4、我如何使用户登陆时不显示ftp服务器版本信息,以增强安全性?
在proftpd.conf中添加如下内容:
ServerIdent off
则再次登录时,显示如下内容:
C:WINDOWS>;ftp 192.168.2.33
Connected to 192.168.2.33.
220 ftpd.test.com.cn FTP server ready.
User (192.168.2.33none)):
5、在proftpd环境下如何设定虚拟主机?
可以通过指令:VirtualHost来实现,一个最简单的例子:
<VirtualHost 192.168.2.35>;
ServerName "virtual FTP server"
</VirtualHost>;
若你仅仅希望通过匿名访问某个虚拟主机,则使用如下! 的指令:
<VirtualHost 192.168.2.35>;
Serv erName "virtual FTP server"
<Limit LOGIN>;
DenyAll
</Limit>;
<Anonymous /usr/local/private>;
User private
Group private
<Limit LOGIN>;
AllowAll
</Limit>;
</Anonymous>;
</VirtualHost>;
这样192.168.2.35的这台主机则仅仅允许匿名登录。
笔者的proftpd.conf配置文件内容为:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName &! quot;test.com.cn FTP Server"
ServerType standalone
DefaultServer on
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to&! nbsp;limit maximum number of processes per&nb sp;service
# (such as xinetd)
MaxInstances 30
RequireValidShell off
ServerIdent off
# Set the user and group that the server normally runs at.
User nobody
Group nobody
# Normally, we want files to be overwriteable.
<Directory /*>;
AllowOverwrite on
</Directory>;
# A basic anonymous configuration, no upload directories.
<Anonymous /home/ftp>;
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous logins
MaxClients 10
# We ! ;want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>;
DenyAll
</Limit>;
</Anonymous>;
DefaultRoot ~ ftpusers
<VirtualHost 192.168.2.35>;
ServerName "virtual FTP server"
<Limit LOGIN>;
DenyAll
</Limit>;
<Anonymous /usr/local/private>;
User private
Group private
<Limit LOGIN>;
AllowAll
</Limit>;
</Anonymous>;
</VirtualHost>;
参照的一个老外关于常遇到的问题解决方法,很重要:
I have also had this problem, however, it was only the problem of rights inside the system. Careless what unix or linux you are using, you have to set the permissions inside your system, not only in the proftpd.conf, so that people can login and operate with ftp. That means:
# we will assume that /home/ftp is the folder we want to share, you must create an ftp user and ftp group first, # unless you already have it
# lets dedicate the folder and all its contents to the ftp owner and ftp group
sudo chown -R ftp:ftp /home/ftp (!R应该为大写)
# now lets adjust the permitions so that the owner and group can read,write and execute, others only read
sudo chmod -R 775 /home/ftp
now, all the members of the group will be able to access the ftp with writing mode
and all the visitors will be able to read and download things
of course, you can make the system more sophisticated, but for the beginning....
# and if you really want more you can try e.g:
# for the upload we could have more courageously - but I do not advice this, it allows everyone
# to delete everything in upload
sudo chmod -R 777 /home/ftp/upload/
good luck
Kolaloka
(and if you get tired of the overautomagicUbuntu, try the NetBSD - the touch of a real unix)
chown与chmod的区别:
chown 修改文件和文件夹的用户和用户组属性
1。要修改文件hh.c的所有者.修改为sakia的这个用户所有
chown sakia hh.c
这样就把hh.c的用户访问权限应用到sakia作为所有者
2。将目录 /tmp/sco 这个目录的所有者和组改为sakia和组net
chown -R sakia:net /tmp/sco
chmod 修改文件和文件夹读写执行属性
1。把hh.c文件修改为可写可读可执行
chmod 777 hh.c
要修改某目录下所有的 文件属性为可写可读可执行
chmod 777 *.*
把文件夹名称与后缀名用*来代替就可以了。
同理若是要修改所有htm 文件的属性
chmod 777 *.htm
2。把目录 /tmp/sco修改为可写可读可执行
chmod 777 /tmp/sco
要修改某目录下所有的文件夹属性为可写可读可执行
chmod 777 *
把文件夹名称用*来代替就可以了
要修改/tmp/sco下所有的文件和文件夹及其子文件夹属性为可写可读可执行
chmod -R 777 /tmp/sco
可 写 w=4
可读 r=2
可执行 x=1
777就是拥有全权限。根据需要可以自由组合用户和组的权限