Linux basic concepts and Personal notes summary (6)

Security code: Once dreamed similarities go Tianya, back to the head, but found or not put home care

Follow-up theory of the verification of graphic details, I will update, I hope you can refer to

Chapter 11th FTP File Transfer Service

1. FTP connection

Control connection: TCP21 port for sending FTP command information

Data connection: TCP20 port for uploading and downloading data

Type of data connection establishment:

A. Active mode: The server initiates a connection to the client from Port 20

B, Passive mode: The server in the specified range of a port passive waiting for client connections

2. Type of FTP user

Anonymous User: Anonymous or FTP

Local User: Account name, password and other information are saved in passwd, shadow file

Virtual User: Use a separate account, password data file

Note: Local Users and virtual users cannot exist simultaneously

3. vsftpd Package

A, install the package (on the Linux system installation CD)

RPM-IVH vsftpd ...

B, Services (VSFTPD) service vsftpd restart

C, master configuration file/etc/vsftpd/vsftpd.conf

D. user Control List File

/etc/vsftpd/ftpusers (blacklist)

/etc/vsftpd/user-list (Black and white list)

Note: Ftpusers is blacklisted, when User_list is whitelisted:

The user cannot access the ftpusers in both the User_list and the

The user is neither in ftpusers nor in User_list, and this user cannot access

Only users in User_list can access

anon_umask=022 (anti-mask)

Catalog Positive code: 777-022=755

File Positive code: 666-022=644

Common configuration options for virtual users:

anon_umask=022 the permission mask uploaded by the virtual user

Anon_upload_enable=yes allow uploading of files

Anon_mkdir_write_enable=yes Allow directory creation

Anon_other_write_enable=yes Open Other write rights

Anon_max_rate=0 Limit Maximum transfer rate (Bytes/sec)

Local_root=/var/ftp Setting the FTP root directory for virtual users

Anonymous access: Downloadable uploads available

Prevent conflicts, as shown in the notes:

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/86/87/wKiom1fCtUvwcBR5ABute0bqDZU454.png-wh_500x0-wm_3 -wmp_4-s_4085112177.png "title=" 90efdc79748cd35452d5b50ae8309f4f.png "alt=" Wkiom1fctuvwcbr5abute0bqdzu454.png-wh _50 "/>

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/86/87/wKiom1fCtYLxYnuiABtN4D0WHY8441.png-wh_500x0-wm_3 -wmp_4-s_68841005.png "title=" Be1458a5724011cfa322eab4396d9db6.png "alt=" Wkiom1fctylxynuiabtn4d0why8441.png-wh_ "/>

12th Chapter DNS domain name Resolution Service

DNS Service

1. Package

RPM-IVH bind-9 ... bind-chroot ...

2. Bind service Configuration

A, service script

/etc/init.d/named

Service named restart

B, Protocol port

TCP/UDP Port 53

C, master configuration file

/var/named/chroot/etc/named.conf

D. The data file that holds the DNS resolution record is located in

/var/named/chroot/var/named/

E, resource records

SOA (authoritative server), A (host, domain to IP), PTR (pointer, IP to domain name)

NS (name server), MX (mail exchange record), CNAME (alias, one host mapped to multiple host names)

3, the configuration of the primary DNS (Practice test theory)

A forward region benet.com a reverse region 192.168.1.0

A. Modify the master configuration file

Vim/var/named/chroot/etc/named.conf

Options {

Directory "/var/named";

};

Zone "Benet.com" in{

Type master;

File "Benet.com.zone";

};

Note: The underlined content can be customized, but must correspond to

Zone "1.168.192.in-addr.arpa" in {

Type master;

File "192.168.1.zone";

};

B. Creating a Forward Data file (benet.com)

Vim/var/named/chroot/var/named/benet.com.zone

$ttl 86400

@ in SOA benet.com. Admin.benet.com. (

20151014

3h

15m

1w

1d

)

In NS ns1.benet.com.

In MX 5 mail.benet.com.

NS1 in a 192.168.1.10

www in a 192.168.1.100

Mail in a 192.168.1.100

Web in CNAME www

Note: There must be soa,ns in the forward data file

can have Mx,a,cname

C. Create a reverse data file (192.168.1.0)

Vim/var/named/chroot/var/named/192.168.1.zone

$ttl 86400

@ in SOA benet.com. Admin.benet.com. (

20151014

3h

15m

1w

1d

)

In NS ns1.benet.com.

Ten in PTR ns1.benet.com.

In PTR www.benet.com.

In PTR mail.benet.com.

Note: In the reverse data file, there must be soa,ns, which can have PTR

4. Step from DNS configuration (secondary)

A, installation package

B. Modify the master configuration file

Vim/var/named/chroot/etc/named.conf

Options {

Directory "/var/named";

};

Zone "Benet.com" in {

Type slave;

Masters {192.168.1.10;};

File "Slaves/benet.com.zone";

};

C, start the service

5. Cache Server (Forwarder)

A, installation package

B. Modify the master configuration file

Vim/var/named/chroot/etc/named.conf

Options {

Forwarders {192.168.1.10;};

};

C, start the service

Prevent conflicts, as shown in the notes:

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/86/87/wKiom1fCwqTR0zs7ABOLbP44rWY362.png-wh_500x0-wm_3 -wmp_4-s_756867225.png "title=" 95ec2d707e7b582df48bdafc2e9391a9.png "alt=" Wkiom1fcwqtr0zs7abolbp44rwy362.png-wh_ "/>

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/86/87/wKioL1fCwteDfrghABjtTWwIz2I276.png-wh_500x0-wm_3 -wmp_4-s_3133379921.png "title=" 3af5bdead7bc57564fea04ecabc27b0a.png "alt=" Wkiol1fcwtedfrghabjttwwiz2i276.png-wh _50 "/>

650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M02/86/87/wKioL1fCwwXzYThaABKo_cGzVOo208.png-wh_500x0-wm_3 -wmp_4-s_4078272989.png "title=" Dab7f0230e724fe00b78fc41c8c6f131.png "alt=" Wkiol1fcwwxzythaabko_cgzvoo208.png-wh _50 "/>

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/86/87/wKiom1fCwzajMpz7ABOUXT-72nM635.png-wh_500x0-wm_3 -wmp_4-s_1808846031.png "title=" 41fb856f34927edb3b9c98f5d0b7e6c8.png "alt=" Wkiom1fcwzajmpz7abouxt-72nm635.png-wh _50 "/>

Linux basic concepts and personal notes have all been updated, I hope you can refer to, understand, digest

Again, I also sincerely bless you, the farther away, to the other side of success. Thank you!

This article is from "A Candle" blog, please be sure to keep this source http://yw666.blog.51cto.com/11977292/1843578

Linux basic concepts and Personal notes summary (6)