Anonymous ftp Server and xinetd
Services
Requirements
Make sure you have the required rpm packages on your system
-
If not, then install the following packages
# rpm -Uvh xinetd*
# rpm -Uvh wu-ftpd*
# rpm -Uvh anonftp*
Make sure xinetd and wu-ftpd are configured to start
at boot time
Start xinetd now
Check to make sure the service has started
Configure the anonymous ftp server to permit uploads by anonymous
users
-
Create a special directory for incoming files
-
Lock down permissions on that directory
# cd /var/ftp
# mkdir incoming
# chown root.daemon
incoming
# chmod 773
incoming
# ls -ld incoming
drwxrwx-wx 2 root daemon
1024 Aug 6 16:44 incoming
-
What permissions do the anonymous users
have?
-
Why do you think this is wise?
Configure uploading in the /etc/ftpacccess file
-
Add this line to the bottom of the file
upload
/var/ftp /incoming yes root daemon 0400 nodirs
-
Users will be able to write in the directory but not to read
the contents of the directory.
Testing Configuration
-
Work with a partner and have your partner ftp to your server
-
Can your partner read the incoming directory?
-
Can your partner drop files into incoming?
-
Check the transfer log file, /var/log/xferlog
ftp commands
-
uploading and downloading
put: uploads into the current directory from the current
local directory
mput: expand wild cards
get: downloads from the current directory to the current
local directory
mget: expand wild cards
cd: change directory on ftp
server
lcd: change directory on local machine
-
File transfer type
ascii: text file such as html, htm, perl scripts,
pgp scripts
binary: binary file such as gif, jpg, rpms
help: information on all the available commands
quit or bye: quit
user: to enter your user account
ls somefile: prints a listing to somefile
on local machine
prompt: toggles interacive prompting
Restricting access with host-based
security
Configuration files:
/etc/hosts.allow
/etc/hosts.deny
/etc/xinetd.d/wu-ftpd
/etc/xinetd.conf