VSFTP is an abbreviation for very secure FTP. It is divided into active mode and passive mode, and the port is divided into command port (21) and data port.
In active mode: 1. The client opens a command channel with a random port x greater than 1024 and a 21 port on the FTP server.
2. When the client has a data transfer requirement, turn on the random port y greater than 1024 again and tell the FTP server via the command channel
The 3.FTP server actively connects the client's port y via TCP's 3-time handshake
In passive mode: 1. The client opens a command channel with a random port x greater than 1024 and a 21 port on the FTP server.
2. When the client has data transfer requirements, the request is sent through the command channel.
3. After the server accepts the request, open a random port y greater than 1024 and tell the client
4. After the client receives the notification, it opens a random port x greater than 1024, and then establishes a connection with the server Port Y.
Experiment begins:
Purpose: To satisfy both anonymous and real-name users, and to "upload", "delete", "rename" the operation.
VSFTPD.CONF configuration:
anonymous_enable=yesanon_root=/var/ftp/pub/local_enable=yeswrite_enable= yesanon_upload_enable=yesanon_mkdir_write_enable=yesanon_other_write_enable= Yesdirmessage_enable=yesxferlog_enable=yesconnect_from_port_20=yesxferlog_std_ Format=Yeslisten=yespam_service_name=vsftpduserlist_enable=yestcp_ Wrappers=yes
Test real-Name users first:
Useradd-s/sbin/nologin FTP1
echo FTP1 |passwd FTP1--stdin
Touch/home/ftp1/helloworld.txt
It takes a lot of time to focus on testing anonymous users.
Summary down is not directly to the Anon_root directory 777 permissions, you must establish a new directory under this directory, and then give the FTP user rwx permissions to this directory
Like what:
Mkdir/var/ftp/pub/anon
chmod 777/var/ftp/pub/anon//other permissions must be 7
Chwon FTP. /var/ftp/pub/anon This step is not necessary
That is, although the user and group of the files created by anonymous users are FTP, you do chown ftp. And chmod 770 is useless and must have permission others. This is weird ...
The construction of VSFTP server under Linux