Subtitles of the Movie

Looking in network services, let's look up here near the top and find the FTP server applet. We're going to click on that and the FTP server configuration will start to load. And of course, it's going to initialize the configuration and read settings. And then it's going to give us the different options to configure an FTP server. On our left-hand side, we see different settings here and we'll go through those. Let's look in the right pane for startup, though. Service start of course. As with most services that we've talked about so far, we need to be able to say when the service starts. Now, usually we get the options of when booting up the server or manually. In the case of the FTP server, we also get another option of via xinetd. Now, the xinetd is a configuration file that allows for network services that are accessible from the network to be started up in certain order or in certain fashion and it also can log and limit sessions to those network services, such as FTP. We can also switch the FTP server off and on right now if we like and we can select which service we're going to use; whether it be the VSFTP, which is the default, or the pure-ftpd. Now, if we click on the general selection over here, this is the welcome message and we can basically put in our welcome message, such as welcome to VTC. The chroot everyone basically gives us the option of mandating that everyone who logs into this server, through anonymously or who, even if they authenticate, basically so that they are limited to only certain directories and files that they can execute. This actually also applies to the FTP service itself. This prevents anyone, including the FTP service, from accessing other parts of the server that you don't want anyone to mess with. You can configure logging here and you can configure your umask as well. Our umask by default might be something like 037 and that would set default permissions at 740. You can set the umask to be different things for authenticated users versus, versus anonymous users if you like. You can also set up directories for anonymous users and directories for authenticated users so they can't access the same directory because you may want your authenticated users to be able to access different things than your anonymous users. Performance, you can select that and we get the different time, idle time in minutes for the server. The maximum clients for one IP address. In other words, how many simultaneous clients can connect to the FTP server. If we have a low-end server or a server that we're not sure can handle the load, we might want to keep these settings a little bit low. The max clients to connect, of course. The FTPD directories; we can set settings on those such as the local max rate in kilobytes per second. That basically sets our bandwidth and the anonymous maximum rate in case we want to set a different bandwidth rate for anonymous users. The authentication tab basically gives us the ability to set up different methods of authentication. We can choose for only anonymous users. We might want to do that if it's a public server and we really don't want anyone to use a user name and password and you might think well, it's not very secure then. But the thing about it is FTP inherently is insecure and it sends users names and passwords in clear text. Unfortunately, because of that, these user names and passwords can be easily intercepted so it might be actually more secure to only allow anonymous users if it's a public FTP server. Now, if it's a private FTP server, of course, you might want to enable the authenticated users. You might also want to secure that FTP traffic with other methods so that that traffic can't be sniffed. You can also choose for both methods to be allowed. Again, you can have anonymous and authenticated users both and they can access different directories. You can enable uploading, of course, to files, to the directory and you can make it so the, even the anonymous users can upload. If you don't check that, only authenticated users can. And you can also make it so the anonymous user can create directories. You want to use these two settings very carefully because an anonymous user could upload a virus or malware to your server. If you click on expert settings, we have the enable passive mode which is the default and the settings for passive mode, the minimum port and maximum port for the passive mode. We can also choose to enable SSL and we might want to do that if we need a really secure environment, a really secure FTP environment. We can enable SSL and we can select which version of SSL, either two or three or even TLS, that we want to use. We can even specify a certificate using PKI for SSL-encrypted sessions. Now, if we come down here to the last setting we're going to see, we definitely want to be able to open the port in the firewall and usually that's going to be ports 20 and 21 and we're going to enable those ports if we want to be able to communicate with the FTP server; otherwise we won't be able to. So let's click on accept, because we've configured our server. Oops, let's go and unselect SSL there and then accept. We're not going to put a certificate in there right now. It's writing the settings to the configuration file and as soon as it writes the settings, it's going to start the FTP server and that essentially is all there is to establishing an FTP server on your network and you may want to go back now and look at those particular shares or directories that you opened rather and put the files in there that you need for people to be able to download or watch for people to upload files.