CSF2903 Operating Systems & Security Lab 12 – Configuring FTP Summary: This lab gives you an opportunity to configure/test basic FTP service with firewall protection. I. Configure FTP service 1. Log in to your lab PC and start up Kali Server Virtual Machine. 2. Log in to the VM with your user (password “Nettwerk1”). Open a terminal & switch to the root account (password “Letmein1”.) 3. Check on the status of the vsftpd service. What command did you use? 4. Configuration files for vsftpd are in the /etc chown --helpdirectory. Which file controls the FTP daemon? 5. service vsftpd stop 6. An account called FTP will be added automatically to your server, so lets create an appropriate directory for the anonymous user: mkdir -p /var/ftp/pub 7. Give the appropriate permissions: chown -hR ftp:ftp /var/ftp chmod 555 /var/ftp/pub 8. Back-up the original vstfpd.conf file with: cp /etc/vsftpd.conf /etc/vsftp_conf_original 9. Open the main configuration file. Some of the uncommented directives are listed in the following table. Add a short description beside each directive. Directive=Value Description listen=YES anonymous_enable=YES local_enable=YES write_enable=YES Lab 12 – FTP Page 1 of 3 CSF2903 Operating Systems & Security local_umask=022 dirmessage_enable=YES connect_from_port_20=YES ftpd_banner=CSF2903 ServerX. anon_root=/var/ftp/pub 10.Flush all firewall rules and save the Firewall. 11.Start up the FTP service. What command did you use? 12.Create a file called ftptest.txt in the /var/ftp/pub directory. Put the following text in the file: “Hello FTP user!” II. Test FTP service 13.Open a terminal. Start an FTP session and connect to your server VM. (Hint – use the ftp command). Write down the exact command you used. 14.Login to the FTP server as “ftp” with no password. What is your current directory on the FTP server? 15.Download the file ftptest.txt. What command did you use? (Hint – check the slide titled “Transferring Files”) 16.Open another terminal. Confirm that the file was transferred properly. 17.In the first terminal, close the FTP connection to the server (hint – check the slide titled “Open & Close a Session”). III. Iptables protection 18.Insert iptables rules to accept connections from any machine on the server’s subnet to the FTP data and control ports (20 and 21). Save your Lab 12 – FTP Page 2 of 3 CSF2903 Operating Systems & Security iptables changes. Write down the rule to allow TCP connections on these ports. 19.Open a new FTP connection to the server. Login to the FTP server as “ftp” with no password. (If you have done the iptables rules properly, this will now work.) 20.Terminate the FTP session. Ις. User FTP Configuration 21.Create a user: Create a user to test ftp interaction called ftp1 with the password Nettwerk1 22.In your user account create a file called fr_user.txt in the home directory with the text “This is from the student user account”. 23.Log into the FTP1 account and create the fr_ftp1.txt in the home directory with the text “ This is from the ftp1 user account”. 24.Open a terminal and create a connection to the ftp server of the localhost and log into the ftp1 account with the password Nettwerk1: 25.Download the file fr_ftp1.txt. What command did you use? 26.Upload the file fr_user.txt. What command did you use? 27.What files are in ftp1 home directory. What command did you use? Verify by opening another terminal and logging into ftp1 account. 28.End of Lab: Suspend or shut down both VMs. Log out. Have a nice day Lab 12 – FTP Page 3 of 3 Linux Command Reference [page 1 of 2] Commands Description users Displays currently logged in users (no details, only usernames) w Displays currently logged in users with some details who Displays currently logged in users with some details id user-name Displays user-id, and group-id of any user whoami Displays username of currently logged on user su user-name Switch to another user sudo command Run a command with elevated privilege history Displays history of all commands used in bash session man command Display the help of given command from manual pages command - - help Display the brief help of given command clear Clear the screen in bash shell chmod 777 file-name Change file or dir permissions. 777 means a 3 digit octal number, e.g. 640 chown user:group file-name Change file/directory ownership umask Display/change default permissions fdisk hard-disk-name To create/delete a partition. Disk name can be /dev/sda or /dev/sdb etc. mkfs -t fs-type Format a hard disk partition. fs-type is file system, i.e., ext4 or ntfs etc. partition-name mount partition-name mount-point Mount a formatted partition to a specified empty directory (mount point) umount partition-name Un-mount a formatted partition df Display free space on mounted partitions useradd username [options] Create user account. Option can be -c -g -G -u etc. passwd username Create or modify a user password usermod username [options] Modify user account properties. Options can be -c -g -G -u etc. userdel username [options] Delete a user account. Option can be -r etc. groupadd groupname [options] Create a group account Option can be -g etc. groupdel groupname Delete a group account groupmod groupname [options] Modify group properties Option can be -g etc. ifconfig Display, or modify a network interface details ifconfig int-name ip-address netmask subnet-mask Set the IP address of a network interface card. int-name is the network interface name, such as eth0 or enp0s3 etc. ping ip-address [options] Check network connection to another host. Options can be -c -i -s etc. traceroute ip-address Display path to another host netstat [options] Display network connections & statistics. Options can be -u -t -p -l etc. rpm -q package Check whether given package is installed in the operating system or not. yum option package Software package manager to install, remove, or update a package. service service-name option To start, stop, restart, or check the status of a service. chkconfig service-name To check if a service is enabled to auto-start at boot time chkconfig service-name option Option can be on to enable, or off to disable a service at boot time Linux Command Reference [page 2 of 2] Commands Description ls [dir-name] [options] Display list of files and directory. Option can be -l –a etc. cd dir-name Change the current directory (going into a directory/folder) cd .. Change the current directory to the parent directory pwd Display current working directory mkdir dir-name Create a directory or multiple directories, e.g., mkdir dir1 dir2 dir3 etc. rmdir dir-name Delete a directory or multiple directories touch file-name Create an empty file or multiple empty files, e.g., touch file1 file2 file3 etc. vi file-name vi text editor to open an existing file to edit, or create a new file. gedit file-name gedit text editor to open an existing file to edit, or create a new file. cp source destination Copy a file, or directory from one location to another. rm [options] file-dir-name Delete a file (or directory with -r). Options can be -r -I -v etc. mv source destination To move from one location to another, or to rename a file. cat file-name Display all contents of a file. more file-name Display all contents of a file, but one screen at a time. less file-name Display all contents of a file, but one screen at a time with scrolling facility. head [-n lines] file-name If number of lines not specified it will display first 10 lines of a text file tail [-n lines] file-name If number of lines not specified it will display last 10 lines of a text file find Finds files and directories on the file system locate file-name Finds files and directories on the file system grep string file-name Search a string in given file /etc/vsftpd/vsftpd.conf FTP Server configuration file with complete location /var/ftp Default location of FTP site to download or upload files vsftpd Background service name for FTP Server ftp ip-address Command line FTP client utility to connect to FTP server /etc/hosts Local host file to resolve DNS names /etc/ssh/ssh_config System-wide SSH configuration file sshd Background service name for SSH Server ssh user@ip-address Command line SSH client utility to connect to remote SSH Server scp source destination Command line SSH client utility to transfer files to and from SSH Server /etc/hosts.allow Host access file used by TCP Wrappers to allow access for services /etc/hosts.deny Host access file used by TCP Wrappers to deny access for services iptables Command line firewall utility to manage the firewall in Linux iptables [options] Options may have chain name (INPUT/OUTPUT/FORWARD), -A -D -L etc. [] options square bracket means optional, you may use the command without this parameter. It means the features of command (sometime also referred as switches), such as –a option is used in the ls command as ls -a to show all files (including hidden files). Unix/Linux Command Reference File Commands .com System Info ls – directory listing date – show the current date and time ls -al – formatted listing with hidden files cal – show this month's calendar cd dir - change directory to dir uptime – show current uptime cd – change to home w – display who is online pwd – show current directory whoami – who you are logged in as mkdir dir – create a directory dir finger user – display information about user rm file – delete file uname -a – show kernel information rm -r dir – delete directory dir cat /proc/cpuinfo – cpu information rm -f file – force remove file cat /proc/meminfo – memory information rm -rf dir – force remove directory dir * man command – show the manual for command cp file1 file2 – copy file1 to file2 df – show disk usage cp -r dir1 dir2 – copy dir1 to dir2; create dir2 if it du – show directory space usage doesn't exist free – show memory and swap usage mv file1 file2 – rename or move file1 to file2 whereis app – show possible locations of app if file2 is an existing directory, moves file1 into which app – show which app will be run by default directory file2 Compression ln -s file link – create symbolic link link to file tar cf file.tar files – create a tar named touch file – create or update file file.tar containing files cat > file – places standard input into file tar xf file.tar – extract the files from file.tar more file – output the contents of file tar czf file.tar.gz files – create a tar with head file – output the first 10 lines of file Gzip compression tail file – output the last 10 lines of file tar xzf file.tar.gz – extract a tar using Gzip tail -f file – output the contents of file as it tar cjf file.tar.bz2 – create a tar with Bzip2 grows, starting with the last 10 lines compression Process Management tar xjf file.tar.bz2 – extract a tar using Bzip2 ps – display your currently active processes gzip file – compresses file and renames it to top – display all running processes file.gz kill pid – kill process id pid gzip -d file.gz – decompresses file.gz back to killall proc – kill all processes named proc * file bg – lists stopped or background jobs; resume a stopped job in the background Network fg – brings the most recent job to foreground ping host – ping host and output results fg n – brings job n to the foreground whois domain – get whois information for domain dig domain – get DNS information for domain File Permissions dig -x host – reverse lookup host chmod octal file – change the permissions of file wget file – download file to octal, which can be found separately for user, wget -c file – continue a stopped download group, and world by adding: ● 4 – read (r) Installation ● 2 – write (w) Install from source: ● 1 – execute (x) ./configure Examples: make chmod 777 – read, write, execute for all make install chmod 755 – rwx for owner, rx for group and world dpkg -i pkg.deb – install a package (Debian) For more options, see man chmod. rpm -Uvh pkg.rpm – install a package (RPM) SSH ssh user@host – connect to host as user ssh -p port user@host – connect to host on port port as user ssh-copy-id user@host – add your key to host for user to enable a keyed or passwordless login Searching Shortcuts Ctrl+C – halts the current command Ctrl+Z – stops the current command, resume with fg in the foreground or bg in the background Ctrl+D – log out of current session, similar to exit Ctrl+W – erases one word in the current line Ctrl+U – erases the whole line Ctrl+R – type to bring up a recent command !! - repeats the last command exit – log out of current session grep pattern files – search for pattern in files grep -r pattern dir – search recursively for pattern in dir command | grep pattern – search for pattern in the output of command * use with extreme caution. locate file – find all instances of file Managing Hard Disks and Partitions Practice Lab CSF 2903 OPERATING SYSTEMS ADMINISTRATION AND SECURITY Managing Disks & Partitions (Practice Lab) Table of Contents Hard disk and Partitions Naming in Linux ............................................................................................................................... 2 Managing Disks and Partitions ................................................................................................................................................ 2 Display List of disks and Partitions in Linux............................................................................................................................. 2 Display list of partition on a selected disk .............................................................................................................................. 1 Checking the list of mounted Partitions and free space ......................................................................................................... 1 Create a partition of size 4 GB on 2nd hard disk in your computer. ...................................................................................... 2 Format the partition with ext4 file system ............................................................................................................................. 3 Mount the partition ................................................................................................................................................................ 4 The command to confirm that the partition is mounted. ...................................................................................................... 4 The command to un-mount the partition............................................................................................................................... 5 How to delete a partition (only delete if it is asked in exam or lab)....................................................................................... 5 CSF 2903: OS Administration & Security Page 1 Managing Disks & Partitions (Practice Lab) Hard disk and Partitions Naming in Linux In Linux operating system, all device files are saved in /dev sub-directory. The Hard disk is represented as “sd”, and the first hard disk is represented with letter “a”, second hard drive is represented with letter “b” etc. Therefore the file /dev/sda will represent the 1st Hard disk in Linux operating system. /dev/sdb = 2nd Hard Disk /dev/sdb3 = 3 partition on 2nd Hard Disk /dev/sde = 5th Hard Disk /dev/sde1 = 1st Partition on 5th Hard Disk Managing Disks and Partitions To manage Disks and Partitions in Linux operating system, you have to be administrator, i.e., user “root”. Instead of su root you can also type only su In lab computers, the password for user “root” is csf2903 Display List of disks and Partitions in Linux fdisk –l to list of all partitions & drive on Linux computer CSF 2903: OS Administration & Security Page 2 Managing Disks & Partitions (Practice Lab) Display list of partition on a selected disk fdisk –l /dev/sdb to see all partition only on hard disk 2 Checking the list of mounted Partitions and free space df to check the free space on mounted disk See the 1st partition on 1st hard disk, which is /dev/sda1 is mounted (loaded) in an empty directory name boot in / this is a partition made while we install linux to boot the computer CSF 2903: OS Administration & Security Page 1 Managing Disks & Partitions (Practice Lab) Create a partition of size 4 GB on 2nd hard disk in your computer. # fdisk /dev/sdb command to manage the hard disk number 2 in Linux n type n to create a new partition, and press ENTER key 3 times, press ENTER key 1st enter 2nd enter 3rd enter Give size as +4G p w primary partition is selected by default 1st primary partition is selected by default 2048 is selected by default for first sector write the partition size starting with + and ending with G and press ENTER key type p to print the partition table, and press ENTER key type w to write (save) the partition table and exit CSF 2903: OS Administration & Security Page 2 Managing Disks & Partitions (Practice Lab) Format the partition with ext4 file system mkfs -t ext4 /dev/sdb1 command to format the 1st partition on hard disk number 2 You can also format as ntfs or vfat (windows file system) using following commands mkfs -t ntfs /dev/sdb1 mkfs -t vfat /dev/sdb1 CSF 2903: OS Administration & Security Page 3 Managing Disks & Partitions (Practice Lab) Mount the partition In Linux you cannot access any drive with drive letter. You must have an empty folder that you can link with partitions in Linux using mount command. Mount means loading the partition in a mount point (empty folder/directory) If you don’t have any empty directory, then create an empty folder (just once), you do not need to create it every time. mkdir saeed (only create if you don’t have) mount /dev/sdb1 saeed if you are in same location where you created the directory mount /dev/sdb1 /home/hctuser/saaed otherwise type full path for the directory saeed The command to confirm that the partition is mounted. df df –h (display the size in human readable format, i.e., KB, GB (Giga Byte) CSF 2903: OS Administration & Security Page 4 Managing Disks & Partitions (Practice Lab) The command to un-mount the partition. umount /dev/sdb1 How to delete a partition Deleting a partition will erase all your data. You have to use fdisk program to delete the partition. Press “w” if you wish to save and exit, otherwise press “q” to quit the fdisk program without saving. CSF 2903: OS Administration & Security Page 5 Managing Hard Disks and Partitions Practice Lab CSF 2903 OPERATING SYSTEMS ADMINISTRATION AND SECURITY Managing Disks & Partitions (Practice Lab) Table of Contents Hard disk and Partitions Naming in Linux ............................................................................................................................... 2 Managing Disks and Partitions ................................................................................................................................................ 2 Display List of disks and Partitions in Linux............................................................................................................................. 2 Display list of partition on a selected disk .............................................................................................................................. 1 Checking the list of mounted Partitions and free space ......................................................................................................... 1 Create a partition of size 4 GB on 2nd hard disk in your computer. ...................................................................................... 2 Format the partition with ext4 file system ............................................................................................................................. 3 Mount the partition ................................................................................................................................................................ 4 The command to confirm that the partition is mounted. ...................................................................................................... 4 The command to un-mount the partition............................................................................................................................... 5 How to delete a partition (only delete if it is asked in exam or lab)....................................................................................... 5 CSF 2903: OS Administration & Security Page 1 Managing Disks & Partitions (Practice Lab) Hard disk and Partitions Naming in Linux In Linux operating system, all device files are saved in /dev sub-directory. The Hard disk is represented as “sd”, and the first hard disk is represented with letter “a”, second hard drive is represented with letter “b” etc. Therefore the file /dev/sda will represent the 1st Hard disk in Linux operating system. /dev/sdb = 2nd Hard Disk /dev/sdb3 = 3 partition on 2nd Hard Disk /dev/sde = 5th Hard Disk /dev/sde1 = 1st Partition on 5th Hard Disk Managing Disks and Partitions To manage Disks and Partitions in Linux operating system, you have to be administrator, i.e., user “root”. Instead of su root you can also type only su In lab computers, the password for user “root” is csf2903 Display List of disks and Partitions in Linux fdisk –l to list of all partitions & drive on Linux computer CSF 2903: OS Administration & Security Page 2 Managing Disks & Partitions (Practice Lab) Display list of partition on a selected disk fdisk –l /dev/sdb to see all partition only on hard disk 2 Checking the list of mounted Partitions and free space df to check the free space on mounted disk See the 1st partition on 1st hard disk, which is /dev/sda1 is mounted (loaded) in an empty directory name boot in / this is a partition made while we install linux to boot the computer CSF 2903: OS Administration & Security Page 1 Managing Disks & Partitions (Practice Lab) Create a partition of size 4 GB on 2nd hard disk in your computer. # fdisk /dev/sdb command to manage the hard disk number 2 in Linux n type n to create a new partition, and press ENTER key 3 times, press ENTER key 1st enter 2nd enter 3rd enter Give size as +4G p w primary partition is selected by default 1st primary partition is selected by default 2048 is selected by default for first sector write the partition size starting with + and ending with G and press ENTER key type p to print the partition table, and press ENTER key type w to write (save) the partition table and exit CSF 2903: OS Administration & Security Page 2 Managing Disks & Partitions (Practice Lab) Format the partition with ext4 file system mkfs -t ext4 /dev/sdb1 command to format the 1st partition on hard disk number 2 You can also format as ntfs or vfat (windows file system) using following commands mkfs -t ntfs /dev/sdb1 mkfs -t vfat /dev/sdb1 CSF 2903: OS Administration & Security Page 3 Managing Disks & Partitions (Practice Lab) Mount the partition In Linux you cannot access any drive with drive letter. You must have an empty folder that you can link with partitions in Linux using mount command. Mount means loading the partition in a mount point (empty folder/directory) If you don’t have any empty directory, then create an empty folder (just once), you do not need to create it every time. mkdir saeed (only create if you don’t have) mount /dev/sdb1 saeed if you are in same location where you created the directory mount /dev/sdb1 /home/hctuser/saaed otherwise type full path for the directory saeed The command to confirm that the partition is mounted. df df –h (display the size in human readable format, i.e., KB, GB (Giga Byte) CSF 2903: OS Administration & Security Page 4 Managing Disks & Partitions (Practice Lab) The command to un-mount the partition. umount /dev/sdb1 How to delete a partition Deleting a partition will erase all your data. You have to use fdisk program to delete the partition. Press “w” if you wish to save and exit, otherwise press “q” to quit the fdisk program without saving. CSF 2903: OS Administration & Security Page 5