FTP(File Transfer Protocol):
FTP stands for File Transfer Protocol. FTP is supported by all the operating systems and browsers. It is a client-server based protocol.
HOW FTP WORKS
Step a: Client connects to server on port 21.
Step b: Server responds and ask for authentication.
Step c: Client decides weather to connect passively or actively and authenticate with credentials(user name password).
Step d: If it is an active connection, server opens port 20 for data transfer and gives ftp prompt after successful authentication.
Step e: Client call for file and server initiates file transfer.
WHY FTP USES TWO PORTS
As we already discussed FTP uses 21 port for control and 20 for data transfer, this is because of many reasons such as
- Separate data transfer path so that you can still use control port do some communication with server.
- Can initiate multiple data connections without control interruptions.
- Server decides when to send data which will minimize any increase of load on server.
DIFFERENCE BETWEEN AN ACTIVE FTP AND PASSIVE FTP SERVER
FTP is a tricky protocol which uses two ports one as command port(21) and other as data port(For active FTP it is 20 and for passive port it is grater then 10000). So it boils down to which port is used for data transfer.
We will set-up and configure ftp server in CentOS 6.7. This procedure is same for all Redhat based distributions like Centos, Fedora, Scientific Linux, Oracle Linux etc.
INSTALLING FTP SERVER IN CENTOS
Step 1: We will use below host name and IP address for our test machine to setup FTP server
Server IP: 192.168.0.1
Host Name: ftp.hackonology.com
Just edit file /etc/hosts
#vi /etc/hosts
and add the line on bottom and save
192.168.0.1 ftp.hackonology.com
Step 2: Install vsftpd (very secure FTP daemon) package.
#yum install vsftpd ftp
CONFIGURING FTP SERVER IN LINUX CENTOS
Step 3: Configure vsftpd package. We will edit /etc/vsftpd/vsftpd.conf you can do this with gedit (If installed) or vi command.
#vi /etc/vsftpd/vsftpd.conf
Change the line which contain anonymous_enable=YES to anonymous_enable=NO. This will permit any one to access FTP server with authentication.
anonymous_enable=YES
Uncomment the following line
local_enable=YES allow users in /etc/passwd
to login
write_enable=YES allow users to write files. “NO” will permit only to read.
Change the line chroot_local_user=NO to chroot_local_user=YES. This will permit local user as FTP account. If you add an user, it will be treated as a FTP account as well.
The local user directory will be the FTP directory.
chroot_local_user=YES
Save the file.
Step 4: Permit Home user to FTP account
Permit FTP account directory as user home directory.
#setsebool ftp_home_dir on
Step 5: Open firewall or IP Table update so that our FTP server is accessed through 21 port.
We can do this with one of the two ways.
a) First Way: Edit the file /etc/sysconfig/iptables and add the line (Like the picture)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
than
#service iptables restart
b) or Second way: Through setup command.
#setup
Actually this will add the above line to iptables file.
Step 6: Start FTP service once you do all the above edit’s.
#service vsftpd start
To enable this service at boot time, you have to execute below chkconfig command.
#chkconfig vsftpd on
Step 7: Now the FTP server is live. We can check with ftp command. Just create a test account to do the testing.
#useradd linuxnix #passwd linuxnix Changing password for user linuxnix. New password: <Enter Password for user>
Now we will login to ftp
ftp ftp.hackonology.com
# ftp localhost Trying ::1... ftp: connect to address ::1Connection refused Trying 127.0.0.1... Connected to localhost (127.0.0.1). 220 (vsFTPd 2.2.2) Name (localhost:root): lftp ftp.hackonology.com 331 Please specify the password. Password: <Enter Password for user> 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files.
Now FTP server is ready and you do multiple file transfers from FTP as well. You can also browse your ftp server from web browser after typing below line in address bar.
ftp://ftp.hackonology.com
Let’s Join our Hacking Team
We Are Indian We Are Great
Hope this article helpful for you. Thank You
Indian Cyber Army | Make IT Secure
Enjoy…Stay Happy…Stay Secure…
Hope this article helpful for you. Thank You
If You Appreciate What We Do Here On Hackonology, You Should Consider:
Hackonology is the fastest growing and most trusted community site where you can find lots of courses, articles about Technology/Hacking/Cracking. Millions of people visit Hackonology! to search or browse the thousands of published articles available FREELY to all.
Let's be a part of Hacker's Community! Join our Hacking Team
We Are Indian We Are Great