10 Ci gaba VsFTP Tambayoyi da Amsoshi - Kashi na II

Mun shaku da martanin da muka samu akan labarinmu na ƙarshe. Inda muka gabatar da tambaya mai ban sha'awa guda 10 akan ƙa'idar Canja wurin Fayil Mai Amintacce. Ci gaba da labarin hira na VSFTP muna nan muna gabatar muku da wasu Tambayoyin Tambayoyi na Gaba guda 10 waɗanda tabbas zasu taimake ku.

1. Tambaya/Amsoshi Tambayoyin Tambayoyi na Vsftp 10 - Sashe na I

Lura ana amfani da fayil ɗin vsftpd.conf don sarrafa sassa daban-daban na daidaitawa kamar yadda aka ƙayyade a wannan labarin. Ta hanyar tsoho, vsftpd yana bincika fayil ɗin sanyi a ƙarƙashin /etc/vsftpd/vsftpd.conf. Koyaya, tsarin fayil ɗin yana da sauƙin gaske kuma yana ɗauke da sharhi ko umarni. Layukan tsokaci suna farawa da ''#' an yi watsi da su kuma layin umarni yana da tsari mai zuwa.

option=value

Kafin mu fara Tambaya da Amsar su da kyau za mu so mu amsa tambaya \Wane ne zai halarci Hirar FTP? To babu wanda zai iya halarta. kiyaye tsari na tsari ta yadda a kowace Hira, ba za ku sami sabuwar tambaya wacce ba za ku sani ba kan kowane batutuwa/ batutuwa da muka rufe a nan.

Bude fayil '/etc/hosts.deny'.

# vi /etc/hosts.deny

Saka layin da ke biyo baya a kasan fayil ɗin tare da adireshin IP wanda kake son toshe damar zuwa FTP.

#
# hosts.deny    This file contains access rules which are used to
#               deny connections to network services that either use
#               the tcp_wrappers library or that have been
#               started through a tcp_wrappers-enabled xinetd.
#
#               The rules in this file can also be set up in
#               /etc/hosts.allow with a 'deny' option instead.
#
#               See 'man 5 hosts_options' and 'man 5 hosts_access'
#               for information on rule syntax.
#               See 'man tcpd' for information on tcp_wrappers
#
vsftpd:172.16.16.1

Don toshe damar FTP zuwa wani adireshin IP na musamman, ƙara ƙa'idar digo mai zuwa zuwa sarkar INPUT na iptables.

iptables -A RH-Firewall-1-INPUT -p tcp -s 172.16.16.1 -m state --state NEW -m tcp --dport 21 -j DROP

# Add this line to enable secured SSL connection to anonymous users.
allow_anon_ssl=YES

# Uncomment this to enable any form of FTP write command.
write_enable=YES

# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES

# Add this line to enable read only permission to anonymous users.
allow_anon_ssl=YES

# Add this line to chmod all anonymous uploads automatically.
chmod_enable=YES

# Add this line to disable directory listing.
dirlist_enable=NO

# Add this line to maintain session logins.
session_support=YES

# Add this line to display directory listing in local time zone.
usr_localtime=YES

# Add this line to limit the ftp transfer rate.
anon_max_rate=0 # 0 means unlimited

# Add this line to set the ftp timeout session.
idle_session_timeout=300

Shi ke nan a yanzu. Za mu zo da labarin na gaba nan ba da jimawa ba, har sai kun kasance cikin shiri da haɗin gwiwa kuma kada ku manta da ba mu ra'ayoyinku masu mahimmanci a cikin sashin sharhinmu.