Tips ： When the article is finished , Directories can be generated automatically , How to generate it, please refer to the help document on the right

One 、FTP

1. summary

        FTP (File TransferProtocol, File transfer protocol ) Is a typical C/S Application layer protocol of architecture , The server software is required 、 The two parts of the client software jointly realize the file transfer function .FTP The connection between the client and the server is reliable , Connection oriented , It provides reliable guarantee for data transmission .TCP  agreement :20,21 port

        FTP It's a file transfer protocol , It supports two modes , One way is called Standard ( That is to say Active, Active way ), One is Passive( That is to say PASV, Passive way ).Standard Pattern FTP The client sends PORT Order to FTP server. Passive Pattern FTP The client sends PASV Order to FTP Server

(1)Standard Pattern

       FTP The client first communicates with FTP Server Of TCP 21 Port establish connection , Send commands through this channel , When the client needs to receive data, it will send it on this channel PORT command .
       PORT The command contains what port the client uses to receive data . When transmitting data , Server side through their own TCP 20 Port send data .FTP  server A new connection must be established with the client to transmit data .

(2)Passive Pattern

        When establishing control channels and Standard Similar model , When the client sends through this channel PASV When ordered ,FTP   server Open a window located in 1024 and 15000 And notify the client of the request to transmit data on this port , then FTP server Data will be transmitted through this port , This is the time ETP  server There is no need to establish a new connection with the client .

2. Build and configure FTP service

build FTP The server

1) Experimental environment

The server : CentOS 7  System ip: network address
client : Win10        System ip: network address
very secure ftlp

2) Software installation
linux In the system , yes vsftpd carry for ftp Service for ( No dependency packages , Directly yum install , It can also be installed on CD )

yum install -y vsftpd

3) The configuration file

/etc/ vsftpd/ vsftpd. conf          ftp The main profile of the server
/etc/pam.d/vsftpd
/etc/vsftpd/ ftpusers                No login user list , Default root Unable to land
/etc/vsftpd/user_ user name           You can set that only users in this list can log in , If the same user at the same time                                           Appear in the ftpusers and user_ user name     Then the user is also forbidden to log in , Take the strictest Authority .
/var/ ftp                                   ftp Root directory , Default login location
/var/ ftp/pub .

4) user
① Anonymous users : anonymous/ftp Default on , The password is empty.
② Local users : linux Users in the system ( You can log in directly without configuration, but there are security risks )
③ Virtual user : Customized virtual users ( Configuration is troublesome but relatively safe )

5) Opening service
systemctl start vsftpd

6) Anonymous users can download but not upload by default , Modify anonymous user permissions to upload

modify /etc/vsftpd/vsftpd.conf, Turn on anon _upload_ enable-YES
modify /var/ ftp/pub by 777 jurisdiction , Do not modify /var/ftp Otherwise, you cannot log in

7) allow root land .
modify /etc/vsftpd/ ftpusers, take root notes
modify /etc/vsftpd/vsftpd.conf, Add a row userlist_ _deny-NO
Restart the service .

8) Lock the user's home directory and do not switch at will
modify /etc/vsftpd/ vsftpd. conf
chroot_ local_ user-YES            uncomment , Lock the home directory , But if the home directory has write permission ftp Will refuse to connect
allow writeable chroot-YES        Add this line

(9) Restart the service
tepdump -i ens33 -nnX port 21 
 -nn: Directly to IP And portnumber Show , Instead of hostname and service name
-X : You can list hexadecimals (hex) as well as ASCII Contents of the package , It is very useful for monitoring the contents of packets

3. Check the information

yum info vsftpd

FTP (File Transfer Protocol: File transfer protocol ) effect : Internet The protocol used to transfer documents on .
VSFTP Full name (very secure FTP )
VSFTP Pattern : C/S Pattern
FTP The server defaults to TCP Agreed 20、21 Port to communicate with the client
20 Ports are used to establish data connections , And transfer file data
21 Ports are used to establish control connections , And transmit FTP Control command
FTP Data connection is divided into active mode and passive mode
Active mode : The server initiates the data connection actively
Passive mode : The server passively waits for data connections

Opening service , Turn off firewalls and enhanced security X
systemctl stop firewalld
setenforce 0
rpm  -qa l grep vsftp

yum install -y vsftpd
cd /etc/ vsftpd/
cp vsftpd. conf vsftpd. conf .bak

4. Set anonymous user access to FTP service ( Maximum authority )

1) Modify the configuration file
vim /etc/vs ftpd/vsftpd. conf
anonymous_ enable-YES            Enable anonymous user access . The default is on (FTP)
write_ enable=YES                      Open server write permissions ( To upload , Must be turned on ). The default is on

anon_ umask=022                            Set the permission mask for anonymous users to upload data ( Unmask ).
anon_ upload_ enable-YES            Allow anonymous users . Upload files . Default annotated , Need to uncomment
anon_ mkdir_ write_ enable=YES    Allow anonymous users to create (. Upload ) Catalog . Default E notes , Need to uncomment
anon_ other_ write_enable=YEs      Allow others to delete 、 rename 、 Covering and other operations . Need to add
chmod 777 /var/ftp/pub/                    Access is anonymous ftp Under the root directory of pub Set the maximum permissions for subdirectories , In order to                                                           Users upload data

2) Opening service , Turn off firewalls and enhanced security

systemctl start vsftpd .
systemctl stop firewalld
setenforce 0

3) Anonymous access testing
stay windows The system opens the start menu , Input cmd Command opens the command prompt
establish ftp Connect
ftp network address
Anonymous access , The user is called ftp, The password is empty. , Just press enter to complete the login
ftp> pwd                Anonymous access ftp The root month of is recorded as Linux Systematic /var/ftp/ Catalog
ftp> ls                    View current directory
ftp> cd pub            Switch to pub Catalog
ftp> get file name       Download the file to the current Windows Local directory
ftp> put file name       Upload files to ftp Catalog
ftp> quit                sign out

 yum install -y vsftpd

 vim vsftpd.conf

  Opening service , Turn off firewalls and enhanced security

  verification

stay Windows The system opens the start menu , Input cmd Command opens the command prompt