Q. What is FTP?
FTP is a file transfer protocol,
used to share files and directories.
Q: How to deny specific user’s
access to the FTP Server?
To deny specific users access to
the FTP server, add their usernames to the /etc/vsftpd/ftpusers file. By
default, system users such as root and nobody are included in this list.
Q: Can we create logs for ftp
authenticated sessions?
Yes, If the xferlog_enable
directive in vsftpd.conf is set to YES, file transfers using the FTP protocol
are logged to /var/log/xferlog. Information such as a time stamp, IP address of
the client, the file being transferred, and the username of the person who
authenticated the connection is included in the log entry.
Q: What is meaning of max_clients
parameter ?
Maximum number of clients that
can connect at one time. If set to 0, the number of clients is unlimited.
Q: On which port VSFTP server
works ?
FTP uses two ports, 20 and 21. By
default, the FTP server listens for requests on port 21. After a connection is
established, the client sends commands to the server on port 21. However, port
20 is used when the server sends data back to the client.
Q: How to restart VSFTP server ?
service vsftpd restart
Q: How to allow Anonymous FTP ?
Anonymous FTP is enabled by
default by setting the anonymous_enable directive in /etc/vsftpd/vsftpd.conf to
YES.
Q: - For Redhat Linux or Fedora
which package is required for FTP service?
Red Hat Enterprise Linux 6 or
FEDORA includes the vsftpd FTP service.
Q: How to allow Anonymous FTP ?
Anonymous FTP is enabled by
default by setting the anonymous_enable directive in
/etc/vsftpd/vsftpd.conf to YES.
Q: - For Redhat Linux or Fedora
which package is required for FTP service ?
Red Hat Enterprise Linux 6 or
FEDORA includes the vsftpd FTP service.
Check this below command, before
installing FTP packages.
Rpm -qa | grep vsftpd
yum install vsftpd* -y --------->to install vsftpd package
Q: - Important Configuration file
for vsftp server?
The FTP server uses the
/etc/vsftpd/vsftpd.conf configuration file
Q: - What is Passive mode?
Passive mode, like active mode,
is initiated by the FTP client application. When requesting data from the
server, the FTP client indicates it wants to access the data in passive mode
and the server provides the IP address and a random, unprivileged port (greater
than 1024) on the server. The client then connects to that port on the server
to download the requested information.
When enabled, vsftpd attempts to
maintain login sessions for each user through Pluggable Authentication Modules
(PAM).
Q: - Is there any way to monitor
clients connected to vsftpd?
Yes. We actually have two
slightly different methods to monitor vsftpd clients. First, make sure you have
enabled the config option, "setproctitle_enable=YES" like in our
example above and restart your vsftpd server. Then run the command "watch
ps -Cvsftpd -o user, pid, stime, cmd" to watch the processes including ip,
username and actions like idle or data retrieval.
Q: - How to restrict some IP's
not use my FTP server?
go to /etc/hosts.deny
write,
vsftpd: .example.com (or) ip
addresses
save it and do the following
service vsftpd restart
chkconfig vsftpd on
Q. How much data can be send in a
Single FTP session?
The amount of data which can be
send is infinite. FTP uses TCP. The TCP channel can be used until the complete
data is transferred. Multiple TCP segments can be used within the same TCP channel.
Q. Can an IP packet carry FTP
data?
An IP packet is a carrier
protocol used for carrying application layer data. The FTP data is packaged in
TCP, which is sent to the intended recipient using the IP protocol in an IP
based network
Q. How does Active FTP
communication Work?
When a FTP client initiates a
connection with FTP server in Active FTP mode, initially the FTP client
initiates tcp 3 way handshake with the FTP server. This is initiated to port 21
on the server and is referred to as the control connection. Once the control
connection is successful, the client responds with the port command to the
server, which contains the port number to which the server needs to initiate
the second TCP connection. The server initiates the connection ( 2ND tcp 3 way
handshake) from port 20 on it to the port number provided by the client. This
is known as data connection. Once the data connection is successful, the data
transmission can commence.
Q. How many TCP connections are
used by Active and Passive FTP respectively?
Both Active and Passive FTP uses
two TCP connections
Q. Why does Active FTP not work
when a firewall is involved between the client and the server?
In Active FTP , once the FTP
client establishes the connectivity with the server, the server initiates the
data connection to the client. This is a TCP connection which is initiated from
a system (FTP Server) which resides outside the network. All traffic initiated
from outside is considered as untrusted, and the firewall would drop it by
default.
Q. How does Passive FTP resolve
the issue with firewalls?
In Passive FTP, the FTP client
initiates the connection with the server and not the FTP server with the
client. Since the client is residing within the network , the connection is
considered as trusted by the firewall.
Q. In Active FTP, which TCP port
is used for initiating the control channel
Port 21
