8 .*) computer on the FTP's "incoming" directory has " Write "permissions.
ProFTP the latest version can be downloaded from the www.proftpd.org. Here we are with a stable 1.2.1 version of the rpm installation package as an example (source code compilation is also very easy) to be explained.
The first step: Configure a basic anonymous server
Download the 1.2.1 rpm, the window in Gnome right-click the file, click the "Show info", view the rpm package of some information, here we must note that the default installation path of some files, such as / usr / local / etc / proftpd.conf (ProFTPD configuration file), / usr / sbin / proftpd (with stand-alone model run Proftpd command), / usr/doc/proftpd-1.2.1 (Proftpd configuration example of the document and file directory ), and then double-click the rpm package to install the software.
If you're like me, when installing RedHat Linux7.0 selected the FTP service, you come to install the Wu-FTP software to delete. Enter "rpm-e anonftp" and "rpm-e wu-ftpd" remove existing FTP service.
ProFTP After installation, edit / usr / local / etc / proftpd.conf, find the "Group nobody", to "Group nobody", because RedHat Linux7.0 not "nobody" in the group. Stop here, a provider of anonymous FTP server service already running. Enter "proftpd" running FTP service, then "ftp 10.0.8.39" to "anonymous" login to see whether the normal login. In general, all able to log in..
Step Two: Configure incoming directory permissions
Open proftpd.conf, add the following between paragraphs in and settings:
Order allow, deny
Allow from 10.0.8.
Deny from all
That the incoming this subdirectory, this segment from the 10.0.8 client login has write "WRITE" permission, other people, such as permission to write to the directory is prohibited. If you want to open to all users write permission, so long as the content between and replaced "Allowall".
4, FTP server related commands
1, ftpshut: Close FTP service, and in / etc under the generated file shutmsg. To re-open FTP service, the / etc / shutmsg deleted.
2, ftpcout: FTP server online information display.
3, ftpwho: FTP server online staff list.
Appendix: Proftpd.conf text and explain
# This is a basic ProFTPD configuration file (rename it to
# 'Proftpd.conf' for actual use. It establishes a single server
# And a single anonymous login. It assumes that you have a user / group
# "Nobody" and "ftp" for normal operation and anon.
ServerName "MY REDHAT LINUX FTP" # set the FTP server name
ServerType standalone # set the FTP to Standalone mode, rather than dameon mode
DefaultServer on # default FTP server work
# Port 21 is the standard FTP port.
Port 21 # FTP service port occupied by default
# Umask 022 is a good standard umask to prevent new dirs and files
# From being group and world writable.
Umask 022 # default
RequireValidShell off # to ensure the normal anonymous user login, do not change
ServerIdent off # ftp server version information is not displayed to enhance security
# To prevent DoS attacks, set the maximum number of child processes
# To 30. If you need to allow more than 30 concurrent connections
# At once, simply increase this value. Note that this ONLY works
# In standalone mode, in inetd mode you should use an inetd server
# That allows you to limit maximum number of processes per service
# (Such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User nobody # set FTP service to run nobody
Group nobody # Note: originally "Group nobody", must be changed to "Group nobody"
# Normally, we want files to be overwriteable.
AllowOverwrite on
# A basic anonymous configuration, no upload directories. Here is a anonymous service settings.
User ftp # anonymous ftp user login to use
Group ftp # Group anonymous ftp login to use
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous guest # alias for anonymous ftp users, making users anonymous ftp login is to login.
# Limit the maximum number of anonymous logins
MaxClients 10 # up to 10 anonymous users online
# We want 'welcome.msg' displayed at login, and '. Message' displayed
# In each newly chdired directory.
DisplayLogin welcome.msg # Log FTP welcome message displayed. Root directory on the FTP.
DisplayFirstChdir. Message
# Limit WRITE everywhere in the anonymous chroot
# Description see text.
Order allow, deny