VERY SECURE TRANSFER PROTOCOL DAEMON(VSFTPD)
Features:
1. FTPD
2. Chroot jail
3. anonymous and local-user auth
4. Rate-limiting
Tasks:
1. Install 'vsftpd'
•yum -y install vsftpd
2. Start the server
•service vsftpd start
•b. netstat -ntlp | grep 21
3. Configure service to start when system boots into multi-user runlevel
•chkconfig vsftpd on
•b. chkconfig --list vsftpd
4. Connect to the FTPD service:
•Use web browser, which defaults to anonymous
•Use standard FTP client, as anonymous
•setsebool -P ftp_home_dir=1 - permits users access to their home directory
•service vsftpd restart - for changes to take effect
5. Chroot jail local users & disable 'anonymous' access
•chroot_local_user=YES - this jails users
•service vsftpd restart - for changes to take effect
•test connectivity as 'anonymous' and 'non-anonymous' users
6. Enable IPv6 listener:
•listen_ipv6=YES - DO NOT USE WITH 'listen=YES(IPv4)'
7. Restrict 'non-anonymous' user's transfer rate
•local_max_rate=1000 - restricts connections to 1000/bps (1K/s)
No comments:
Post a Comment