10 Advance VsFTP Ajụjụ na Azịza ajụjụ ọnụ - Nkebi II


Azịza anyị nwetara na akụkọ ikpeazụ anyị juru anyị anya. Ebe anyị webatara ajụjụ 10 mara mma na Protocol mbufe faịlụ echekwara nke ọma. Na-aga n'ihu akụkọ ajụjụ ọnụ VSFTP anyị na-ewetara gị ajụjụ ajụjụ ọnụ 10 ọzọ ga-enyere gị aka.

  1. 10 Ajụjụ/Azịza ajụjụ ọnụ Vsftp bụ isi – Nkebi nke Mbụ

Biko mara na a na-eji faịlụ vsftpd.conf iji chịkwaa akụkụ dị iche iche nke nhazi dịka akọwapụtara n'isiokwu a. Site na ndabara, vsftpd na-achọ faịlụ nhazi n'okpuru /etc/vsftpd/vsftpd.conf. Agbanyeghị, usoro faịlụ dị mfe ma nwee nkọwa ma ọ bụ ntuziaka. Ahịrị ikwu okwu na-amalite site na '#' leghaara anya yana ahịrị ntuziaka nwere usoro a.

option=value

Tupu anyị ebido ajụjụ na azịza ha kọwara nke ọma, anyị ga-achọ ịza ajụjụ \Ònye ga-aga ajụjụ ọnụ FTP? Ọ dị mma, ọ nweghị onye ga-aga ajụjụ ọnụ FTP. jikwaa usoro nhazi nke mere na N'ajụjụ ọnụ ọ bụla, ị gaghị enweta ajụjụ ọhụrụ nke ị na-agaghị ama na isiokwu/isiokwu ọ bụla anyị kpuchiri ebe a.

Mepee faịlụ '/etc/hosts.deny'.

# vi /etc/hosts.deny

Tinye akara na-esonụ na ala nke faịlụ na adreesị IP nke ịchọrọ igbochi ịnweta FTP.

#
# hosts.deny    This file contains access rules which are used to
#               deny connections to network services that either use
#               the tcp_wrappers library or that have been
#               started through a tcp_wrappers-enabled xinetd.
#
#               The rules in this file can also be set up in
#               /etc/hosts.allow with a 'deny' option instead.
#
#               See 'man 5 hosts_options' and 'man 5 hosts_access'
#               for information on rule syntax.
#               See 'man tcpd' for information on tcp_wrappers
#
vsftpd:172.16.16.1

Ka igbochi FTP ịnweta otu adreesị IP, tinye iwu dobe na-esonụ na iptables INPUT yinye.

iptables -A RH-Firewall-1-INPUT -p tcp -s 172.16.16.1 -m state --state NEW -m tcp --dport 21 -j DROP
# Add this line to enable secured SSL connection to anonymous users.
allow_anon_ssl=YES
# Uncomment this to enable any form of FTP write command.
write_enable=YES
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
# Add this line to enable read only permission to anonymous users.
allow_anon_ssl=YES
# Add this line to chmod all anonymous uploads automatically.
chmod_enable=YES
# Add this line to disable directory listing.
dirlist_enable=NO
# Add this line to maintain session logins.
session_support=YES
# Add this line to display directory listing in local time zone.
usr_localtime=YES
# Add this line to limit the ftp transfer rate.
anon_max_rate=0 # 0 means unlimited
# Add this line to set the ftp timeout session.
idle_session_timeout=300

Nke ahụ bụ ihe niile ugbu a. Anyị ga-abịa isiokwu na-esote n'oge na-adịghị anya, ruo mgbe ahụ nọrọ na nche na jikọọ ma echefula ịnye anyị nzaghachi bara uru gị na ngalaba nkọwa anyị.