Archive for Networking

FTP server configuration on Redhat

How To Download And Install The VSFTP Package:

RedHat and Fedora software is installed using RPM packages. As of this writing, the most recent Fedora version used a VSFTP RPM file is named:

# vsftpd-1.2.0-5.i386.rpm

Now download the file to a directory such as /tmp and install it using the rpm command:

[root@bigboy tmp]# rpm -Uvh vsftpd-1.2.0-5.i386.rpm
Preparing… ########################################## [100%]
1:vsftpd     ########################################## [100%]

[root@bigboy tmp]#

How To Get VSFTP Started

Redhat Version 9, Fedora Core 1And Newer

You can start/stop/restart vsftpd after booting by using the following commands:

[root@bigboy tmp]# /etc/init.d/vsftpd start
[root@bigboy tmp]# /etc/init.d/vsftpd stop
[root@bigboy tmp]# /etc/init.d/vsftpd restart

To get vsftpd configured to start at boot:

[root@bigboy tmp]# chkconfig –level 345 vsftpd on

Testing To See If VSFTP Is Running

[root@bigboy root]# netstat -a | grep ftp
tcp        0        0        *:ftp         *:*        LISTEN
[root@bigboy root]#


Configuring The VSFTP as anonymous:

# vi /etc/vsftpd/vsftpd.conf

anonymous_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
xferlog_enable=YES

Other vsftpd.conf Options

There are many other options you can add to this file including:

Limiting the maximum number of client connections (max_clients)

Limiting the number of connections by source IP address (max_per_ip)

The maximum rate of data transfer per anonymous login. (anon_max_rate)

The maximum rate of data transfer per non-anonymous login. (local_max_rate)

Descriptions on this and more can be found in the vsftpd.conf man pages.

The /etc/vsftpd.ftpusers File

For added security you may restrict FTP access to certain users by adding them to the list of users in this file. Do not delete entries from the default list, it is best to add.

Anonymous Upload

If you want remote users to write data to your FTP server then it is recommended you create a write-only directory within /var/ftp/pub. This will allow your users to upload, but not access other files uploaded by other users. Here are the commands to do this:


[root@bigboy tmp]# mkdir /var/ftp/pub/upload
[root@bigboy tmp]# chmod 733 /var/ftp/pub/upload

FTP Greeting Banner

Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have.


ftpd_banner= New Banner Here

Configuring The VSFTP as Sucure Users:

# vi /etc/vsftpd/vsftpd.conf

# anonymous_enable=YES
local_enable=YES
write_enable=YES
# anon_upload_enable=YES
# anon_mkdir_write_enable=YES
xferlog_enable=YES

FTP Users With Only Read Access To A Shared Directory:

Create a user group and shared directory. In this case well use “/home/ftp-users” and a user group name of “ftp-users” for the remote users.

[root@bigboy tmp]# groupadd ftp-users
[root@bigboy tmp]# mkdir /home/ftp-docs

Make the directory accessible to the ftp-users group.

[root@bigboy tmp]# chmod 750 /home/ftp-docs
[root@bigboy tmp]# chown root:ftp-users /home/ftp-docs

Add users, and make their default directory /home/ftp-docs

[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user1
[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user2
[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user3
[root@bigboy tmp]# useradd -g ftp-users -d /home/ftp-docs user4
[root@bigboy tmp]# passwd user1
[root@bigboy tmp]# passwd user2

[root@bigboy tmp]# passwd user3
[root@bigboy tmp]# passwd user4

Change the permissions of the files in the /home/ftp-docs directory for read only access by the group

[root@bigboy tmp]# touch /home/ftp-docs/abc
[root@bigboy tmp]# chown root:ftp-users /home/ftp-docs/*
[root@bigboy tmp]# chmod 740 /home/ftp-docs/*

Users should now be able to log in via ftp to the server using their new user names and passwords. If you absolutely don’t want any FTP users to be able to write to any directory then you should comment out the write_enable line in your vsftpd.conf file like this:

#write_enable=YES

Restart vsftp for the configuration file changes to take effect.

Sample Login Session To Test Funtionality

Check for the presence of a test file on the ftp client server.

[root@smallfry tmp]# ls
total 1
-rw-r–r– 1 root root 0 Jan 4 09:08 testfile


[root@smallfry tmp]#

Now we have to keep the file in location:

# cd /home/ftp-docs/ that will be downloaded.

Advertisements

Comments (2)

DNS configuration at Debian 4.0

Hello, today some while ago i configured a DNS on Debian successfully. I ma writting this post using my DNS. Here is the configuration method of DNS.

Step1. At the very beginning I installed the package bind9 that is used for configuring DNS at Debian. I just write down the command,

apt-get install bind9

It will install the package bind9 within few minutes and now, we are ready to configure our DNS server.

Edit file named.conf in directory /etc/bind . And in this tutor, the domain is test.com.

vi /etc/bind/named.conf

Here we have to add the following lines at the end last ‘Zone’ paragraph.

zone “test.com” {
type master;
file “/etc/bind/test”;
};

zone “1.62.10.in-addr.arpa.” {
type master;
file “/etc/bind/reverse”;
};

after it, save and exit with type “:wq!”

and now we have to make the zone file and reverse zone file, in directory as we edited in file named.conf

vi /etc/bind/test
and you have to put some configuration like this;

$TTL 604800
1.62.10.in-addr.arpa. IN SOA debian. root.test.com. (

1 ;

Serial 604800 ;

Refresh 86400 ;

Retry 2419200 ;

Exipire 604800 ) ;

Negative Cache TTL
;
@ IN NS debian.test.com.
@ IN MX 10 debian.test.com.
debian IN A 10.62.1.100
www IN CNAME debian.test.com.

then save and exit, with type “:wq!

after it, you must create reverse zone file

vi /etc/bind/reverse
then put some configuration like this;

test’s zone file :
$TTL 64800
@ IN SOA debian root.test.com (
1 ;

serial 7200 ;

refresh 7200 ;

retry 36000 ;

expire 7200 ) ;

mimimum
;
@ IN NS debian.test.com.

debian IN A 10.62.1.100

100 IN PTR debian.test.com.

then save and exit, with type “:wq!

and now you should configure dns resolver.

Edit file of directory /etc/resolv.conf
and put some configuration there!


vi /etc/resolv.conf


And add the following lines.

search test.com
nameserver 10.62.1.100

then save and exit with type “:wq!

and now you should configure the host file.

vi /etc/hosts

put some configuration there!

127.0.0.1 localhost
10.62.1.100 debian.test.com debian

Note: IP address in that domain is 10.62.1.100
and that host has domain test.com
Hope to get suggestion from you.

Leave a Comment

Some useful commands at Windows

You can run the following commands to directly open these programs

appwiz.cpl >>Add/Remove Programs
desk.cpl >> Display Properties
firewall.cpl >> Firewall Settings
inetcpl.cpl >> Internet Options
mmsys.cpl >> Sound and Audio
ncpa.cpl >> Network Connections
nusrmgr.cpl >> User Accounts
powercfg.cpl >> Power Options
sysdm.cpl >>System Properties
wscui.cpl >> Security Center
wuaucpl.cpl >> Automatic Updates Configuration

Leave a Comment

Selecting default OS to boot at Debian

We can do this by changing the configuration at grub file. At red hat the grub file is /etc/grub.conf file. But at Debian it resides at different location. To change the grub configuration you have to edit /boot/grub/menu.lst file. Normally Debian OS is the default bootable OS. To change this we have find out a line

default 0

here , I changed 0 to 3, as my windows system was 4th line at the seletion menu of grub loader.

And then save and exit the file. And it worked nicely.

For very freshers, we can change the same thing at redhat at /etc/grub.conf file and you will get it done.

Any tips about grub configuration will be highly appreciated.

Leave a Comment

Hiding desktop properties on a domain

Yesterday I got a problem of hiding desktop on a domain. Many companies do this at their domain. We can do these using active directory group policy. To do such things we can follow the following steps on your AD server.

1. Click Start, click Run, and then type gpedit.msc.

2. Under Local Computer Policy, expand User Configuration, expand Administrative Templates, expand Desktop, and then click Active Desktop.

3. Double-click Active Desktop Wallpaper.

4. On the Setting tab, click Enabled, type the path to the desktop wallpaper that you want to use, and then click OK.
I worked like this on my domain. The server OS is Windows 2003 server.
Hope that it may come useful to you. I need your suggestion and tips regarding active directory as I am a new at windows AD.

Leave a Comment

why runlevel-4 didn’t use?

Today I have got this comment from one of my friend. One thing I want to clear you that, run levels are not same for all linux version. Suppose here is usage of run level 4 at different versions:
Redhat/Fedora          Normally not used (user definable).

SUSE                        Normally not used (user definable).

Slackware                 Full multi-user with display manager

Gentoo Linux            Aliased for runlevel 3 (Full multi-user with display manager)

System V                  Multi-user, user-defined

Solaris                     Alternative multi-user, user-defined

HP-UX                     Multi-user with VUE started instead of CDE

In fine we may say that in maximum cases run level 4 is user defined. Runlevel 4 is usually a “custom” level. By default it will start a few more services than level 3. This level is usually only used under special circumstances.

Leave a Comment

Clonning a MAC address of NIC at linux

To clone a MAC address of a NIC at Linux we can use the following commands.

1. We have to get down the interface in which we are going to clone. Here we are clonning on interface eth0.

#ifdown eth0

2. Now we will add the MAC address at the interface eth0 with the following command.

#ifconfig eth0 hw ether 00:05:5B:33:A3:15

3. Now bring the interface up.

#ifup eth0

If we want to use the MAC permanently we can add the three command at /etc/rc.local file .

Comments (2)

Older Posts »