932
edits
Changes
m
Answer the following Exploration questions.:
Clarifying instructions
*Check the settings on your firewall. Ensure that you can still use the services you have configured in previous labs.
*Now make sure you are connected to the Internet. Start Firefox and authenticate yourself into the network.
*Login to your VM01 VM1 and ensure you have the firewall set up to allow the services you have previously configured (e.g. DNS, mailapache). If those services are not functioning, fix them (or your firewall) now.
Before preceeding to the next part ensure your gateway is working properly and that your server has access to the Internet. Try some of these commands on your VM/guest:
ping 192.168.X.1
#*Set the server to listen on IPv4 sockets, not IPv6.
#*Set the maximum number of concurrent client connections to 30.
#*Set the maximum transfer rate for anonymous users to 140100 140300 bytes per second.
#*Set the connection timeout for idle clients to two minutes.
#*Enable file transfer logging.
#*Limit the range of ports passive mode is allowed to use to 14335 to 1483514935.
#You'll now have to modify your firewall to allow NEW tcp connections on port 21, and tcp connections on the same ports vsftp is will use for data connections.
#Verify that the ftp connection tracking module is installed in your kernel with the "lsmod" command. If it is not, you'll have to install it with the command: "modprobe nf_conntrack_ftp".
#Start your ftp server.
#From the command line of your vmserver, create a new file (or several) in /var/ftp/pub.
#Change the ownership of the /var/ftp/pub directory to the user ftp.
#At this point you should test your FTP server from other hosts within your intranet. It should allow anonymous users to retrieve files. From a terminal window on the gateway one of your VMs try these activities:#*ftp using the login 'ftp' to your VMhost, then list and get the file you created.
#*Try logging is as a user that exists on that machine.
#*INPUT chain of filter table
#*OUTPUT chain of filter table
#*While monitoring your packets using "tail -f /var/log/messages" - test your firewall logs by connecting from one of your VMs, and then by logging into a second PC (try both Windows and Linux) and attempt an FTP connection to your gateway PC. Test both local user as well as anonymous connections.
==Completing the Lab==
#What parameters did you use to force vsftp to use active mode only.
#What version number of vsftpd are you using.
#What parameters would you set to configure vsftp to use ssl for authentication.
#If you wanted to allow your local users to access their files through ftp, what parameters would you set, and what would you set them to?
