1
00:00:00,000 --> 00:00:19,920
Hey everyone and welcome back. Now what I want to do is to briefly shift gears and talk about FTP.

2
00:00:19,920 --> 00:00:26,359
This is the file transfer protocol and as you may guess the actual name is pretty descriptive of

3
00:00:26,359 --> 00:00:32,200
its function. This is used for the transferring of files and it is still very very popular in

4
00:00:32,200 --> 00:00:38,000
modern networks so it definitely is worthwhile for us to understand this and be aware of it,

5
00:00:38,000 --> 00:00:43,519
not just for the purposes of the examination but also as Linux engineers. So let's talk about

6
00:00:43,519 --> 00:00:50,600
how the actual connection of FTP actually operates then. So what I'll do here is if we can imagine

7
00:00:50,920 --> 00:00:58,679
we have an FTP server, we'll say FTP and we can also have a client. So this could just be someone

8
00:00:58,679 --> 00:01:05,040
on their computer looking to receive some type of files. Now one thing to note is that FTP is going

9
00:01:05,040 --> 00:01:13,640
to rely heavily on two ports. The first port is going to be port number 20 and the second one is

10
00:01:13,640 --> 00:01:19,799
going to be port number 21. Now these two ports ultimately serve slightly different purposes.

11
00:01:19,799 --> 00:01:26,120
They both use or are both used for FTP should I say. Port 20 is going to be the actual transferring

12
00:01:26,120 --> 00:01:34,039
of data is going to be sent over this port whereas port 21. This is going to be used to control or

13
00:01:34,039 --> 00:01:39,159
handle the connection itself. What does this actually mean? Well if we actually dive in and

14
00:01:39,159 --> 00:01:44,439
look at an example of how a connection can be initiated hopefully this will make a little bit

15
00:01:44,439 --> 00:01:49,719
more sense. So check this out we've got this client over here. Now the client is going to request

16
00:01:49,879 --> 00:01:56,760
some type of file from the FTP server over here. Now what's got to happen first is that this client

17
00:01:56,760 --> 00:02:03,480
over here has got to specify a source port number of its own. Now this can be a random port number.

18
00:02:03,480 --> 00:02:11,479
If I just happen to specify 9594 let's just say random number and actually let's just give each

19
00:02:11,479 --> 00:02:21,159
one an IP address. Let's imagine this is 10112 and this can be 10111. So what the client is going

20
00:02:21,159 --> 00:02:28,120
to do is going to make a connection to FTP. Pretty much saying hey my IP address is 10112.

21
00:02:28,120 --> 00:02:35,879
I am starting a connection over my local port of 9594. This is a random port chosen by the clients.

22
00:02:35,879 --> 00:02:41,159
Now the crucial thing is that this actual request is going to be sent to the server on its IP address

23
00:02:41,639 --> 00:02:47,799
using port 21 which is an FTP port but remember this is the port used to control or handle the

24
00:02:47,799 --> 00:02:53,159
connection. So this is not where the data is going to actually come across. This is just to

25
00:02:53,159 --> 00:02:59,719
instantiate this connection. Now in this connection the client is going to communicate another

26
00:02:59,719 --> 00:03:05,319
port number different from this source one right here. Again it will be a random one let's just say

27
00:03:05,319 --> 00:03:14,359
9595 so one higher but ultimately what the client is doing here is saying hey I want FTP services

28
00:03:14,359 --> 00:03:21,799
from you as indicated by the port from this server and when you respond to me I want you to send data

29
00:03:21,799 --> 00:03:30,280
to me on my IP address up here on this particular port in this case 9595. Now the crucial thing

30
00:03:30,759 --> 00:03:38,280
is that when FTP responds and actually sends the data to this IP address to this particular port

31
00:03:38,280 --> 00:03:45,879
the FTP service is going to open up here but it's going to open up locally on port 20 on FTP because

32
00:03:45,879 --> 00:03:51,560
now we're actually sending over the data the actual file that was requested. So this is the big

33
00:03:51,560 --> 00:03:58,360
difference port 21 used to open up and instantiate the connection when the data is actually flowing

34
00:03:58,360 --> 00:04:03,720
it's going to be over port 20 again this is from the server's point of view. The client can just

35
00:04:03,720 --> 00:04:09,480
use random ports as long as it's communicating those ports to the server. Now this type of

36
00:04:09,480 --> 00:04:17,240
connection here is a very particular type of FTP connection this is known as active FTP. Now the

37
00:04:17,240 --> 00:04:23,720
issues with active FTP is simply due to what we just recently talked about and that is with respect

38
00:04:23,720 --> 00:04:29,480
to firewalls because firewalls don't happen to like inbound connections or at least unless you

39
00:04:29,480 --> 00:04:35,800
have to explicitly open inbound connections which is kind of frowned upon not really desirable.

40
00:04:36,440 --> 00:04:41,800
So think about this imagine the same connection we've got the client over here we have the FTP

41
00:04:41,800 --> 00:04:49,000
server think about what actually happened here we've got our port of 9594 I believe it was we

42
00:04:49,000 --> 00:04:58,839
send the request to the FTP server on port 20. FTP server uses port 21 to respond back to us but FTP

43
00:04:58,839 --> 00:05:07,319
opens a fresh connection into our computer as the client this time on port 9595 now because this is an

44
00:05:07,319 --> 00:05:13,480
inbound connection from the perspective of the client uninitiated by the client i.e it was initiated

45
00:05:13,480 --> 00:05:19,560
by a remote server firewall operators on the client side may not be too keen with the ability of an

46
00:05:19,560 --> 00:05:26,040
external source to just open a connection directly into the network or into the host so because of

47
00:05:26,040 --> 00:05:35,560
this FTP active can become problematic so the way this is resolved is by using FTP in passive mode

48
00:05:35,560 --> 00:05:39,960
now this is handled a little bit differently yet again so let me show you how this works

49
00:05:40,039 --> 00:05:47,079
so over here on the client side once again and we will have the server FTP things are going to look

50
00:05:47,079 --> 00:05:54,199
a little bit different but you will recognize a lot of the steps here so check this out imagine

51
00:05:54,199 --> 00:06:00,599
that the client here wants those FTP services so once again let's just say 9495 I believe the

52
00:06:00,599 --> 00:06:08,120
port is it doesn't actually matter let's just say it's 9495 this time the client is going to send a

53
00:06:08,199 --> 00:06:18,920
request to FTP on port 21 saying pretty much hey master FTP I need to have a passive connection

54
00:06:18,920 --> 00:06:26,360
so FTP receives this on its control port of port 21 and what FTP is going to do it's going to respond

55
00:06:26,360 --> 00:06:33,399
back pretty much saying okay I'm going to facilitate this connection by waiting for you I'm going to

56
00:06:33,399 --> 00:06:40,439
open up a random port on my side of the connection and you can call in to me that way the client can

57
00:06:40,439 --> 00:06:46,039
be the one initiating the connection in fact I've accidentally rubbed out that five there let me just

58
00:06:46,039 --> 00:06:53,000
draw that back so like I say FTP is going to say okay I'm going to wait for you and FTP is now going

59
00:06:53,000 --> 00:06:59,639
to be the one that will choose a random port so let's just say FTP chooses 8642 whatever it may be

60
00:06:59,639 --> 00:07:06,439
and it communicates that information to the client so now the client is going to use a new port once

61
00:07:06,439 --> 00:07:12,839
again so the client could use 9496 to make an outbound connection and it's going to make an

62
00:07:12,839 --> 00:07:19,399
outbound connection to the FTP server on its IP address but it's going to target this particular

63
00:07:19,399 --> 00:07:25,319
port that was specified by the FTP server but again the crucial difference here is that this is an

64
00:07:25,319 --> 00:07:32,199
outbound connection initiated by the client so the client is only ever doing outbound initiation

65
00:07:32,199 --> 00:07:38,279
it's never waiting for a connection to come inbound and this is going to solve these particular

66
00:07:38,279 --> 00:07:45,079
firewall issues so once the connection is now open this channel is open effectively and FTP

67
00:07:45,079 --> 00:07:51,480
can begin sending all of that FTP data through this channel and the client can receive all of that

68
00:07:52,280 --> 00:07:59,640
via FTP so now that we understand the two different modes of connecting to FTP what we now want to

69
00:07:59,640 --> 00:08:06,439
look at are some FTP server options that we can use if we want to actually supply these services

70
00:08:06,439 --> 00:08:13,400
ourselves now we do have a few options the first one and the main focal point I would say is one

71
00:08:13,399 --> 00:08:23,239
called VSFTPD this is the very secure FTP daemon now VSFTPD is a very good daemon although I would

72
00:08:23,239 --> 00:08:29,560
be hesitant or wary of any software which happens to be very secure that's just my own personal

73
00:08:29,560 --> 00:08:35,559
bias but yeah it's good software but please don't put too much faith in the system sometimes the

74
00:08:35,559 --> 00:08:45,079
names can be deceiving the next one we want to look at is one called pure FTPD and the last one

75
00:08:45,079 --> 00:08:53,559
is one called pro FTPD now really like I say the main one we want to focus on is VSFTPD the big

76
00:08:53,559 --> 00:08:58,359
crucial thing we have to know here is that this is actually controlled like so much of what we see

77
00:08:58,360 --> 00:09:05,480
on linux directly via configuration files whereas if we use pure FTPD we do not modify

78
00:09:05,480 --> 00:09:11,480
configuration files instead we make all the changes to the service directly via the command line

79
00:09:12,120 --> 00:09:17,560
now with respect to pro FTPD honestly I really wouldn't worry about looking into this with any

80
00:09:17,560 --> 00:09:23,639
great detail the exam objectives really just specify that we have an awareness of pro FTP's

81
00:09:23,639 --> 00:09:29,720
existence so that you do recognize it is an FTP developer option but really like I say let's turn

82
00:09:29,720 --> 00:09:35,399
our attention to VSFTPD and begin a little installation then so what I will do is I will

83
00:09:35,399 --> 00:09:42,279
clear the screen so what I'm going to say here is sudo apt install and I will say VSFTPD to install

84
00:09:42,279 --> 00:09:48,200
VSFTPD I will type in my password here and hit enter would be super helpful if I could type the

85
00:09:48,200 --> 00:09:55,160
right password of course so try again there we go now the installation begins now depending on the

86
00:09:55,160 --> 00:10:00,759
distribution that you're using VSFTPD may be located in two different locations or rather

87
00:10:00,759 --> 00:10:06,360
should I say the configuration file for VSFTPD the first location you should check would be in the

88
00:10:06,360 --> 00:10:14,040
Etsy directory and then you will either have a VSFTPD directory and inside that directory you

89
00:10:14,039 --> 00:10:21,559
would have a file called VSFTPD.conf however if you are like me you actually will not have this

90
00:10:21,559 --> 00:10:28,279
particular directory and instead the VSFTPD configuration file will be directly within the

91
00:10:28,279 --> 00:10:37,000
Etsy directory so if I just say sudo nano and do VSFTPD.conf if I hit enter this here is the main

92
00:10:37,000 --> 00:10:42,679
configuration file now there are some settings we want to be aware of for example if I scroll down

93
00:10:42,679 --> 00:10:48,679
here we have this setting for anonymous underscore enable this is set to the value no this means that

94
00:10:48,679 --> 00:10:54,439
anonymous logins are disabled by default what this means is that we're not going to allow anyone to

95
00:10:54,439 --> 00:11:02,039
log in to our ftp server instead they must provide credentials such as a username and a valid password

96
00:11:02,039 --> 00:11:08,039
in order to access our services now just below this we also have local underscore enable set to

97
00:11:08,039 --> 00:11:15,000
the value yes this is going to allow us to allow local users to log in so local users with their

98
00:11:15,000 --> 00:11:21,719
local credentials they can ultimately access the services on the file transfer protocol server

99
00:11:21,719 --> 00:11:28,279
with this configuration enabled now below here we have write enabled equals yes this is commented out

100
00:11:28,279 --> 00:11:33,879
meaning that the actual configuration is not taking effect this means that they cannot actually make

101
00:11:33,960 --> 00:11:41,080
write changes to the ftp server meaning that they can't actually modify the contents on the server

102
00:11:41,080 --> 00:11:45,559
similar to what we saw before we have this configuration file here or rather this configuration

103
00:11:45,559 --> 00:11:53,000
setting should I say a non upload enable yes if we actually uncomment this it's going to allow

104
00:11:53,000 --> 00:11:59,080
anonymous users who have logged in without providing credentials to actually upload files to the server

105
00:11:59,080 --> 00:12:05,240
itself naturally this can obviously be very dangerous if you don't have a good grip of who can

106
00:12:05,240 --> 00:12:11,240
actually access your server so naturally what I want to do is to actually comment this so that

107
00:12:11,240 --> 00:12:16,440
this configuration does not take effect and if we scroll on down we're going to see more and more

108
00:12:16,440 --> 00:12:21,960
settings you can explore these at your leisure but really those are the main configurations that we

109
00:12:21,960 --> 00:12:27,960
want to be concerned about so for now what I will do here is I will just escape this by pressing control

110
00:12:27,960 --> 00:12:36,200
x and just say no here and now what I will do is I will just access my machine right here over ftp

111
00:12:36,200 --> 00:12:43,480
now I'll just say ftp localhost if I hit enter so if I say the name happens to be ipv0 and I type

112
00:12:43,480 --> 00:12:50,680
an ipv0 password right here and hit enter we can see here the login is successful and we actually

113
00:12:50,680 --> 00:12:57,560
now have this ftp prompt if I just say help we can actually see all of the commands that are available

114
00:12:57,559 --> 00:13:06,599
to us over ftp so I can do things like ls to see a listing of the files I could cd into a directory

115
00:13:06,599 --> 00:13:13,479
such as documents and do an ls notice nothing is within this particular directory and if I happen

116
00:13:13,479 --> 00:13:18,919
to have right access I could write to this directory and host files within this server

117
00:13:18,919 --> 00:13:26,039
accessible via ftp now like I say if I happen to just say quit to quit the connection if I try to log

118
00:13:26,039 --> 00:13:32,759
in again and I happen to say anonymous and I just specify the password as anonymous the actual

119
00:13:32,759 --> 00:13:40,519
connection is going to fail however if I say quit go back into my configuration file if I go on down

120
00:13:40,519 --> 00:13:47,879
I will change this to the value yes and I'll save the changes right here and escape out so now what

121
00:13:47,879 --> 00:13:55,159
I can do is I can actually restart the service by saying pseudo service vs fdpd and restart that is

122
00:13:55,240 --> 00:14:01,959
now restarted if I do ftp localhost and I just use the username of anonymous and the password again

123
00:14:01,959 --> 00:14:09,799
of anonymous now this time the login is deemed successful so really with respect to ftp we want

124
00:14:09,799 --> 00:14:14,839
to understand the nature of the connection are we using an active connection or a passive connection

125
00:14:14,839 --> 00:14:21,240
when would you use one or the other the common ports are going to be in use port 21 and port 20

126
00:14:21,240 --> 00:14:28,360
we want to understand some of the options that we have to host a ftp server such as vs fdpd which

127
00:14:28,360 --> 00:14:34,680
will be managed by a configuration file such as the ones we just saw and we also have pure ftpd

128
00:14:34,680 --> 00:14:41,399
which is a command line option as well as pro fdpd whereby we really just have to have a general

129
00:14:41,399 --> 00:14:47,720
awareness of its existence as an ftp server okay doc so that is us for ftp I hope this has been

130
00:14:47,720 --> 00:14:53,720
informative for you and I'd like to thank you for viewing