1© David Morgan 2004Services:ftpd – a file transfer serverDavid Morgan© David Morgan 2004Configurable ftpd capabilities-- in /etc/ftpaccess Access – who gets in Permissions – once in what can they do Logging – what/where to log Information – what notifications to publish2© David Morgan 2004Access – by invitation only “class” statement extends access Host address must explicitly appear* User must be of approved type*“Failing to define a valid class for a host will causeaccess to be denied.”ftpaccess man page© David Morgan 2004Session setup – 2 typesmore moreliberal limitedFilessystem visibility entire partial*File upload permitted not permittedUSER/PASS commands permitted not permitted*Confined to a subdirectory presented to user as if root directory (chroot)3© David Morgan 2004Who gets which type?limitedlimitedliberal“anonymous” or “ftp”if config’edas “guest”Your regular user nameName usedto login:Resultantsession© David Morgan 2004“Type” nomenclatureanonymousguestreal“anonymous” or “ftp”if config’edas “guest”Your regular user nameName usedto login:4© David Morgan 2004/etc/ftpaccess “class” statementclass <class> <typelist> <addrglob>Name you choosefor the class youare definingList of user typesyou choose topermitList of addresses of thehosts you choose toadmit© David Morgan 2004Host class statement examplesclass all real,guest,anonymous *class inside real,guest 192.168.3class outside guest,anonymous !192.168.3class typelist addrglob5© David Morgan 2004Designating users to be treated as “guests”Guestuser <user name>Guestgroup <group name>plus/etc/group:<group name>: : : [<user name>…]or© David Morgan 2004Permissionschmod <yes|no> <typelist>delete <yes|no> <typelist>overwrite <yes|no> <typelist>rename <yes|no> <typelist>6© David Morgan 2004Other permissions download throughput restriction upload permission number-of-files transfer limit number-of-bytes transfer limit session duration limit© David Morgan 2004Logging For which kind of users?– real– anonymous– guest Log what?– ftp commands issued– files transferred– security violations attempted Log where?– xferlog– per syslog (transfers only)7© David Morgan 2004Information greeting banner message
View Full Document