5. Network Configuration and FTP service notes

IP address: Ipv4 2*32 Ipv6

TCP Network Communication Protocol

UDP User Datagram Protocol

Common network ports:

FTP Service file sharing

SSH Service secure remote network management

Telnet Service

SMTP: Simple Mail Transfer Protocol

POP3: Post Office Agreement receive letter

www Web Services

3306 MySQL Port

The DNS port

/etc/services common ports for all systems

Number of ports TCP 65535 UDP 65535

Gateway: (Gateway) Inter-Network connector, protocol Converter

Dns:domain Name System

Domain-to-IP forward parsing

IP-to-domain reverse resolution

Beijing Netcom: 202.106.0.20 Guangzhou Telecom: 202.96.128.143 114dns:114.114.114.114

Network configuration

One IP address configuration

1 Setup (graphics command settings) Permanent IP

#vim/etc/sysconfig/network-scripts/ifcfg-eth0

Onboot=yes

#service Network Restart

2 ifconfig eth0 IP netmask Mask is temporarily in effect

#ifconfig eth0 192.168.172.251 Temporary IP

3 NIC configuration file

1)/etc/sysconfig/network-scripts/ifcfg-eth0 Network card information file

Device=eth0 NIC Device Name

Bootproto=none whether the IP is automatically acquired. None: Not valid static: manual DHCP: Dynamic acquisition of IP

BROADCAST=192.168.140.255 Broadcast Address Wall

Hwaddr=00:0c:29:21:80:48 MAC Address

ipaddr=192.168.140.253 IP Address

Ipv6init=yes IPV6 Open

Ipv6_autoconf=yes IPv6 Get

netmask=255.255.255.0 Mask

network=192.168.140.0 Network Segment

Onboot=yes Network card boot up

Type=ethernet Ethernet

gateway=192.168.140.1 Gateway

2)/etc/sysconfig/network hostname configuration file is permanently active, but you want to restart the NIC

Hostname

Hostname=localhost.localdomain temporarily Modify host name

Hostname Viewing host names

#vim/etc/sysconfig/network Permanently modified

Hostname=lampbrother

3)/etc/resolv.conf DNS configuration file

#vim/etc/resolv.conf
NameServer 8.8.8.8

Two network commands

1 Ifconfig viewing network card information

Ifup eth0

Ifdown eth0 quickly turn the NIC on and off

3 Route View Route (set Gateway)

Route add default GW 192.168.140.1 manually set (add) gateway for temporary effect

Route del default GW 192.168.190.6 Delete Gateway

4 netstat to view network status commands

#netstat-an View network status

#netstat-tlun (t tcp u UDP L Listen) view TCP and UDP protocol listening ports

#netstat-rn to view the route default route (Gateway)

Netstat-an | grep established | Wc-l count the number of network connections being connected

5 Ping IP Detection network unobstructed

#ping-C 5-s 192.168.172.250-s packet size
ICMP protocol Test Network Connectivity Protocol

6 traceroute IP or domain name probe/trace network packet transmission path

#traceroute 192.168.172.200

VSFTP Server Setup

Introduction to a File server

ftp: Used in intranet and public network. Server: Windows,linux client: Windows,linux

Server Setup:

1 FTP Software

Linux:wu-ftp early, not too safe

PROFTP Enhanced FTP Tool

Vsftp secure, powerful software ISO image file

Windows IIS under Windows Web Building service, can build FTP service

Serv-u Dedicated FTP server

2 principle

Turn on the 21 command transfer Port TCP protocol

20 Data port

3 FTP Users

1) FTP Allow login user System user password: System password

Upload location:/home/home Directory

2) anonymous user anonymous/ftp

Hostname: IP user name: blank password: empty or email address port: 21

Upload location:/var/ftp/

Two-Installation

#mount/dev/sr0/mnt/cdrom
#cd/mnt/cdrom/packages/

Rpm-ivh vsftpd ...... or yum install vsftpd-y

Three related documents

/etc/vsftpd/vsftpd.conf configuration file

/etc/vsftpd/ftpusers user access control files are not accessible to users who write to this file

/etc/vsftpd/chroot_list need to manually establish whether to restrict the user to the home directory  

Four configuration file configuration changing the configuration file requires a service restart  

/etc/vsftpd/vsftpd.conf

Ftpd_banner=welcome to 172 PHP blah FTP service.

1 Host-related configuration

Listen_port=21 Listening Port

Connect_from_port_20=yes Data port

Ftpd_banner= Welcome Information

Turn off the firewall #setup
Turn off SELinux #vim/etc/selinux/config
Selinux=disabled
#reboot

#service vsftpd Start Service
#netstat-tlun
#netstat-an | Grep:21 viewing ports

2 Anonymous user logon is recognized as an FTP user under Linux

Anonymous_enable=yes allow anonymous users to log on

Test: 1 Windows window
Anonymous User Login ftp://192.168.172.251
/var/ftp/pub
System User login Ftp://[email protected]

2 third-party tools FileZilla

3 Local Users

1) Modify the configuration file
#vim/etc/vsftpd/vsftpd.conf

Chroot_local_user=yes
Chroot_list_enable=yes
Chroot_list_file=/etc/vsftpd/chroot_list

2) manually set up/etc/vsftpd/chroot_list
#vim/etc/vsftpd/chroot_list
Daliwa

Local_enable=yes allow system users to log on

Write_enable=yes Allow uploads

local_umask=022 Default Upload Permissions

local_max_rate=300 Upload speed limit

4 restricting user access to the directory

Chroot_local_user=yes only this sentence, all users restricted under the home directory

Chroot_local_user=yes If there are three words, only the user in the file chroot_list can access any directory, other users restrict the home directory

Chroot_list_enable=yes

Chroot_list_file=/etc/vsftpd/chroot_list

Useradd Zhangsan

passwd Zhangsan      

Five FTP clients using SELinux firewall shutdown

Restart Service vsftpd restart

Test FileZilla Huluwa Login
Daliwa Login Comparison

Main documents:
/etc/vsftpd/vsftpd.conf configuration file
/etc/vsftpd/chroot_list Allow access to files
/etc/vsftpd/ftpusers prohibit user access to file root Disable login security

1. Login with command

FTP IP

Get file name download

Put filename upload cannot upload and download directories

Help

2. Using Windows window

ftp://User name @ip

3. Log in using a third-party tool

FileZilla

SSH Secure Login Port 22

An online encryption tool

Asymmetric key pair encryption  

Install the default installation OpenSSH port 22

Boot default boot service sshd restart

Configuration file/etc/ssh/sshd_config

Two SSH remote secure online

SSH User name @ip

Connection method
Windows-linux Xshell $ssh [email protected]

Linux #ssh [email protected]2

Three SCP network replication, Network File transfer Linux->linux

1 Downloads

SCP User name @ip: path Local Path

SCP [Email Protected]:/root/abc/root

scp-r [email protected]:/root/11/root download Directory

#scp [email protected]:/root/httpd-2.2.29.tar.gz/root/download file
#scp-R [email protected]:/root/mulu//root/Download Directory

2 uploads

SCP local file or directory user name @ip: path

Scp-r/ROOT/11 [email protected]:/root upload Directory

#scp t.log [email protected]:/root/upload file
#scp-R/etc/[email protected]:/root/upload directory

5. Network Configuration and FTP service notes