Lecture Notes on NFS and FTP

Overview

• The lecture covers the topics of Network File System (NFS) and File Transfer Protocol (FTP).
• Detailed explanation on NFS and its configurations.
• Introduction and setup of FTP.

Network File System (NFS)

Introduction to NFS

• NFS: Stands for Network File System.
• Developed by: Sun Microsystems in the 1980s, now part of Oracle.
• Purpose: To allow a machine to access files over a network as if they were on its local disks.
• Initial Use: Designed specifically for UNIX and Solaris systems; later adopted by Linux.
• Compatibility: Now also available in Windows Server 2008/2022 as an NFS server.

Working Principle

• Client-Server Model: Clients access files stored on another machine (server).
• Sharing Protocol: Files and directories are shared and accessed over the network.
• Configuration: Shared files are defined in the NFS server.
• Security Issues: NFS relies on machine-based or IP-based access control. If a machine gets access, any user on that machine can access the shared files.

Configuration Details

• NFS Simple Configuration: Configured using the /etc/exports file.
• File Sharing: Define what to share and the permissions in /etc/exports.
• Command: service nfs restart after configuring to apply changes.

Advantages of NFS

• Easy to Configure: Very simple setup and configuration process.
• Low Overhead: Does not require powerful hardware, runs on minimal resources.

Disadvantages of NFS

• Security Flaws: Window showing shared directories, not user-specific access control, runs security based on IP or machine.
• Dynamic Port Assignment: Uses portmap to dynamically assign ports, complicating firewall rules.
• Legacy status: Considered an old protocol with some limitations in modern environments.

File Access

• Setting Permissions: Use chmod to set read/write permissions before sharing directories.
• Enable/Disable Services: Use commands for starting/stopping NFS services and enabling on system boot.

File Transfer Protocol (FTP)

Introduction to FTP

• FTP: Stands for File Transfer Protocol.
• Purpose: Used to transfer files over a network.
• Ports: Works on port 21 (control) and port 20 (data transfer).

How FTP Works

• Client-Server Model: FTP clients upload/download files to/from FTP servers.
• Utilities: Can be command-line or GUI-based FTP clients.

Key Commands

• Download File: get <filename> - Downloads a file from the server to the client.
• Upload File: put <filename> - Uploads a file from the client to the server.

FTP Server Configuration

• Service Used: vsftpd (Very Secure FTP Daemon).
• Package Installation: yum install vsftpd
• Configuration File: /etc/vsftpd/vsftpd.conf

Main Configuration Parameters

• Anonymous User: Controls anonymous FTP access.
• Local User Login: Allows local users to authenticate and use FTP.
• Upload & Directory Creation: Whether anonymous can upload files and create directories.
• Idle Session Timeout: E.g., 600 seconds (10 minutes).
• Data Connection Timeout: E.g., 120 seconds (2 minutes).
• Log Files: Location and format of FTP log files (usually in /var/log/xferlog).

Example Commands in Practice

• Starting and Enabling FTP Service: service vsftpd start and chkconfig vsftpd on.
• Connect to FTP Server: ftp <server_IP> and provide username/password when prompted.
• Upload/Download Operations: Use get and put commands.

Security Considerations for FTP

• Permissions & Ownership: Configuring file permissions and ownership to restrict unauthorized access.
• Control Connections: Use idle and data connection timeouts to reduce risk of unauthorized usage.

Additional Tips

• Mapping User Permissions: Mapping root users from client to non-root users on the server (root_squash, no_root_squash).
• Automount Filesystems: Ensure network mount is resilient to server reboots using netdev and networkrelated options in /etc/fstab.

Break and Next Steps

• A break is scheduled before moving to the next service (likely discussing SUID, SGID, sticky bits).
• Importance of configuring both NFS and FTP properly to ensure security and functionality.