20160509 리눅스 네트워크
================================================메모================================================
윈도우서버 2주
강의 160811~160812(2일) -> 160808~160809(2일) 변경
방학 160806~160810(5일) -> 160810~160815(6일) 변경
================================================복습================================================
================================================강의================================================
[참고] 개정된 FTP 응답(FTP Response Code)
개정된 FTP 응답코드(Revised FTP Reply Codes)의 자세한 내용은 RFC_640 문서에서 찾아 볼 수 있다.
RFC 사이트: http://www.faqs.org/rfc/rfc640.txt 참조
대표적인 FTP 응답코드는 다음과 같은 것이 있다.(RFC 문서 참조)
■ 220 Service ready for new user
■ 230 User logged on, proceed
■ 331 User name okay, need password
■ 530 Not logged in
■ 221 Service closing TELNET connection (logged off if appropriate)
(주의) ftpd_banner 설정과 banner_file 설정이 두개 다 설정 되어 있는 경우에는 banner_file에 지정된 내용이 출력된다.
-> 기본적으로 인증된 사용자라면 권한(퍼미션)이 되는 범위안에서 다른 디렉토리로 이동이 가능하다. 하지만 디렉토리 이동이 가능하다면 디렉토리안의 내용을 살펴 볼수 있기 때문에 보안상 좋지 않다.
(userlist_deny=YES) 두개의 파일 중 한개의 파일에라도 사용자가 정의되어 있으면 FTP 로그인 할 수 없다.
- /etc/vsftpd/ftpusers
- /etc/vsftpd/user_list
(userlist_deny=NO) user_list 파일에 존재하는 사용자만 FTP 로그인을 할 수 있다.
- /etc/vsftpd/ftpusers
- /etc/vsftpd/user_list
(실무 예) FTP 사용자 제한
# cat /etc/vsftpd/user_list
root
wasuser
oracle
# vi /etc/vsftpd/vsftpd.conf
userlist_enable=YES
userlist_deny=NO
인증된 사용자(Local User) ---> /home/$USER
익명사용자(Anonymous User) ---> /var/ftp
(실무 예) max_clients, max_per_ip
# cat /etc/vsftd/vsftpd.conf
.....
max_clients=100
max_per_ip=3
.....
(참고) 실무에서는 max_client 개수의 제한이 필요하며, 개수의 제한은 서버의 H/W 사양에 비례한다.
[EX9] 익명사용자 FTP 서버에 파일 업로드 기능 설정
Anonymous FTP 서버에 파일 업로드 기능 설정
◾ 업로드 디렉토리(EX: /var/pub/incoming) 퍼미션 설정
◾ /etc/vsftpd/vsftpd.conf 파일 설정
◾ anon_upload_enable=YES
◾ chown_uploads=YES
◾ chown_username=ftpupload
FTP 보안
INDEX
----------------------------
■ FTP 보안 개요
■ FTP 호스트 제한
■ FTP 사용자 제한
■ FTP 프로그램 업데이트/패치
■ FTP 포트관리
----------------------------
(1) FTP 보안 개요
FTP 보안에 관한 기본적인 개념은 다음과 같은 것들에 관해 깉이 있게 살펴 보는 것이다.
■ FTP 호스트 제한
■ FTP 사용자 제한
■ FTP 프로그램 업데이트 & 패치
■ 포트 관리
인증(Authentication), 권한부여(Authorization), 접근제어(Access Control)
http://www.codeproject.com/Articles/98950/ASP-NET-authentication-and-authorization
http://resources.infosecinstitute.com/identity-management/
○ FTP 서버에서 호스트에 관한 제한을 두는 설정 : Firewall(EX: iptables), tcp_wrapper
○ FTP 서버에서 사용자에 관한 제한을 두는 설정 : /etc/vsftpd/ftpusers, /etc/vsftpd/user_list
(2-1) tcp_wrapper을 통한 FTP 서버 제한
tcp_wrapper (/usr/share/doc/tcp_wrappers-7.6)
Ÿ tcp_wrapper는 finger, ftp, telnet, rlogin, rsh, exec, tftp, talk, comsat등의 네트워크 서비스를 필터링 할 수 있는 프로그램이다.
Ÿ /usr/sbin/tcpd 데몬에 의해서 TCP 서비스를 제어 하는 역할을 가지고 있다.
Ÿ TCP 제어를 위해서는 /etc/hosts.allow, /etc/hosts.deny 파일을 가지고 설정한다.
(Rule 적용 순서)
- /etc/hosts.allow 파일에 정의된것은 허용이 되고,
- 만약 정의 되지 않은 내용이 있다면, /etc/hosts.deny 파일에 정의된것은 거부가 되고,
- 만약 정의 되지 않은 내용이 있다면, 허용된다.
------> tcpd ---+----> ① /etc/hosts.allow(Allow)
|
+----------------------------> ② /etc/hosts.deny(Deny)
|
+--------------------------------------------------> ③ (Allow)
Ÿ tcp_wrapper는 Firewall(iptable)과 비교하였을때 성능을 떨어트리지 않는 장점을 가지고 있다. 빠르게 tcp 방 식의 서비스를 제어할 수 있는 장점을 가지고 있다.
Ÿ (권장) 이 파일에 설정할 때 시스템이름이나 도메인 이름을 사용하지 말고 IP주소를 사용할 것을 권장합니다.
Ÿ (권장) 또한, /etc/hosts.deny 파일에는 deny ALL로 설정한 후 접속을 허용할 주소만 /etc/hosts.allow 파일에 기록할것을 권장한다.
Ÿ (주의) 2개의 설정파일(EX: hosts.allow, hosts.deny)에 정의를 할 때 저장하는 즉시 유효하므로 작성시에 주의하여야 합니다. (서비스를 restart 하는 방법이 아니므로 주의해야 한다.)
Ÿ 2개의 설정 파일에 정의하는 방식은 다음과 같습니다.
# cat /etc/hosts.allow (# cat /etc/hosts.deny)
<데몬이름>: <Source IP주소 or 네트워크 or 이름>::[옵션]
(5) FTP 포트 관리
(5-1) FTP 서버/클라이언트 포트 연결 과정
FTP는 연결(Connection)을 이루는 포트와 데이터를 전송하는 포트가 있다. 2개의 포트를 사용하는 서비스이다. 포 트를 서비스에 사용하는 방식은 2가지가 있는데 (ㄱ)패시브 모드(Passvie Mode)와 액티브 모드(Active Mode)로 구 분한다. 기본은 액티브 모드 상태이다. 동작 모드를 변화 시키기위해서는 ftp 명령어의 -p 옵션이나 ftp 명령어의 서브 프롬프트에서 "passive" 명령어를 사용하면 된다. 동작은 다음과 같다.
● Active Mode(Default)
① FTP Client opens command channel to server; tells server second port number to use
② FTP Server acknowledges
③ FTP Server opens data channel to clients second port as instructed
④ FTP Client acknowledges and data flows
● Passive Mode
① FTP Client opens command channel to FTP server and requests "passive" mode.
② FTP Server Allocates port for the data channel and transmits the port number to use for the data transmission
③ FTP Client opens the data channel on the specified port
④ FTP Server responds with okay to transmit and data begins to flow
패시브모드(Passive)는 파이어월(Firewall) 서버안쪽에 있는 FTP 클라이언트가 FTP 서버에 접속하여 데이터를 전송 할때 유용하게 사용될 수 있다. (man ftp 부분 중 passive 명령어 참조)
http://mintnlatte.tistory.com/407
(실무 예) Active Mode/Passive Mode 사용에 대해서
|
<----------- Intranet -----------> | <----------- Internet ----------->
|
|
------ FTP Server ---- ----- Firewall----- ------ FTP Client ------
vsftpd(21,####) | # ftp Server
/etc/vsftpd/vsftpd.conf |
|
---------------------- ------------------- ------------------------
(1) FTP 서버 구축 |
(2) 방화벽 서비스 오픈 요청 |
|
(2) 메일 관련 프로토콜
l 메일 전송을 위한 프로토콜(Mail Transport Protocol): SMTP(7bit), ESMTP(8bit) 등
l 메일 수신을 위한 프로토콜(Mail Access Protocol) : POP3(#mv), IMAP4(#cp) 등
IMAP http://www.ktword.co.kr/abbr_view.php?nav=2&m_temp1=2719&id=476
POP http://www.ktword.co.kr/abbr_view.php?nav=2&m_temp1=992&id=476
SMTP http://www.ktword.co.kr/abbr_view.php?nav=2&m_temp1=196&id=476
그림9
----------------------------------------------------------------------------
(선수지식)
●메일(MAIL)서버는 DNS 서버의 의존적
(Client) (DNS) Forward Zone File
# mailx root@paran.com -----> paran.com. IN MX 10 mail.paran.com.
mail IN A 172.16.6.XXX
●메일서버는 도메인당 하나씩 구성이 가능
(DNS) Forward Zone File
paran.com. IN MX 10 mail.paran.com.
mail IN A 172.16.6.254
paran.com. IN MX 20 mail2.paran.com.
mail2 IN A 172.16.6.253
●스팸메일 서버 구성
paran.com. IN MX 10 spam.paran.com.
spam IN A 172.16.6.254
or
paran.com. IN MX 10 spam.paran.com.
spam IN A 172.16.6.254
paran.com. IN MX 20 mail.paran.com.
mail IN A 172.16.6.253
----------------------------------------------------------------------------
<CTRL + ESC> => "cmd" => <ENTER>
C:\> nslookup -q=MX kornet.net
C:\> nslookup -q=MX naver.com
C:\> nslookup -q=MX daum.net
C:\> nslookup -q=MX google.com
(실무 예) /etc/aliases 파일의 대표적인 사용 예
webmaster@daum.net ------> webmaster@example.com
webmaster@naver.com ------> webmaster@example.com
webmaster@google.com ------> webmaster@example.com
# vi /etc/aliases
webmaster: webmaster@example.com
# newaliases
# praliases
(실무 예) /etc/aliases 파일의 대표적인 사용 예(EX: 메일링 리스트)
공지 메일(회사내의 모든 사용자에게 공지 메일 발송)
(회사내의 특정 팀에게 공지 메일 발송)
[EX4] 메일 클라이언트 프로그램 사용
메일 클라이언트 프로그램(MUA)
(GUI) 에볼루션(Evolution), 썬더버드
(TUI) mutt
(1) 메일 클라이언트 프로그램(EX: evolution 사용)
----- MAIL Client ----- ----- MAIL Server ---- ---- MAIL Server --- ----- MAIL Client -----
(linux1XX) (linux2XX) (linux2XX) (linux1XX)
MUA: Evolution MTA:sendmail MTA:sendmail MUA: Evolution
/var/spool/mqueue /var/mail/<사용자이름>
----------------------- ---------------------- -------------------- -----------------------
================================================실습================================================
[root@linux220 ~]# vi ~/.bashrc
[root@linux220 ~]# cat ~/.bashrc | tail
alias DNS='cd /var/named/chroot/var/named'
#alias named-checkconf='named-checkconf /var/named/chroot/etc/named.caching-nameserver.conf'
#
# FTP Server Alias
#
alias FTP='cd /etc/vsftpd'
alias vsftpd.conf='vi /etc/vsftpd/vsftpd.conf'
alias ftpusers='vi /etc/vsftpd/ftpusers'
alias user_list='vi /etc/vsftpd/user_list'
alias flog='tail -f /var/log/xferlog'
[root@linux220 ~]# . ~/.bashrc
[root@linux220 ~]# FTP
[root@linux220 /etc/vsftpd]# ls
ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -5
#
# Specific Configuration
#
banner_file=/etc/vsftpd/banner.txt
[root@linux220 /etc/vsftpd]# vi banner.txt
[root@linux220 /etc/vsftpd]# cat banner.txt
+====================================================+
| |
| Welcome to linux252.example.com |
| |
| |
| This is the linux252.example.com test server. |
| |
| If you have not already done so, make sure |
| you have read the Downloading/Installation, |
| FAQ, and Disclaimer links on |
| http://www.solaris254.example.com. |
| |
| This is a restricted access system. All |
| tranfers are logged. If you disagree |
| with this practice, log off now. |
| |
| Questions go to SeoungChan Baik at |
| the address given on linux252.example.com |
| |
| |
+====================================================+
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [FAILED]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# chkconfig vsftpd on
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220-+====================================================+
220-| |
220-| Welcome to linux252.example.com |
220-| |
220-| |
220-| This is the linux252.example.com test server. |
220-| |
220-| If you have not already done so, make sure |
220-| you have read the Downloading/Installation, |
220-| FAQ, and Disclaimer links on |
220-| http://www.solaris254.example.com. |
220-| |
220-| This is a restricted access system. All |
220-| tranfers are logged. If you disagree |
220-| with this practice, log off now. |
220-| |
220-| Questions go to SeoungChan Baik at |
220-| the address given on linux252.example.com |
220-| |
220-| |
220-+====================================================+
220
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -5
#
# Specific Configuration
#
#banner_file=/etc/vsftpd/banner.txt
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 Welcome to blah FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | grep ftpd_banner
ftpd_banner=Welcome to blah FTP service.
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | grep ftpd_banner
#ftpd_banner=Welcome to blah FTP service.
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# su - user01
[user01@linux220 ~]$ cp /etc/passwd file1
cp: cannot create regular file `file1': Permission denied
[user01@linux220 ~]$ ls -l
total 8
-rw-r--r-- 1 root root 2076 Apr 28 18:26 file1
-rw-r--r-- 1 root root 229 Apr 19 21:36 file2
-rw-r--r-- 1 root root 789 Apr 28 18:26 file3
-rw-r--r-- 1 root root 2076 Apr 28 21:46 file4
[user01@linux220 ~]$ su
Password:
[root@linux220 /home/user01]# rm -f file?
[root@linux220 /home/user01]# su - user01
[user01@linux220 ~]$ cp /etc/passwd file1
[user01@linux220 ~]$ cp file1 file2
[user01@linux220 ~]$ cp file1 file3
[user01@linux220 ~]$ cp file1 file4
[user01@linux220 ~]$ ls -l
total 12
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file1
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file2
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file3
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file4
[user01@linux220 ~]$ exit
logout
[root@linux220 /home/user01]# exit
exit
[user01@linux220 ~]$ ls -l
total 12
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file1
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file2
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file3
-rw-r--r-- 1 user01 user01 2076 May 9 16:24 file4
[user01@linux220 ~]$ exit
logout
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,231,157)
150 Here comes the directory listing.
-rw-r--r-- 1 501 501 2076 May 09 07:24 file1
-rw-r--r-- 1 501 501 2076 May 09 07:24 file2
-rw-r--r-- 1 501 501 2076 May 09 07:24 file3
-rw-r--r-- 1 501 501 2076 May 09 07:24 file4
226 Directory send OK.
ftp> cd /etc
250 Directory successfully changed.
ftp> dir
227 Entering Passive Mode (127,0,0,1,78,16)
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 2518 Mar 21 2012 DIR_COLORS
-rw-r--r-- 1 0 0 2420 Mar 21 2012 DIR_COLORS.xterm
drwxr-xr-x 2 0 0 4096 Apr 28 11:56 MESS
-rw-r--r-- 1 0 0 92794 Aug 06 2012 Muttrc
-rw-r--r-- 1 0 0 0 Aug 06 2012 Muttrc.local
drwxr-xr-x 4 0 0 4096 Apr 27 07:58 NetworkManager
drwxr-xr-x 8 0 0 4096 Apr 27 08:05 X11
-rw-r--r-- 1 0 0 2562 May 24 2008 a2ps-site.cfg
-rw-r--r-- 1 0 0 15288 May 24 2008 a2ps.cfg
drwxr-xr-x 4 0 0 4096 Feb 23 2012 acpi
-rw-r--r-- 1 0 0 45 May 04 12:08 adjtime
drwxr-xr-x 4 0 0 4096 Apr 11 18:35 alchemist
-rw-r--r-- 1 0 0 1512 Apr 25 2005 aliases
-rw-r----- 1 0 51 12288 May 09 07:02 aliases.db
drwxr-xr-x 4 0 0 4096 Apr 11 18:34 alsa
drwxr-xr-x 2 0 0 4096 Apr 27 08:07 alternatives
-rw-r--r-- 1 0 0 298 Mar 28 2007 anacrontab
-rw-r--r-- 1 0 0 395 Nov 22 2006 ant.conf
drwxr-xr-x 2 0 0 4096 Apr 26 13:01 ant.d
-rw-r--r-- 1 0 0 5421 May 04 12:08 asound.state
-rw------- 1 0 0 1 Oct 08 2014 at.deny
drwxr-x--- 3 0 0 4096 Apr 27 07:58 audisp
drwxr-x--- 2 0 0 4096 Apr 27 07:58 audit
-rw-r--r-- 1 0 0 717 Sep 17 2014 auto.master
-rw-r--r-- 1 0 0 581 Sep 17 2014 auto.misc
-rwxr-xr-x 1 0 0 1292 Sep 17 2014 auto.net
-rwxr-xr-x 1 0 0 742 Sep 17 2014 auto.smb
-rw------- 1 0 0 3902 Sep 17 2014 autofs_ldap_auth.conf
drwxr-xr-x 4 0 0 4096 Apr 27 08:00 avahi
-rw-r--r-- 1 0 0 1708 Apr 29 07:42 bashrc
-rw-r--r-- 1 0 0 1872 Feb 22 2012 bashrc.rpmnew
drwxr-xr-x 2 0 0 4096 May 09 07:02 blkid
drwxr-xr-x 2 0 0 4096 Apr 11 18:37 bluetooth
drwxr-xr-x 2 0 0 4096 Apr 27 07:57 bonobo-activation
-rw-r--r-- 1 0 0 351 Sep 20 2009 capi.conf
-rw-r--r-- 1 0 0 977 Feb 26 2009 cdrecord.conf
drwxr-xr-x 2 0 0 4096 Apr 29 11:21 cipe
-rw-r--r-- 1 0 0 6308 Nov 11 2007 conman.conf
drwx------ 2 0 0 4096 Apr 27 07:59 cron.d
drwxr-xr-x 2 0 0 4096 Apr 27 08:02 cron.daily
-rw-r--r-- 1 0 0 0 Apr 11 18:35 cron.deny
drwxr-xr-x 2 0 0 4096 Jan 09 2013 cron.hourly
drwxr-xr-x 2 0 0 4096 Jan 09 2013 cron.monthly
drwxr-xr-x 2 0 0 4096 Apr 27 07:59 cron.weekly
-rw-r--r-- 1 0 0 255 Jan 09 2013 crontab
-rw-r--r-- 1 0 0 1044 Feb 22 2012 csh.cshrc
-rw-r--r-- 1 0 0 823 Feb 22 2012 csh.login
drwxr-xr-x 5 0 7 4096 Apr 27 08:02 cups
drwxr-xr-x 4 0 0 4096 Apr 27 07:57 dbus-1
drwxr-xr-x 2 0 0 4096 Apr 28 08:53 default
drwxr-xr-x 2 0 0 4096 Apr 27 08:01 depmod.d
drwxr-xr-x 2 0 0 4096 Feb 22 2012 desktop-profiles
drwxr-xr-x 3 0 0 4096 Aug 24 2015 dev.d
-rw-r--r-- 1 0 0 178 Jul 08 2015 dhcp6c.conf
-rw-r--r-- 1 0 0 18484 Sep 01 2009 dnsmasq.conf
drwxr-xr-x 2 0 0 4096 Sep 01 2009 dnsmasq.d
-rw-r--r-- 1 0 0 42956 Nov 25 2014 dovecot.conf
-rw-rw-r-- 1 0 6 0 Feb 23 2012 dumpdates
-rw-r--r-- 1 0 0 4843 Dec 15 2008 enscript.cfg
-rw-r--r-- 1 0 0 0 Feb 22 2012 environment
-rw-r--r-- 1 0 0 153 Feb 22 2012 esd.conf
-rw-r--r-- 1 0 0 0 Jan 12 2000 exports
-rw-r--r-- 1 0 0 22060 Jan 07 2007 fb.modes
-rw-r--r-- 1 0 0 59 Jan 31 2006 filesystems
drwxr-xr-x 2 0 0 4096 Apr 27 08:08 firmware
drwxr-xr-x 4 0 0 4096 Apr 11 18:34 fonts
drwxr-xr-x 2 0 0 4096 Apr 27 07:58 foomatic
-rw-r--r-- 1 0 0 1644 May 02 09:51 fstab
-rw-r--r-- 1 0 0 1471 Apr 28 07:13 fstab.old
drwxr-xr-x 6 0 0 4096 Apr 11 18:36 gconf
drwxr-xr-x 2 0 0 4096 Oct 24 2013 gcrypt
drwxr-xr-x 7 0 0 4096 Apr 27 07:59 gdm
drwxr-xr-x 2 0 0 4096 Sep 24 2013 ghostscript
drwxr-xr-x 4 0 0 4096 Dec 03 2013 gimp
drwxr-xr-x 3 0 0 4096 Jul 10 2013 gnome-vfs-2.0
-rw-r--r-- 1 0 0 10793 Jan 06 2007 gnome-vfs-mime-magic
-rw-r--r-- 1 0 0 1756 Jan 06 2007 gpm-root.conf
-rw-r--r-- 1 0 0 789 Apr 28 09:26 group
-rw-r--r-- 1 0 0 775 Apr 28 09:26 group-
lrwxrwxrwx 1 0 0 22 Apr 11 18:41 grub.conf -> ../boot/grub/grub.conf
-r-------- 1 0 0 654 Apr 28 09:26 gshadow
-r-------- 1 0 0 643 Apr 28 09:26 gshadow-
-rw-r--r-- 1 0 0 833 Mar 22 2007 gssapi_mech.conf
drwxr-xr-x 3 0 0 4096 Apr 27 08:06 gtk-2.0
drwxr-xr-x 3 0 0 4096 Jan 09 2013 hal
-rw-r--r-- 1 0 0 0 Feb 22 2012 host.conf
-rw-r--r-- 1 0 0 276 May 03 10:03 hosts
-rw-r--r-- 1 0 0 161 Jan 12 2000 hosts.allow
-rw-r--r-- 1 0 0 165 Feb 22 2012 hosts.deny
drwxr-xr-x 2 0 0 4096 Apr 27 08:01 hp
drwxr-xr-x 4 0 0 4096 Apr 27 07:58 httpd
-rw-r--r-- 1 0 0 3579 May 06 2015 idmapd.conf
lrwxrwxrwx 1 0 0 11 Apr 11 18:34 init.d -> rc.d/init.d
-rw-r--r-- 1 0 0 658 Sep 22 2014 initlog.conf
-rw-r--r-- 1 0 0 1666 Apr 11 18:41 inittab
-rw-r--r-- 1 0 0 758 Sep 23 2004 inputrc
drwxr-xr-x 2 0 0 4096 Apr 27 07:55 iproute2
drwxr-xr-x 2 0 0 4096 Apr 26 12:43 iscsi
drwxr-xr-x 2 0 0 4096 Apr 11 18:37 isdn
-rw-r--r-- 1 0 0 48 Sep 19 2014 issue
-rw-r--r-- 1 0 0 47 Sep 19 2014 issue.net
drwxr-xr-x 3 0 0 4096 Apr 27 07:56 java
drwxr-xr-x 2 0 0 4096 Jan 09 2013 jvm
drwxr-xr-x 2 0 0 4096 Jan 09 2013 jvm-commmon
-rw-r--r-- 1 0 0 32016 May 04 2011 jwhois.conf
-rw-r--r-- 1 0 0 1265 Apr 27 07:59 kdump.conf
-rw-r--r-- 1 0 0 608 Sep 03 2014 krb5.conf
-rw-r--r-- 1 0 0 45719 Apr 27 08:55 ld.so.cache
-rw-r--r-- 1 0 0 28 Oct 08 2006 ld.so.conf
drwxr-xr-x 2 0 0 4096 Apr 27 08:04 ld.so.conf.d
-rw-r--r-- 1 0 0 9028 Jun 15 2015 ldap.conf
-rw-r--r-- 1 0 0 3544 Jan 09 2013 lftp.conf
-rw-r----- 1 0 0 191 Oct 27 2011 libaudit.conf
-rw-r--r-- 1 0 0 2506 Aug 07 2012 libuser.conf
drwx------ 3 0 0 4096 Apr 26 12:53 libvirt
-rw-r--r-- 1 0 0 557 Apr 27 07:57 localtime
-rw-r--r-- 1 0 0 1503 Sep 17 2014 login.defs
-rw-r--r-- 1 0 0 619 Jun 04 2012 logrotate.conf
drwxr-xr-x 2 0 0 4096 Apr 27 08:05 logrotate.d
drwxr-xr-x 4 0 0 4096 Aug 29 2012 logwatch
drwxr-xr-x 2 0 0 4096 Apr 27 08:08 lsb-release.d
drwxr-xr-x 5 0 0 4096 Apr 27 07:56 lvm
drwxr-xr-x 3 0 0 4096 Apr 27 07:58 mail
-rw-r--r-- 1 0 0 112 Jan 07 2007 mail.rc
-rw-r--r-- 1 0 0 293 Jan 07 2007 mailcap
drwxr-xr-x 2 0 0 4096 Apr 11 18:35 makedev.d
-rw-r--r-- 1 0 0 4617 May 30 2012 man.config
drwxr-xr-x 2 0 0 4096 Apr 27 07:56 maven
drwxr-xr-x 2 0 0 4096 Apr 11 18:34 mgetty+sendfax
-rw-r--r-- 1 0 0 14100 Jan 07 2007 mime.types
-rw-r--r-- 1 0 0 1112 Jan 07 2007 minicom.users
-rw-r--r-- 1 0 0 330 Sep 18 2014 mke2fs.conf
-rw-r--r-- 1 0 0 560 May 02 08:57 modprobe.conf
-rw-r--r-- 1 0 0 579 May 02 08:57 modprobe.conf~
drwxr-xr-x 2 0 0 4096 Apr 27 08:06 modprobe.d
-rw-r--r-- 1 0 0 0 Jan 12 2000 motd
-rw-r--r-- 1 0 0 453 May 09 07:02 mtab
-rw-r--r-- 1 0 0 1983 Jan 07 2007 mtools.conf
-rw-r--r-- 1 0 0 2706 Oct 22 2015 multipath.conf
-rw-r--r-- 1 0 0 441 Jan 22 2013 my.cnf
lrwxrwxrwx 1 0 25 51 May 02 12:04 named.caching-nameserver.conf -> /var/named/chroot/etc/named.caching-nameserver.conf
lrwxrwxrwx 1 0 25 41 May 02 12:04 named.rfc1912.zones -> /var/named/chroot/etc/named.rfc1912.zones
drwxr-xr-x 2 0 0 4096 Apr 27 07:56 netplug
drwxr-xr-x 2 0 0 4096 Apr 27 07:56 netplug.d
drwxr-xr-x 2 9 13 4096 Apr 11 18:35 news
-rw-r--r-- 1 0 0 1895 Aug 17 2015 nscd.conf
-rw-r--r-- 1 0 0 1717 Apr 27 08:02 nsswitch.conf
drwxr-xr-x 2 0 0 4096 Apr 27 08:05 ntp
-rw-r--r-- 1 0 0 1868 Dec 20 2014 ntp.conf
drwxr-xr-x 2 0 0 4096 Feb 23 2012 oddjob
-rw-r--r-- 1 0 0 4461 Jul 19 2006 oddjobd.conf
drwxr-xr-x 2 0 0 4096 Apr 27 08:05 oddjobd.conf.d
drwxr-xr-x 3 0 0 4096 Apr 27 07:57 openldap
drwxr-xr-x 2 0 0 4096 May 11 2011 opt
drwxr-xr-x 2 0 0 4096 Apr 27 08:05 pam.d
drwxr-xr-x 2 0 0 4096 Apr 27 08:00 pam_pkcs11
-rw-r--r-- 1 0 0 12 Jan 06 2007 pam_smb.conf
drwxr-xr-x 3 0 0 4096 Apr 27 07:55 pango
-rw-r--r-- 1 0 0 2076 Apr 28 09:26 passwd
-rw-r--r-- 1 0 0 2035 Apr 28 09:26 passwd-
drwxr-xr-x 2 0 0 4096 Apr 11 18:37 pcmcia
drwxr-xr-x 2 0 0 4096 Apr 26 11:49 php.d
-rw-r--r-- 1 0 0 45079 Nov 06 2014 php.ini
-rw-r--r-- 1 0 0 2875 Jan 07 2007 pinforc
drwxr-xr-x 7 0 0 4096 May 11 2011 pki
drwxr-xr-x 5 0 0 4096 Apr 27 08:05 pm
drwxr-xr-x 3 0 0 4096 Apr 27 07:59 ppp
-rw-r--r-- 1 0 0 383503 May 03 08:10 prelink.cache
-rw-r--r-- 1 0 0 973 Sep 18 2008 prelink.conf
drwxr-xr-x 2 0 0 4096 Apr 11 20:00 prelink.conf.d
-rw-r--r-- 1 0 0 135 May 09 07:02 printcap
-rw-r--r-- 1 0 0 1099 Apr 29 07:39 profile
drwxr-xr-x 2 0 0 4096 Apr 29 07:40 profile.d
-rw-r--r-- 1 0 0 1344 Feb 22 2012 profile.rpmnew
-rw-r--r-- 1 0 0 6108 Oct 11 2006 protocols
drwxr-xr-x 2 0 0 4096 Apr 27 08:02 purple
-rw-r--r-- 1 0 0 220 Jan 09 2013 quotagrpadmins
-rw-r--r-- 1 0 0 290 Jan 09 2013 quotatab
drwxr-xr-x 3 0 0 4096 Apr 27 07:59 racoon
lrwxrwxrwx 1 0 0 7 Apr 27 07:58 rc -> rc.d/rc
drwxr-xr-x 10 0 0 4096 Apr 27 07:58 rc.d
lrwxrwxrwx 1 0 0 13 Apr 27 07:58 rc.local -> rc.d/rc.local
-rwxr-x--- 1 9 13 4428 Jan 26 2010 rc.news
lrwxrwxrwx 1 0 0 15 Apr 27 07:58 rc.sysinit -> rc.d/rc.sysinit
lrwxrwxrwx 1 0 0 10 Apr 27 07:58 rc0.d -> rc.d/rc0.d
lrwxrwxrwx 1 0 0 10 Apr 27 07:58 rc1.d -> rc.d/rc1.d
lrwxrwxrwx 1 0 0 10 Apr 27 07:58 rc2.d -> rc.d/rc2.d
lrwxrwxrwx 1 0 0 10 Apr 27 07:58 rc3.d -> rc.d/rc3.d
lrwxrwxrwx 1 0 0 10 Apr 27 07:58 rc4.d -> rc.d/rc4.d
lrwxrwxrwx 1 0 0 10 Apr 27 07:58 rc5.d -> rc.d/rc5.d
lrwxrwxrwx 1 0 0 10 Apr 27 07:58 rc6.d -> rc.d/rc6.d
drwxr-xr-x 2 0 0 4096 Apr 11 18:35 readahead.d
-rw-r--r-- 1 0 0 435 May 09 07:02 reader.conf
drwxr-xr-x 2 0 0 4096 Apr 27 08:00 reader.conf.d
drwxr-xr-x 2 0 0 4096 Apr 27 08:04 redhat-lsb
-rw-r--r-- 1 0 0 28 Sep 19 2014 redhat-release
-rw-r--r-- 1 0 0 1484 Jan 06 2007 request-key.conf
-rw-r--r-- 1 0 0 76 May 03 12:58 resolv.conf
drwxr-xr-x 3 0 0 4096 Apr 11 18:36 rhgb
lrwxrwxrwx 1 0 0 11 Apr 27 07:56 rmt -> ../sbin/rmt
lrwxrwxrwx 1 0 0 31 May 03 11:31 rndc.conf -> /var/named/chroot/etc/rndc.conf
lrwxrwxrwx 1 0 25 31 Apr 11 18:37 rndc.key -> /var/named/chroot//etc/rndc.key
-rw-r--r-- 1 0 0 1615 Aug 30 2001 rpc
drwxr-xr-x 2 0 0 4096 Dec 09 2014 rpm
-rw-r--r-- 1 0 0 133 Apr 29 08:19 rsyncd.conf
-rw-r--r-- 1 0 0 754 Sep 22 2014 rwtab
drwxr-xr-x 2 0 0 4096 Sep 22 2014 rwtab.d
drwxr-xr-x 2 0 0 4096 Apr 27 07:59 samba
drwxr-xr-x 2 0 0 4096 Apr 11 18:37 sane.d
drwxr-xr-x 2 0 0 4096 Sep 03 2012 sasl2
drwxr-xr-x 2 0 0 4096 Apr 27 07:58 scim
-rw-r--r-- 1 0 0 103 Mar 14 2007 scrollkeeper.conf
-rw-r--r-- 1 0 0 666 Aug 24 2015 scsi_id.config
-rw------- 1 0 0 190 Apr 19 12:41 securetty
drwxr-xr-x 5 0 0 4096 Apr 27 07:58 security
drwxr-xr-x 3 0 0 4096 Sep 17 2014 selinux
-rw-r--r-- 1 0 0 362031 Feb 23 2006 services
-rw-r--r-- 1 0 0 216 Oct 01 2013 sestatus.conf
drwxr-xr-x 2 0 0 4096 Apr 27 08:04 setroubleshoot
drwxr-xr-x 2 0 0 4096 Apr 11 18:35 setuptool.d
drwxr-xr-x 2 0 0 4096 Apr 26 13:00 sgml
-r-------- 1 0 0 1419 Apr 28 09:26 shadow
-r-------- 1 0 0 1294 Apr 28 09:26 shadow-
-rw-r--r-- 1 0 0 60 Apr 11 18:35 shells
drwxr-xr-x 3 0 0 4096 Apr 28 08:28 skel
-rw-r--r-- 1 0 0 21851 Jan 06 2007 slrn.rc
-rw-r--r-- 1 0 0 6717 Jan 09 2013 smartd.conf
drwxr-xr-x 2 0 0 4096 Mar 16 2015 smrsh
drwxr-xr-x 3 0 0 4096 Mar 14 2007 sound
drwxr-xr-x 2 0 0 4096 Apr 27 08:00 squid
drwxr-xr-x 2 0 0 4096 Apr 27 07:59 ssh
drwxr-xr-x 2 0 0 4096 Nov 03 2014 stunnel
-r--r----- 1 0 0 3381 Mar 10 2014 sudoers
drwxr-xr-x 10 0 0 4096 May 03 10:18 sysconfig
-rw-r--r-- 1 0 0 994 Sep 22 2014 sysctl.conf
-rw-r--r-- 1 0 0 938 Apr 11 18:35 syslog.conf
-rw------- 1 0 0 6411 May 25 2008 tcsd.conf
-rw-r--r-- 1 0 0 807103 Jan 06 2007 termcap
drwxrwxr-x 3 0 91 4096 Apr 26 13:01 tomcat5
-rw-r--r-- 1 0 0 1309 May 09 07:02 tpvmlp.conf
-rw-r--r-- 1 0 0 2643 Jan 07 2007 tux.mime.types
drwxr-xr-x 5 0 0 4096 Apr 27 07:57 udev
-rw-r--r-- 1 0 0 143 Apr 11 20:00 updatedb.conf
-rw-r--r-- 1 0 0 1533 Jan 09 2013 vimrc
-rw-r--r-- 1 0 0 1533 Jan 09 2013 virc
drwxr-xr-x 3 0 0 4096 Apr 11 20:00 vmware-caf
drwxr-xr-x 6 0 0 4096 Apr 27 08:33 vmware-tools
drwxr-xr-x 2 0 0 4096 May 09 07:21 vsftpd
-rw-r--r-- 1 0 0 2678 Jan 09 2013 warnquota.conf
-rw-r--r-- 1 0 0 23735 Jan 09 2007 webalizer.conf
-rw-r--r-- 1 0 0 4204 May 10 2012 wgetrc
drwxr-xr-x 2 0 0 4096 Apr 27 07:58 wpa_supplicant
-rw-r--r-- 1 0 0 0 May 02 08:49 wvdial.conf
drwxr-xr-x 4 0 0 4096 Apr 11 18:36 xdg
-rw-r--r-- 1 0 0 1001 Oct 08 2013 xinetd.conf
drwxr-xr-x 2 0 0 4096 Apr 29 09:35 xinetd.d
drwxr-xr-x 2 0 0 4096 Apr 11 18:35 xml
-rw-r--r-- 1 0 0 585 Jun 30 2011 yp.conf
drwxr-xr-x 3 0 0 4096 Apr 27 08:05 yum
-rw-r--r-- 1 0 0 379 Jul 26 2012 yum.conf
drwxr-xr-x 2 0 0 4096 Apr 27 09:31 yum.repos.d
226 Directory send OK.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -5
#
# Specific Configuration
#
#banner_file=/etc/vsftpd/banner.txt
chroot_local_user=YES
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,54,1)
150 Here comes the directory listing.
-rw-r--r-- 1 501 501 2076 May 09 07:24 file1
-rw-r--r-- 1 501 501 2076 May 09 07:24 file2
-rw-r--r-- 1 501 501 2076 May 09 07:24 file3
-rw-r--r-- 1 501 501 2076 May 09 07:24 file4
226 Directory send OK.
ftp> cd /etc
550 Failed to change directory.
ftp> dir
227 Entering Passive Mode (127,0,0,1,209,116)
150 Here comes the directory listing.
-rw-r--r-- 1 501 501 2076 May 09 07:24 file1
-rw-r--r-- 1 501 501 2076 May 09 07:24 file2
-rw-r--r-- 1 501 501 2076 May 09 07:24 file3
-rw-r--r-- 1 501 501 2076 May 09 07:24 file4
226 Directory send OK.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -5
#
# Specific Configuration
#
#banner_file=/etc/vsftpd/banner.txt
#chroot_local_user=YES
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# ls
banner.txt ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh
[root@linux220 /etc/vsftpd]# cat user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
#root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -5
# Specific Configuration
#
#banner_file=/etc/vsftpd/banner.txt
#chroot_local_user=YES
userlist_deny=NO
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# vi user_list
[root@linux220 /etc/vsftpd]# cat user_list | tail -3
games
nobody
user01
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): root
530 Permission denied.
Login failed.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -3
#banner_file=/etc/vsftpd/banner.txt
#chroot_local_user=YES
#userlist_deny=NO
[root@linux220 /etc/vsftpd]# vi user_list
[root@linux220 /etc/vsftpd]# cat user_list | tail -3
operator
games
nobody
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# cd /var/ftp
[root@linux220 /var/ftp]# ls -l
total 8.0K
drwxr-xr-x 2 root root 4.0K Jan 9 2013 pub
[root@linux220 /var/ftp]# cd pub
[root@linux220 /var/ftp/pub]# mkdir test
[root@linux220 /var/ftp/pub]# cd test
[root@linux220 /var/ftp/pub/test]# cp /etc/passwd .
[root@linux220 /var/ftp/pub/test]# ls
passwd
[root@linux220 /var/ftp/pub/test]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,233,62)
150 Here comes the directory listing.
drwxr-xr-x 3 0 0 4096 May 09 07:41 pub
226 Directory send OK.
ftp> cd pub
250 Directory successfully changed.
ftp> dir
227 Entering Passive Mode (127,0,0,1,84,175)
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 May 09 07:41 test
226 Directory send OK.
ftp> cd test
250 Directory successfully changed.
ftp> dir
227 Entering Passive Mode (127,0,0,1,116,228)
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 2076 May 09 07:41 passwd
226 Directory send OK.
ftp> quit
221 Goodbye.
[root@linux220 /var/ftp/pub/test]# firefox &
[1] 5411
[root@linux220 /var/ftp/pub/test]#
(Gecko:5411): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5411): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
(Gecko:5411): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5411): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[1]+ Done firefox
[root@linux220 /var/ftp/pub/test]#
그림1
그림2
[root@linux220 /var/ftp/pub/test]# FTP
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -3
#chroot_local_user=YES
#userlist_deny=NO
listen_port=2121
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# ftp localhost
ftp: connect: Connection refused
ftp> quit
[root@linux220 /etc/vsftpd]# ftp localhost 21
ftp: connect: Connection refused
ftp> quit
[root@linux220 /etc/vsftpd]# ftp localhost 2121
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -3
#chroot_local_user=YES
#userlist_deny=NO
#listen_port=2121
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
You have new mail in /var/spool/mail/root
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -3
#userlist_deny=NO
#listen_port=2121
max_clients=3
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> 221 Goodbye.
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -3
#userlist_deny=NO
#listen_port=2121
#max_clients=3
[root@linux220 /etc/vsftpd]#
그림3
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -3
#listen_port=2121
#max_clients=3
max_per_ip=3
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# vi vsftpd.conf
[root@linux220 /etc/vsftpd]# cat vsftpd.conf | tail -3
#listen_port=2121
#max_clients=3
#max_per_ip=3
[root@linux220 /etc/vsftpd]#
그림4
[root@linux220 /etc/vsftpd]# cd /var/ftp/pub
[root@linux220 /var/ftp/pub]# mkdir incoming
[root@linux220 /var/ftp/pub]# chmod 603 incoming
[root@linux220 /var/ftp/pub]# ls -l
total 8.0K
drw-----wx 2 root root 4.0K May 9 17:27 incoming
drwxr-xr-x 2 root root 4.0K May 9 16:41 test
[root@linux220 /var/ftp/pub]# useradd -d /var/ftp/pub/incoming -r -s /sbin/nologin ftpupload
[root@linux220 /var/ftp/pub]# vi /etc/vsftpd/vsftpd.conf
[root@linux220 /var/ftp/pub]# cat /etc/vsftpd/vsftpd.conf | grep anon_upload
anon_upload_enable=YES
[root@linux220 /var/ftp/pub]# cat /etc/vsftpd/vsftpd.conf | grep chown_
chown_uploads=YES
chown_username=ftpupload
[root@linux220 /var/ftp/pub]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /var/ftp/pub]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd pub/incoming
250 Directory successfully changed.
ftp> put
(local-file) /etc/passwd
(remote-file) passwd
local: /etc/passwd remote: passwd
227 Entering Passive Mode (127,0,0,1,69,116)
150 Ok to send data.
226 File receive OK.
2133 bytes sent in 5.5e-05 seconds (3.8e+04 Kbytes/s)
ftp> ls
227 Entering Passive Mode (127,0,0,1,98,227)
150 Here comes the directory listing.
226 Transfer done (but failed to open directory).
ftp> quit
221 Goodbye.
[root@linux220 /var/ftp/pub]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
hsqldb:x:96:96::/var/lib/hsqldb:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
fedora:x:500:500:fedora:/home/fedora:/bin/bash
tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh
user01:x:501:501::/home/user01:/bin/bash
user02:x:502:502::/home/user02:/bin/bash
user03:x:503:503::/home/user03:/bin/bash
ftpupload:x:101:103::/var/ftp/pub/incoming:/sbin/nologin
[root@linux220 /var/ftp/pub]# ls -l /var/ftp/pub/incoming/
total 4.0K
-rw------- 1 ftpupload ftp 2.1K May 9 17:39 passwd
[root@linux220 /var/ftp/pub]# vi /etc/vsftpd//vsftpd.conf
[root@linux220 /var/ftp/pub]# cat /etc/vsftpd//vsftpd.conf | grep anon_upload
#anon_upload_enable=YES
[root@linux220 /var/ftp/pub]# cat /etc/vsftpd//vsftpd.conf | grep chown_
#chown_uploads=YES
#chown_username=whoever
[root@linux220 /var/ftp/pub]#
[참고] max_clients 개수의 산정
max_clients의 개수는 서버의 자원(CPU, MEM, DISK, Network)에 따라서 결정할 수 있다.
[TERM1] 테스트용 윈도우1
# pgrep –lf vsftpd
8868 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
# ftp localhost
user01 사용자로 로그인
[TERM2] 테스트용 윈도우2
# pgrep -lf vsftpd
8868 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
10262 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
10265 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
# pmap 8868
..... (중략) .....
00002b0480fab000 2048K ----- /lib64/libsepol.so.1
00002b04811ab000 4K rw--- /lib64/libsepol.so.1
00002b04811ac000 48K rw--- [ anon ]
00002b0499578000 132K rw--- [ anon ]
00007fff1d94a000 84K rw--- [ stack ]
00007fff1d9fd000 12K r-x-- [ anon ]
ffffffffff600000 8192K ----- [ anon ]
total 52488K
-> 8868(vsftpd) 데몬 하나가 약 5M 정도의 메모리 공간을 사용한다.
-> 한명의 FTP 사용자가 접속할 때 마다 vsftpd 데몬이 2개(한개당 5M 정도씩) 뜨게 되는 것이다.
# pmap `pgrep vsftpd` | grep total
total 52488K
total 54580K
total 54604K
# top (# top -n 1 | grep Mem:)
Tasks: 157 total, 1 running, 155 sleeping, 0 stopped, 1 zombie
Cpu(s): 1.6%us, 0.7%sy, 0.0%ni, 97.4%id, 0.0%wa, 0.2%hi, 0.1%si, 0.0%st
Mem: 1035032k total, 519328k used, 515704k free, 32448k buffers
Swap: 1052248k total, 0k used, 1052248k free, 365828k cached
..... (중략) .....
-> 전체 메모리 : 1035032KB
-> 사용중인 메모리 : 519328KB
-> 남은 메모리 공간: 515704KB
1035032KB * (80/100) * {(남은메모리) * (80/100)}
전체메모리의 OS를 사용하기 위한 20%를 제외하고
남은 80% 중에서 사용량을 제외한 용량에서 80% 정도를 산정
7일의 샘플링구간을 둬서 사용량 분석 -> 최종치 결정
ftp 보통 per ip 2개
그림5
그림6
그림7
[root@linux220 ~]# ftp -d localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
ftp: setsockopt: Bad file descriptor
---> AUTH GSSAPI
530 Please login with USER and PASS.
---> AUTH KERBEROS_V4
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): root
---> USER root
331 Please specify the password.
Password:
---> PASS XXXX
230 Login successful.
cmds.c:284: verbose=1 debug=1 overbose=1
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
---> PASV
227 Entering Passive Mode (127,0,0,1,44,208)
---> LIST
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Apr 11 20:24 Desktop
drwx------ 2 0 0 4096 May 02 11:52 Downloads
-rw-r--r-- 1 0 0 1690 Apr 27 09:17 RPM-GPG-KEY-test
-rw------- 1 0 0 1413 Apr 11 18:41 anaconda-ks.cfg
drwxr-xr-x 2 0 0 4096 Apr 28 11:49 bin
-rw------- 1 0 0 92 Apr 26 13:15 dead.letter
-rw-r--r-- 1 0 0 30720 Apr 11 18:41 install.log
-rw-r--r-- 1 0 0 5639 Apr 11 18:41 install.log.syslog
-rw-r--r-- 1 0 0 1048576 May 04 11:42 linux220.txt
-rw------- 1 0 0 32567 Apr 26 13:16 mbox
drwxr-xr-x 3 0 0 4096 Apr 22 11:41 mnt
drwxr-xr-x 3 0 0 4096 Apr 26 13:03 workspace
-rw-r--r-- 1 0 0 278362 Apr 26 11:44 yum.log
226 Directory send OK.
ftp> help
Commands may be abbreviated. Commands are:
! cr mdir proxy send
$ delete mget sendport site
account debug mkdir put size
append dir mls pwd status
ascii disconnect mode quit struct
bell form modtime quote system
binary get mput recv sunique
bye glob newer reget tenex
case hash nmap rstatus trace
ccc help nlist rhelp type
cd idle ntrans rename user
cdup image open reset umask
chmod lcd passive restart verbose
clear ls private rmdir ?
close macdef prompt runique
cprotect mdelete protect safe
ftp> passive
Passive mode off.
ftp> passive
Passive mode on.
ftp> quit
---> QUIT
221 Goodbye.
[root@linux220 ~]# ftp -d localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
ftp: setsockopt: Bad file descriptor
---> AUTH GSSAPI
530 Please login with USER and PASS.
---> AUTH KERBEROS_V4
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): root
---> USER root
331 Please specify the password.
Password:
---> PASS XXXX
230 Login successful.
cmds.c:284: verbose=1 debug=1 overbose=1
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode off.
ftp> ls
---> PORT 127,0,0,1,173,1
200 PORT command successful. Consider using PASV.
---> LIST
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Apr 11 20:24 Desktop
drwx------ 2 0 0 4096 May 02 11:52 Downloads
-rw-r--r-- 1 0 0 1690 Apr 27 09:17 RPM-GPG-KEY-test
-rw------- 1 0 0 1413 Apr 11 18:41 anaconda-ks.cfg
drwxr-xr-x 2 0 0 4096 Apr 28 11:49 bin
-rw------- 1 0 0 92 Apr 26 13:15 dead.letter
-rw-r--r-- 1 0 0 30720 Apr 11 18:41 install.log
-rw-r--r-- 1 0 0 5639 Apr 11 18:41 install.log.syslog
-rw-r--r-- 1 0 0 1048576 May 04 11:42 linux220.txt
-rw------- 1 0 0 32567 Apr 26 13:16 mbox
drwxr-xr-x 3 0 0 4096 Apr 22 11:41 mnt
drwxr-xr-x 3 0 0 4096 Apr 26 13:03 workspace
-rw-r--r-- 1 0 0 278362 Apr 26 11:44 yum.log
226 Directory send OK.
ftp> quit
---> QUIT
221 Goodbye.
[root@linux220 ~]#
[TERM1]
[root@linux220 ~]# tail -f /var/log/xferlog
Mon May 9 08:39:36 2016 1 127.0.0.1 2133 /pub/incoming/passwd b _ i a ftp ftp 0 * c
Mon May 9 09:46:55 2016 1 127.0.0.1 2133 /test/file1 b _ o r root ftp 0 * c
Mon May 9 09:47:09 2016 1 127.0.0.1 2133 /root/file1 b _ i r root ftp 0 * c
[root@linux220 ~]#
[TERM2]
[root@linux220 ~]# cp /etc/passwd /test/file1
cp: overwrite `/test/file1'? y
[root@linux220 ~]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): root
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /test
250 Directory successfully changed.
ftp> lcd /tmp
Local directory now /tmp
ftp> bin
200 Switching to Binary mode.
ftp> hash
Hash mark printing on (1024 bytes/hash mark).
ftp> prompt
Interactive mode off.
ftp> mget file1
local: file1 remote: file1
227 Entering Passive Mode (127,0,0,1,201,75)
150 Opening BINARY mode data connection for file1 (2133 bytes).
##
226 File send OK.
2133 bytes received in 5.9e-05 seconds (3.5e+04 Kbytes/s)
ftp> cd /root
250 Directory successfully changed.
ftp> lcd /tmp
Local directory now /tmp
ftp> mput file1
local: file1 remote: file1
227 Entering Passive Mode (127,0,0,1,150,94)
150 Ok to send data.
##
226 File receive OK.
2133 bytes sent in 9.3e-05 seconds (2.2e+04 Kbytes/s)
ftp> quit
221 Goodbye.
[root@linux220 ~]#
그림8
[root@linux220 ~]# telnet localhost 110
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused
[root@linux220 ~]# rpm -qa | grep dovecot
dovecot-1.0.7-9.el5_11.4
[root@linux220 ~]# rpm -qa dovecot
dovecot-1.0.7-9.el5_11.4
[root@linux220 ~]# rpm -ql dovecot
/etc/dovecot.conf
/etc/pam.d/dovecot
/etc/pki/dovecot
/etc/pki/dovecot/certs
/etc/pki/dovecot/certs/dovecot.pem
/etc/pki/dovecot/dovecot-openssl.cnf
/etc/pki/dovecot/private
/etc/pki/dovecot/private/dovecot.pem
/etc/rc.d/init.d/dovecot
/etc/sysconfig/dovecot
/usr/lib/dovecot
/usr/lib/dovecot/imap
/usr/lib/dovecot/imap/lib01_acl_plugin.so
/usr/lib/dovecot/imap/lib02_lazy_expunge_plugin.so
/usr/lib/dovecot/imap/lib10_quota_plugin.so
/usr/lib/dovecot/imap/lib11_imap_quota_plugin.a
/usr/lib/dovecot/imap/lib11_imap_quota_plugin.la
/usr/lib/dovecot/imap/lib11_imap_quota_plugin.so
/usr/lib/dovecot/imap/lib11_trash_plugin.so
/usr/lib/dovecot/imap/lib20_convert_plugin.so
/usr/lib/dovecot/imap/lib20_mail_log_plugin.so
/usr/lib/dovecot/imap/lib20_zlib_plugin.a
/usr/lib/dovecot/imap/lib20_zlib_plugin.la
/usr/lib/dovecot/imap/lib20_zlib_plugin.so
/usr/lib/dovecot/lda
/usr/lib/dovecot/lda/lib01_acl_plugin.so
/usr/lib/dovecot/lda/lib10_quota_plugin.so
/usr/lib/dovecot/lda/lib11_trash_plugin.so
/usr/lib/dovecot/lda/lib20_convert_plugin.so
/usr/lib/dovecot/lda/lib20_mail_log_plugin.so
/usr/lib/dovecot/lib01_acl_plugin.a
/usr/lib/dovecot/lib01_acl_plugin.la
/usr/lib/dovecot/lib01_acl_plugin.so
/usr/lib/dovecot/lib02_lazy_expunge_plugin.a
/usr/lib/dovecot/lib02_lazy_expunge_plugin.la
/usr/lib/dovecot/lib02_lazy_expunge_plugin.so
/usr/lib/dovecot/lib10_quota_plugin.a
/usr/lib/dovecot/lib10_quota_plugin.la
/usr/lib/dovecot/lib10_quota_plugin.so
/usr/lib/dovecot/lib11_trash_plugin.a
/usr/lib/dovecot/lib11_trash_plugin.la
/usr/lib/dovecot/lib11_trash_plugin.so
/usr/lib/dovecot/lib20_convert_plugin.a
/usr/lib/dovecot/lib20_convert_plugin.la
/usr/lib/dovecot/lib20_convert_plugin.so
/usr/lib/dovecot/lib20_mail_log_plugin.a
/usr/lib/dovecot/lib20_mail_log_plugin.la
/usr/lib/dovecot/lib20_mail_log_plugin.so
/usr/lib/dovecot/pop3
/usr/lib/dovecot/pop3/lib02_lazy_expunge_plugin.so
/usr/lib/dovecot/pop3/lib10_quota_plugin.so
/usr/lib/dovecot/pop3/lib20_convert_plugin.so
/usr/lib/dovecot/pop3/lib20_mail_log_plugin.so
/usr/libexec/dovecot
/usr/libexec/dovecot/checkpassword-reply
/usr/libexec/dovecot/deliver
/usr/libexec/dovecot/dict
/usr/libexec/dovecot/dovecot-auth
/usr/libexec/dovecot/gdbhelper
/usr/libexec/dovecot/idxview
/usr/libexec/dovecot/imap
/usr/libexec/dovecot/imap-login
/usr/libexec/dovecot/logview
/usr/libexec/dovecot/pop3
/usr/libexec/dovecot/pop3-login
/usr/libexec/dovecot/rawlog
/usr/libexec/dovecot/ssl-build-param
/usr/sbin/dovecot
/usr/sbin/dovecotpw
/usr/share/doc/dovecot-1.0.7
/usr/share/doc/dovecot-1.0.7/COPYING
/usr/share/doc/dovecot-1.0.7/COPYING.LGPL
/usr/share/doc/dovecot-1.0.7/COPYING.MIT
/usr/share/doc/dovecot-1.0.7/REDHAT-FAQ.txt
/usr/share/doc/dovecot-1.0.7/UW-to-Dovecot-Migration
/usr/share/doc/dovecot-1.0.7/UW-to-Dovecot-Migration/maildir-migration.txt
/usr/share/doc/dovecot-1.0.7/UW-to-Dovecot-Migration/migrate-folders
/usr/share/doc/dovecot-1.0.7/UW-to-Dovecot-Migration/migrate-users
/usr/share/doc/dovecot-1.0.7/UW-to-Dovecot-Migration/perfect_maildir.pl
/usr/share/doc/dovecot-1.0.7/auth-protocol.txt
/usr/share/doc/dovecot-1.0.7/documentation.txt
/usr/share/doc/dovecot-1.0.7/examples
/usr/share/doc/dovecot-1.0.7/examples/dovecot-ldap-example.conf
/usr/share/doc/dovecot-1.0.7/examples/dovecot-sql-example.conf
/usr/share/doc/dovecot-1.0.7/examples/mkcert.sh
/usr/share/doc/dovecot-1.0.7/securecoding.txt
/usr/share/doc/dovecot-1.0.7/wiki
/usr/share/doc/dovecot-1.0.7/wiki/ACL.txt
/usr/share/doc/dovecot-1.0.7/wiki/AixPluginsSupport.txt
/usr/share/doc/dovecot-1.0.7/wiki/AuthDatabase.LDAP.txt
/usr/share/doc/dovecot-1.0.7/wiki/AuthDatabase.Passwd.txt
/usr/share/doc/dovecot-1.0.7/wiki/AuthDatabase.PasswdFile.txt
/usr/share/doc/dovecot-1.0.7/wiki/AuthDatabase.SQL.txt
/usr/share/doc/dovecot-1.0.7/wiki/AuthDatabase.VPopMail.txt
/usr/share/doc/dovecot-1.0.7/wiki/AuthDatabase.txt
/usr/share/doc/dovecot-1.0.7/wiki/Authentication.Kerberos.txt
/usr/share/doc/dovecot-1.0.7/wiki/Authentication.MasterUsers.txt
/usr/share/doc/dovecot-1.0.7/wiki/Authentication.Mechanisms.txt
/usr/share/doc/dovecot-1.0.7/wiki/Authentication.MultipleDatabases.txt
/usr/share/doc/dovecot-1.0.7/wiki/Authentication.PasswordSchemes.txt
/usr/share/doc/dovecot-1.0.7/wiki/Authentication.RestrictAccess.txt
/usr/share/doc/dovecot-1.0.7/wiki/Authentication.txt
/usr/share/doc/dovecot-1.0.7/wiki/BasicConfiguration.txt
/usr/share/doc/dovecot-1.0.7/wiki/Chrooting.txt
/usr/share/doc/dovecot-1.0.7/wiki/Clients.NegativeUIDs.txt
/usr/share/doc/dovecot-1.0.7/wiki/Clients.txt
/usr/share/doc/dovecot-1.0.7/wiki/CommandLine.txt
/usr/share/doc/dovecot-1.0.7/wiki/CompilingSource.txt
/usr/share/doc/dovecot-1.0.7/wiki/Debugging.Authentication.txt
/usr/share/doc/dovecot-1.0.7/wiki/Debugging.ProcessTracing.txt
/usr/share/doc/dovecot-1.0.7/wiki/Debugging.Thunderbird.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.AuthProcess.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.Indexes.Cache.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.Indexes.MailIndexApi.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.Indexes.MainIndex.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.Indexes.TransactionLog.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.Indexes.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.MailProcess.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.Processes.txt
/usr/share/doc/dovecot-1.0.7/wiki/Design.txt
/usr/share/doc/dovecot-1.0.7/wiki/FindMailLocation.txt
/usr/share/doc/dovecot-1.0.7/wiki/FinishBasicConfiguration.txt
/usr/share/doc/dovecot-1.0.7/wiki/HowTo.EximAndDovecotSASL.txt
/usr/share/doc/dovecot-1.0.7/wiki/HowTo.PostfixAndDovecotSASL.txt
/usr/share/doc/dovecot-1.0.7/wiki/HowTo.SimpleVirtualInstall.txt
/usr/share/doc/dovecot-1.0.7/wiki/HowTo.txt
/usr/share/doc/dovecot-1.0.7/wiki/IndexFiles.txt
/usr/share/doc/dovecot-1.0.7/wiki/InetdInstall.txt
/usr/share/doc/dovecot-1.0.7/wiki/Iptables.txt
/usr/share/doc/dovecot-1.0.7/wiki/LDA.Exim.txt
/usr/share/doc/dovecot-1.0.7/wiki/LDA.Postfix.txt
/usr/share/doc/dovecot-1.0.7/wiki/LDA.Qmail.txt
/usr/share/doc/dovecot-1.0.7/wiki/LDA.Sendmail.txt
/usr/share/doc/dovecot-1.0.7/wiki/LDA.Sieve.txt
/usr/share/doc/dovecot-1.0.7/wiki/LDA.txt
/usr/share/doc/dovecot-1.0.7/wiki/Logging.txt
/usr/share/doc/dovecot-1.0.7/wiki/LoginProcess.txt
/usr/share/doc/dovecot-1.0.7/wiki/MDA.txt
/usr/share/doc/dovecot-1.0.7/wiki/MTA.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailLocation.LocalDisk.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailLocation.Maildir.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailLocation.Mbox.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailLocation.SharedDisk.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailLocation.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailboxFormat.MH.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailboxFormat.Maildir.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailboxFormat.dbox.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailboxFormat.mailstore.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailboxFormat.mbox.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailboxFormat.mbx.txt
/usr/share/doc/dovecot-1.0.7/wiki/MailboxFormat.txt
/usr/share/doc/dovecot-1.0.7/wiki/MboxLocking.txt
/usr/share/doc/dovecot-1.0.7/wiki/MboxProblems.txt
/usr/share/doc/dovecot-1.0.7/wiki/Migration.Courier.txt
/usr/share/doc/dovecot-1.0.7/wiki/Migration.Cyrus.txt
/usr/share/doc/dovecot-1.0.7/wiki/Migration.Linuxconf.txt
/usr/share/doc/dovecot-1.0.7/wiki/Migration.MailFormat.txt
/usr/share/doc/dovecot-1.0.7/wiki/Migration.UW.txt
/usr/share/doc/dovecot-1.0.7/wiki/Migration.txt
/usr/share/doc/dovecot-1.0.7/wiki/MissingMailboxes.txt
/usr/share/doc/dovecot-1.0.7/wiki/NFS.txt
/usr/share/doc/dovecot-1.0.7/wiki/Namespaces.txt
/usr/share/doc/dovecot-1.0.7/wiki/OSCompatibility.txt
/usr/share/doc/dovecot-1.0.7/wiki/POP3Server.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.BSDAuth.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.CheckPassword.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.ExtraFields.AllowNets.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.ExtraFields.Host.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.ExtraFields.NoDelay.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.ExtraFields.NoLogin.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.ExtraFields.Proxy.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.ExtraFields.User.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.ExtraFields.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.PAM.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.Shadow.txt
/usr/share/doc/dovecot-1.0.7/wiki/PasswordDatabase.txt
/usr/share/doc/dovecot-1.0.7/wiki/PerformanceTuning.txt
/usr/share/doc/dovecot-1.0.7/wiki/Plugins.Convert.txt
/usr/share/doc/dovecot-1.0.7/wiki/Plugins.Expire.txt
/usr/share/doc/dovecot-1.0.7/wiki/Plugins.Lazyexpunge.txt
/usr/share/doc/dovecot-1.0.7/wiki/Plugins.MailLog.txt
/usr/share/doc/dovecot-1.0.7/wiki/Plugins.Trash.txt
/usr/share/doc/dovecot-1.0.7/wiki/Plugins.txt
/usr/share/doc/dovecot-1.0.7/wiki/PopBSMTPAndDovecot.txt
/usr/share/doc/dovecot-1.0.7/wiki/PopRelay.txt
/usr/share/doc/dovecot-1.0.7/wiki/PostLoginScripting.txt
/usr/share/doc/dovecot-1.0.7/wiki/QuickConfiguration.txt
/usr/share/doc/dovecot-1.0.7/wiki/Quota.Dict.txt
/usr/share/doc/dovecot-1.0.7/wiki/Quota.Dirsize.txt
/usr/share/doc/dovecot-1.0.7/wiki/Quota.FS.txt
/usr/share/doc/dovecot-1.0.7/wiki/Quota.Maildir.txt
/usr/share/doc/dovecot-1.0.7/wiki/Quota.txt
/usr/share/doc/dovecot-1.0.7/wiki/Rootless.txt
/usr/share/doc/dovecot-1.0.7/wiki/RunningDovecot.txt
/usr/share/doc/dovecot-1.0.7/wiki/SSL.CertificateClientImporting.txt
/usr/share/doc/dovecot-1.0.7/wiki/SSL.CertificateCreation.txt
/usr/share/doc/dovecot-1.0.7/wiki/SSL.DovecotConfiguration.txt
/usr/share/doc/dovecot-1.0.7/wiki/SSL.txt
/usr/share/doc/dovecot-1.0.7/wiki/Sasl.txt
/usr/share/doc/dovecot-1.0.7/wiki/SecurityTuning.txt
/usr/share/doc/dovecot-1.0.7/wiki/SharedMailboxes.txt
/usr/share/doc/dovecot-1.0.7/wiki/SystemUsers.txt
/usr/share/doc/dovecot-1.0.7/wiki/TestInstallation.txt
/usr/share/doc/dovecot-1.0.7/wiki/TestPop3Installation.txt
/usr/share/doc/dovecot-1.0.7/wiki/TimeMovedBackwards.txt
/usr/share/doc/dovecot-1.0.7/wiki/UpgradingDovecot.txt
/usr/share/doc/dovecot-1.0.7/wiki/UserDatabase.ExtraFields.txt
/usr/share/doc/dovecot-1.0.7/wiki/UserDatabase.Prefetch.txt
/usr/share/doc/dovecot-1.0.7/wiki/UserDatabase.Static.txt
/usr/share/doc/dovecot-1.0.7/wiki/UserDatabase.txt
/usr/share/doc/dovecot-1.0.7/wiki/UserIds.txt
/usr/share/doc/dovecot-1.0.7/wiki/Variables.txt
/usr/share/doc/dovecot-1.0.7/wiki/VirtualUsers.txt
/usr/share/doc/dovecot-1.0.7/wiki/WhyDoesItNotWork.txt
/usr/share/doc/dovecot-1.0.7/wiki/maildrop.txt
/usr/share/doc/dovecot-1.0.7/wiki/mutt.txt
/usr/share/doc/dovecot-1.0.7/wiki/uw2dovecot.sh.txt
/var/lib/dovecot
/var/run/dovecot
/var/run/dovecot/login
[root@linux220 ~]# vi /etc/dovecot.conf
[root@linux220 ~]# cat /etc/dovecot.conf | grep protocols
# Protocols we want to be serving: imap imaps pop3 pop3s
protocols = imap imaps pop3 pop3s
# SSL protocols to use
#ssl_protocols = !SSLv2 !SSLv3
[root@linux220 ~]# service sovecot restart
sovecot: unrecognized service
[root@linux220 ~]# service dovecot restart
Stopping Dovecot Imap: [FAILED]
Starting Dovecot Imap: [ OK ]
[root@linux220 ~]# chkconfig dovecot on
[root@linux220 ~]# chkconfig --list dovecot
dovecot 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@linux220 ~]# mailx -v user01
Subject: test1
hello
.
Cc:
user01... Connecting to [127.0.0.1] via relay...
220 linux220.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 9 May 2016 19:57:11 +0900
>>> EHLO linux220.example.com
250-linux220.example.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
>>> MAIL From:<root@linux220.example.com> SIZE=33 AUTH=root@linux220.example.com
250 2.1.0 <root@linux220.example.com>... Sender ok
>>> RCPT To:<user01@linux220.example.com>
>>> DATA
250 2.1.5 <user01@linux220.example.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 u49AvBq7006774 Message accepted for delivery
user01... Sent (u49AvBq7006774 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 linux220.example.com closing connection
[root@linux220 ~]# mailx -v user01
Subject: test2
hello
.
Cc:
user01... Connecting to [127.0.0.1] via relay...
220 linux220.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 9 May 2016 19:57:48 +0900
>>> EHLO linux220.example.com
250-linux220.example.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
>>> MAIL From:<root@linux220.example.com> SIZE=33 AUTH=root@linux220.example.com
250 2.1.0 <root@linux220.example.com>... Sender ok
>>> RCPT To:<user01@linux220.example.com>
>>> DATA
250 2.1.5 <user01@linux220.example.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 u49Avmgg006780 Message accepted for delivery
user01... Sent (u49Avmgg006780 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 linux220.example.com closing connection
[root@linux220 ~]# mailx -v user01
Subject: test3
hello
.
Cc:
user01... Connecting to [127.0.0.1] via relay...
220 linux220.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 9 May 2016 19:57:59 +0900
>>> EHLO linux220.example.com
250-linux220.example.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
>>> MAIL From:<root@linux220.example.com> SIZE=33 AUTH=root@linux220.example.com
250 2.1.0 <root@linux220.example.com>... Sender ok
>>> RCPT To:<user01@linux220.example.com>
>>> DATA
250 2.1.5 <user01@linux220.example.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 u49Avxhr006786 Message accepted for delivery
user01... Sent (u49Avxhr006786 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 linux220.example.com closing connection
[root@linux220 ~]#
[root@linux220 ~]# telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.
USER user01
+OK
PASS user01
+OK Logged in.
LIST
+OK 3 messages:
1 599
2 599
3 599
.
TOP 1 1
+OK
Return-Path: <root@linux220.example.com>
Received: from linux220.example.com (localhost.localdomain [127.0.0.1])
by linux220.example.com (8.13.8/8.13.8) with ESMTP id u49AvBq7006774
for <user01@linux220.example.com>; Mon, 9 May 2016 19:57:11 +0900
Received: (from root@localhost)
by linux220.example.com (8.13.8/8.13.8/Submit) id u49AvBUn006773
for user01; Mon, 9 May 2016 19:57:11 +0900
Date: Mon, 9 May 2016 19:57:11 +0900
From: root <root@linux220.example.com>
Message-Id: <201605091057.u49AvBUn006773@linux220.example.com>
To: user01@linux220.example.com
Subject: test1
hello
.
RETR 1
+OK 599 octets
Return-Path: <root@linux220.example.com>
Received: from linux220.example.com (localhost.localdomain [127.0.0.1])
by linux220.example.com (8.13.8/8.13.8) with ESMTP id u49AvBq7006774
for <user01@linux220.example.com>; Mon, 9 May 2016 19:57:11 +0900
Received: (from root@localhost)
by linux220.example.com (8.13.8/8.13.8/Submit) id u49AvBUn006773
for user01; Mon, 9 May 2016 19:57:11 +0900
Date: Mon, 9 May 2016 19:57:11 +0900
From: root <root@linux220.example.com>
Message-Id: <201605091057.u49AvBUn006773@linux220.example.com>
To: user01@linux220.example.com
Subject: test1
hello
.
DELE 1
+OK Marked to be deleted.
LIST
+OK 2 messages:
2 599
3 599
.
RETR 1
-ERR Message is deleted.
QUIT
+OK Logging out, messages deleted.
Connection closed by foreign host.
[root@linux220 ~]#
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\soldeskN>nslookup -q=MX naver.com
서버: kns.kornet.net
Address: 168.126.63.1
권한 없는 응답:
naver.com MX preference = 10, mail exchanger = mx3.naver.com
naver.com MX preference = 10, mail exchanger = mx1.naver.com
naver.com MX preference = 10, mail exchanger = mx4.naver.com
naver.com nameserver = ns1.naver.com
naver.com nameserver = ns2.naver.com
mx4.naver.com internet address = 125.209.238.137
ns1.naver.com internet address = 125.209.248.6
ns2.naver.com internet address = 125.209.249.6
C:\Users\soldeskN>nslookup -q=MX google.com
서버: kns.kornet.net
Address: 168.126.63.1
권한 없는 응답:
google.com MX preference = 10, mail exchanger = aspmx.l.google.com
google.com MX preference = 40, mail exchanger = alt3.aspmx.l.google.com
google.com MX preference = 50, mail exchanger = alt4.aspmx.l.google.com
google.com MX preference = 20, mail exchanger = alt1.aspmx.l.google.com
google.com MX preference = 30, mail exchanger = alt2.aspmx.l.google.com
google.com nameserver = ns2.google.com
google.com nameserver = ns1.google.com
google.com nameserver = ns4.google.com
google.com nameserver = ns3.google.com
ASPMX.l.google.com internet address = 64.233.188.26
ASPMX.l.google.com AAAA IPv6 address = 2404:6800:4008:c01::1b
alt1.ASPMX.l.google.com internet address = 74.125.25.26
alt2.ASPMX.l.google.com internet address = 74.125.193.26
alt2.ASPMX.l.google.com AAAA IPv6 address = 2607:f8b0:4003:c17::1a
ALT3.ASPMX.l.google.com internet address = 173.194.219.27
ALT3.ASPMX.l.google.com AAAA IPv6 address = 2607:f8b0:4001:c05::1a
alt4.ASPMX.l.google.com internet address = 173.194.219.27
ns1.google.com internet address = 216.239.32.10
ns2.google.com internet address = 216.239.34.10
ns3.google.com internet address = 216.239.36.10
ns4.google.com internet address = 216.239.38.10
C:\Users\soldeskN>
[root@linux220 ~]# rpm -qa | grep sendmail
sendmail-8.13.8-10.el5_11
sendmail-cf-8.13.8-10.el5_11
[root@linux220 ~]# rpm -qli sendmail
Name : sendmail Relocations: (not relocatable)
Version : 8.13.8 Vendor: CentOS
Release : 10.el5_11 Build Date: Mon 16 Mar 2015 05:44:07 PM KST
Install Date: Wed 27 Apr 2016 04:58:20 PM KST Build Host: builder17.centos.org
Group : System Environment/Daemons Source RPM: sendmail-8.13.8-10.el5_11.src.rpm
Size : 1372218 License: Sendmail
Signature : DSA/SHA1, Mon 16 Mar 2015 11:36:40 PM KST, Key ID a8a447dce8562897
Summary : A widely used Mail Transport Agent (MTA).
Description :
The Sendmail program is a very widely used Mail Transport Agent (MTA).
MTAs send mail from one machine to another. Sendmail is not a client
program, which you use to read your email. Sendmail is a
behind-the-scenes program which actually moves your email over
networks or the Internet to where you want it to go.
If you ever need to reconfigure Sendmail, you will also need to have
the sendmail.cf package installed. If you need documentation on
Sendmail, you can install the sendmail-doc package.
/etc/aliases.db
/etc/mail
/etc/mail/Makefile
/etc/mail/access
/etc/mail/access.db
/etc/mail/domaintable
/etc/mail/domaintable.db
/etc/mail/helpfile
/etc/mail/local-host-names
/etc/mail/mailertable
/etc/mail/mailertable.db
/etc/mail/sendmail.cf
/etc/mail/sendmail.mc
/etc/mail/submit.cf
/etc/mail/submit.mc
/etc/mail/trusted-users
/etc/mail/virtusertable
/etc/mail/virtusertable.db
/etc/pam.d/smtp.sendmail
/etc/rc.d/init.d/sendmail
/etc/smrsh
/etc/sysconfig/sendmail
/usr/bin/hoststat
/usr/bin/mailq.sendmail
/usr/bin/makemap
/usr/bin/newaliases.sendmail
/usr/bin/purgestat
/usr/bin/rmail.sendmail
/usr/lib/sasl2/Sendmail.conf
/usr/lib/sendmail.sendmail
/usr/sbin/mailstats
/usr/sbin/makemap
/usr/sbin/praliases
/usr/sbin/sendmail.sendmail
/usr/sbin/smrsh
/usr/share/man/man1/mailq.sendmail.1.gz
/usr/share/man/man1/newaliases.sendmail.1.gz
/usr/share/man/man5/aliases.sendmail.5.gz
/usr/share/man/man8/mailstats.8.gz
/usr/share/man/man8/makemap.8.gz
/usr/share/man/man8/praliases.8.gz
/usr/share/man/man8/rmail.8.gz
/usr/share/man/man8/sendmail.sendmail.8.gz
/usr/share/man/man8/smrsh.8.gz
/var/log/mail
/var/log/mail/statistics
/var/spool/clientmqueue
/var/spool/mqueue
[root@linux220 ~]# rpm -ql sendmail-cf
/usr/share/sendmail-cf
/usr/share/sendmail-cf/README
/usr/share/sendmail-cf/cf
/usr/share/sendmail-cf/cf/Build
/usr/share/sendmail-cf/cf/Makefile
/usr/share/sendmail-cf/cf/README
/usr/share/sendmail-cf/cf/chez.cs.mc
/usr/share/sendmail-cf/cf/clientproto.mc
/usr/share/sendmail-cf/cf/cs-hpux10.mc
/usr/share/sendmail-cf/cf/cs-hpux9.mc
/usr/share/sendmail-cf/cf/cs-osf1.mc
/usr/share/sendmail-cf/cf/cs-solaris2.mc
/usr/share/sendmail-cf/cf/cs-sunos4.1.mc
/usr/share/sendmail-cf/cf/cs-ultrix4.mc
/usr/share/sendmail-cf/cf/cyrusproto.mc
/usr/share/sendmail-cf/cf/generic-bsd4.4.cf
/usr/share/sendmail-cf/cf/generic-bsd4.4.mc
/usr/share/sendmail-cf/cf/generic-hpux10.cf
/usr/share/sendmail-cf/cf/generic-hpux10.mc
/usr/share/sendmail-cf/cf/generic-hpux9.cf
/usr/share/sendmail-cf/cf/generic-hpux9.mc
/usr/share/sendmail-cf/cf/generic-linux.cf
/usr/share/sendmail-cf/cf/generic-linux.mc
/usr/share/sendmail-cf/cf/generic-mpeix.cf
/usr/share/sendmail-cf/cf/generic-mpeix.mc
/usr/share/sendmail-cf/cf/generic-nextstep3.3.cf
/usr/share/sendmail-cf/cf/generic-nextstep3.3.mc
/usr/share/sendmail-cf/cf/generic-osf1.cf
/usr/share/sendmail-cf/cf/generic-osf1.mc
/usr/share/sendmail-cf/cf/generic-solaris.cf
/usr/share/sendmail-cf/cf/generic-solaris.mc
/usr/share/sendmail-cf/cf/generic-sunos4.1.cf
/usr/share/sendmail-cf/cf/generic-sunos4.1.mc
/usr/share/sendmail-cf/cf/generic-ultrix4.cf
/usr/share/sendmail-cf/cf/generic-ultrix4.mc
/usr/share/sendmail-cf/cf/huginn.cs.mc
/usr/share/sendmail-cf/cf/knecht.mc
/usr/share/sendmail-cf/cf/mail.cs.mc
/usr/share/sendmail-cf/cf/mail.eecs.mc
/usr/share/sendmail-cf/cf/mailspool.cs.mc
/usr/share/sendmail-cf/cf/python.cs.mc
/usr/share/sendmail-cf/cf/s2k-osf1.mc
/usr/share/sendmail-cf/cf/s2k-ultrix4.mc
/usr/share/sendmail-cf/cf/submit.cf
/usr/share/sendmail-cf/cf/submit.mc
/usr/share/sendmail-cf/cf/tcpproto.mc
/usr/share/sendmail-cf/cf/ucbarpa.mc
/usr/share/sendmail-cf/cf/ucbvax.mc
/usr/share/sendmail-cf/cf/uucpproto.mc
/usr/share/sendmail-cf/cf/vangogh.cs.mc
/usr/share/sendmail-cf/domain
/usr/share/sendmail-cf/domain/Berkeley.EDU.m4
/usr/share/sendmail-cf/domain/CS.Berkeley.EDU.m4
/usr/share/sendmail-cf/domain/EECS.Berkeley.EDU.m4
/usr/share/sendmail-cf/domain/S2K.Berkeley.EDU.m4
/usr/share/sendmail-cf/domain/berkeley-only.m4
/usr/share/sendmail-cf/domain/generic.m4
/usr/share/sendmail-cf/feature
/usr/share/sendmail-cf/feature/accept_unqualified_senders.m4
/usr/share/sendmail-cf/feature/accept_unresolvable_domains.m4
/usr/share/sendmail-cf/feature/access_db.m4
/usr/share/sendmail-cf/feature/allmasquerade.m4
/usr/share/sendmail-cf/feature/always_add_domain.m4
/usr/share/sendmail-cf/feature/authinfo.m4
/usr/share/sendmail-cf/feature/bestmx_is_local.m4
/usr/share/sendmail-cf/feature/bitdomain.m4
/usr/share/sendmail-cf/feature/blacklist_recipients.m4
/usr/share/sendmail-cf/feature/compat_check.m4
/usr/share/sendmail-cf/feature/conncontrol.m4
/usr/share/sendmail-cf/feature/delay_checks.m4
/usr/share/sendmail-cf/feature/dnsbl.m4
/usr/share/sendmail-cf/feature/domaintable.m4
/usr/share/sendmail-cf/feature/enhdnsbl.m4
/usr/share/sendmail-cf/feature/generics_entire_domain.m4
/usr/share/sendmail-cf/feature/genericstable.m4
/usr/share/sendmail-cf/feature/greet_pause.m4
/usr/share/sendmail-cf/feature/ldap_routing.m4
/usr/share/sendmail-cf/feature/limited_masquerade.m4
/usr/share/sendmail-cf/feature/local_lmtp.m4
/usr/share/sendmail-cf/feature/local_no_masquerade.m4
/usr/share/sendmail-cf/feature/local_procmail.m4
/usr/share/sendmail-cf/feature/lookupdotdomain.m4
/usr/share/sendmail-cf/feature/loose_relay_check.m4
/usr/share/sendmail-cf/feature/mailertable.m4
/usr/share/sendmail-cf/feature/masquerade_entire_domain.m4
/usr/share/sendmail-cf/feature/masquerade_envelope.m4
/usr/share/sendmail-cf/feature/msp.m4
/usr/share/sendmail-cf/feature/mtamark.m4
/usr/share/sendmail-cf/feature/no_default_msa.m4
/usr/share/sendmail-cf/feature/nocanonify.m4
/usr/share/sendmail-cf/feature/notsticky.m4
/usr/share/sendmail-cf/feature/nouucp.m4
/usr/share/sendmail-cf/feature/nullclient.m4
/usr/share/sendmail-cf/feature/preserve_local_plus_detail.m4
/usr/share/sendmail-cf/feature/preserve_luser_host.m4
/usr/share/sendmail-cf/feature/promiscuous_relay.m4
/usr/share/sendmail-cf/feature/queuegroup.m4
/usr/share/sendmail-cf/feature/ratecontrol.m4
/usr/share/sendmail-cf/feature/redirect.m4
/usr/share/sendmail-cf/feature/relay_based_on_MX.m4
/usr/share/sendmail-cf/feature/relay_entire_domain.m4
/usr/share/sendmail-cf/feature/relay_hosts_only.m4
/usr/share/sendmail-cf/feature/relay_local_from.m4
/usr/share/sendmail-cf/feature/relay_mail_from.m4
/usr/share/sendmail-cf/feature/smrsh.m4
/usr/share/sendmail-cf/feature/stickyhost.m4
/usr/share/sendmail-cf/feature/use_client_ptr.m4
/usr/share/sendmail-cf/feature/use_ct_file.m4
/usr/share/sendmail-cf/feature/use_cw_file.m4
/usr/share/sendmail-cf/feature/uucpdomain.m4
/usr/share/sendmail-cf/feature/virtuser_entire_domain.m4
/usr/share/sendmail-cf/feature/virtusertable.m4
/usr/share/sendmail-cf/hack
/usr/share/sendmail-cf/hack/cssubdomain.m4
/usr/share/sendmail-cf/m4
/usr/share/sendmail-cf/m4/cf.m4
/usr/share/sendmail-cf/m4/cfhead.m4
/usr/share/sendmail-cf/m4/proto.m4
/usr/share/sendmail-cf/m4/version.m4
/usr/share/sendmail-cf/mailer
/usr/share/sendmail-cf/mailer/cyrus.m4
/usr/share/sendmail-cf/mailer/cyrusv2.m4
/usr/share/sendmail-cf/mailer/fax.m4
/usr/share/sendmail-cf/mailer/local.m4
/usr/share/sendmail-cf/mailer/mail11.m4
/usr/share/sendmail-cf/mailer/phquery.m4
/usr/share/sendmail-cf/mailer/pop.m4
/usr/share/sendmail-cf/mailer/procmail.m4
/usr/share/sendmail-cf/mailer/qpage.m4
/usr/share/sendmail-cf/mailer/smtp.m4
/usr/share/sendmail-cf/mailer/usenet.m4
/usr/share/sendmail-cf/mailer/uucp.m4
/usr/share/sendmail-cf/ostype
/usr/share/sendmail-cf/ostype/a-ux.m4
/usr/share/sendmail-cf/ostype/aix3.m4
/usr/share/sendmail-cf/ostype/aix4.m4
/usr/share/sendmail-cf/ostype/aix5.m4
/usr/share/sendmail-cf/ostype/altos.m4
/usr/share/sendmail-cf/ostype/amdahl-uts.m4
/usr/share/sendmail-cf/ostype/bsd4.3.m4
/usr/share/sendmail-cf/ostype/bsd4.4.m4
/usr/share/sendmail-cf/ostype/bsdi.m4
/usr/share/sendmail-cf/ostype/bsdi1.0.m4
/usr/share/sendmail-cf/ostype/bsdi2.0.m4
/usr/share/sendmail-cf/ostype/darwin.m4
/usr/share/sendmail-cf/ostype/dgux.m4
/usr/share/sendmail-cf/ostype/domainos.m4
/usr/share/sendmail-cf/ostype/dragonfly.m4
/usr/share/sendmail-cf/ostype/dynix3.2.m4
/usr/share/sendmail-cf/ostype/freebsd4.m4
/usr/share/sendmail-cf/ostype/freebsd5.m4
/usr/share/sendmail-cf/ostype/freebsd6.m4
/usr/share/sendmail-cf/ostype/gnu.m4
/usr/share/sendmail-cf/ostype/hpux10.m4
/usr/share/sendmail-cf/ostype/hpux11.m4
/usr/share/sendmail-cf/ostype/hpux9.m4
/usr/share/sendmail-cf/ostype/irix4.m4
/usr/share/sendmail-cf/ostype/irix5.m4
/usr/share/sendmail-cf/ostype/irix6.m4
/usr/share/sendmail-cf/ostype/isc4.1.m4
/usr/share/sendmail-cf/ostype/linux.m4
/usr/share/sendmail-cf/ostype/maxion.m4
/usr/share/sendmail-cf/ostype/mklinux.m4
/usr/share/sendmail-cf/ostype/mpeix.m4
/usr/share/sendmail-cf/ostype/nextstep.m4
/usr/share/sendmail-cf/ostype/openbsd.m4
/usr/share/sendmail-cf/ostype/osf1.m4
/usr/share/sendmail-cf/ostype/powerux.m4
/usr/share/sendmail-cf/ostype/ptx2.m4
/usr/share/sendmail-cf/ostype/qnx.m4
/usr/share/sendmail-cf/ostype/riscos4.5.m4
/usr/share/sendmail-cf/ostype/sco-uw-2.1.m4
/usr/share/sendmail-cf/ostype/sco3.2.m4
/usr/share/sendmail-cf/ostype/sinix.m4
/usr/share/sendmail-cf/ostype/solaris2.m4
/usr/share/sendmail-cf/ostype/solaris2.ml.m4
/usr/share/sendmail-cf/ostype/solaris2.pre5.m4
/usr/share/sendmail-cf/ostype/solaris8.m4
/usr/share/sendmail-cf/ostype/sunos3.5.m4
/usr/share/sendmail-cf/ostype/sunos4.1.m4
/usr/share/sendmail-cf/ostype/svr4.m4
/usr/share/sendmail-cf/ostype/ultrix4.m4
/usr/share/sendmail-cf/ostype/unicos.m4
/usr/share/sendmail-cf/ostype/unicosmk.m4
/usr/share/sendmail-cf/ostype/unicosmp.m4
/usr/share/sendmail-cf/ostype/unixware7.m4
/usr/share/sendmail-cf/ostype/unknown.m4
/usr/share/sendmail-cf/ostype/uxpds.m4
/usr/share/sendmail-cf/sendmail.schema
/usr/share/sendmail-cf/sh
/usr/share/sendmail-cf/sh/makeinfo.sh
/usr/share/sendmail-cf/siteconfig
/usr/share/sendmail-cf/siteconfig/uucp.cogsci.m4
/usr/share/sendmail-cf/siteconfig/uucp.old.arpa.m4
/usr/share/sendmail-cf/siteconfig/uucp.ucbarpa.m4
/usr/share/sendmail-cf/siteconfig/uucp.ucbvax.m4
[root@linux220 ~]#
[root@linux220 ~]# grep smtp /etc/services
smtp 25/tcp mail
smtp 25/udp mail
smtps 465/tcp # SMTP over SSL (TLS)
rsmtp 2390/tcp # RSMTP
rsmtp 2390/udp # RSMTP
[root@linux220 ~]# cd /etc/mail
[root@linux220 /etc/mail]# ls
access domaintable.db mailertable sendmail.cf submit.cf virtusertable
access.db helpfile mailertable.db sendmail.mc submit.mc virtusertable.db
domaintable local-host-names Makefile spamassassin trusted-users
[root@linux220 /etc/mail]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 linux220.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 9 May 2016 20:18:52 +0900
quit
221 2.0.0 linux220.example.com closing connection
Connection closed by foreign host.
[root@linux220 /etc/mail]# vi /etc/resolv.conf
[root@linux220 /etc/mail]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
nameserver 172.16.9.252
nameserver 168.126.63.1
[root@linux220 /etc/mail]# ping 172.16.9.252
PING 172.16.9.252 (172.16.9.252) 56(84) bytes of data.
From 172.16.6.220 icmp_seq=1 Destination Host Unreachable
From 172.16.6.220 icmp_seq=2 Destination Host Unreachable
From 172.16.6.220 icmp_seq=3 Destination Host Unreachable
From 172.16.6.220 icmp_seq=5 Destination Host Unreachable
From 172.16.6.220 icmp_seq=6 Destination Host Unreachable
From 172.16.6.220 icmp_seq=7 Destination Host Unreachable
--- 172.16.9.252 ping statistics ---
8 packets transmitted, 0 received, +6 errors, 100% packet loss, time 7000ms
, pipe 3
[root@linux220 /etc/mail]# ping 172.16.9.252
PING 172.16.9.252 (172.16.9.252) 56(84) bytes of data.
64 bytes from 172.16.9.252: icmp_seq=1 ttl=64 time=4.13 ms
64 bytes from 172.16.9.252: icmp_seq=2 ttl=64 time=0.893 ms
64 bytes from 172.16.9.252: icmp_seq=3 ttl=64 time=0.856 ms
64 bytes from 172.16.9.252: icmp_seq=4 ttl=64 time=0.946 ms
64 bytes from 172.16.9.252: icmp_seq=5 ttl=64 time=0.865 ms
--- 172.16.9.252 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 0.856/1.539/4.136/1.299 ms
[root@linux220 /etc/mail]# nslookup mail.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: mail.linux220.example.com
Address: 172.16.6.220
[root@linux220 /etc/mail]# nslookup -q=MX mail.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
*** Can't find mail.linux220.example.com: No answer
[root@linux220 /etc/mail]# nslookup -q=MX linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
linux220.example.com mail exchanger = 10 mail.linux220.example.com.
[root@linux220 /etc/mail]#
[root@linux220 /etc/mail]# ls
access domaintable.db mailertable sendmail.cf submit.cf virtusertable
access.db helpfile mailertable.db sendmail.mc submit.mc virtusertable.db
domaintable local-host-names Makefile spamassassin trusted-users
[root@linux220 /etc/mail]# vi sendmail.cf
[root@linux220 /etc/mail]# ls
access domaintable.db mailertable sendmail.cf submit.cf virtusertable
access.db helpfile mailertable.db sendmail.mc submit.mc virtusertable.db
domaintable local-host-names Makefile spamassassin trusted-users
[root@linux220 /etc/mail]# file access*
access: ASCII English text
access.db: Berkeley DB (Hash, version 8, native byte-order)
[root@linux220 /etc/mail]# cat access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
[root@linux220 /etc/mail]#
[root@linux220 /etc/mail]# vi ~/.bashrc
[root@linux220 /etc/mail]# cat ~/.bashrc | tail -6
#
# Mail Alias
#
alias MAIL='cd /etc/mail'
alias sendmail.cf='vi /etc/mail/sendmail.cf'
alias mlog='tail -f /var/log/maillog'
[root@linux220 /etc/mail]# . ~/.bashrc
[root@linux220 /etc/mail]# ls
access domaintable.db mailertable sendmail.cf submit.cf virtusertable
access.db helpfile mailertable.db sendmail.mc submit.mc virtusertable.db
domaintable local-host-names Makefile spamassassin trusted-users
[root@linux220 /etc/mail]# vi sendmail.cf
[root@linux220 /etc/mail]# vi local-host-names
[root@linux220 /etc/mail]# cat local-host-names
# local-host-names - include all aliases for your machine here.
linux220.example.com
mail.linux220.example.com
[root@linux220 /etc/mail]# vi access
[root@linux220 /etc/mail]# cat access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
Connect:mail.linux220.example.com RELAY
Connect:example.com RELAY
Connect:172.16.6 RELAY
[root@linux220 /etc/mail]# makemap hash access < access
[root@linux220 /etc/mail]# ls -l /etc/mail/access*
-rw-r--r-- 1 root root 467 May 9 21:05 /etc/mail/access
-rw-r----- 1 root root 12K May 9 21:05 /etc/mail/access.db
[root@linux220 /etc/mail]# service sendmail restart
Shutting down sm-client: [ OK ]
Shutting down sendmail: [ OK ]
Starting sendmail: [ OK ]
Starting sm-client: [ OK ]
[root@linux220 /etc/mail]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 smtp-information; ESMTP Mon, 9 May 2016 21:09:05 +0900
quit
221 2.0.0 mail.linux220.example.com closing connection
Connection closed by foreign host.
[root@linux220 /etc/mail]# mailx user01
Subject: local test
hello
.
Cc:
[root@linux220 /etc/mail]# su - user01
[user01@linux220 ~]$ mailx
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/user01": 3 messages 1 new 3 unread
U 1 root@linux220.exampl Mon May 9 19:57 19/696 "test2"
U 2 root@linux220.exampl Mon May 9 19:57 18/662 "test3"
>N 3 root@linux220.exampl Mon May 9 21:10 16/663 "local test"
& exit
[user01@linux220 ~]$ exit
logout
[root@linux220 /etc/mail]# mailx user01@example.com
Subject: test from linux220^[OF
hello
.
Cc:
[root@linux220 /etc/mail]# su - user01
[user01@linux220 ~]$ mailx
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/user01": 3 messages 1 new 3 unread
U 1 root@linux220.exampl Mon May 9 19:57 19/696 "test2"
U 2 root@linux220.exampl Mon May 9 19:57 18/662 "test3"
>N 3 root@linux220.exampl Mon May 9 21:10 16/663 "local test"
& exit
[user01@linux220 ~]$ exit
logout
[root@linux220 /etc/mail]# mailx linux221@example.com
Subject: test from linux220
hello
.
Cc:
[root@linux220 /etc/mail]# mailx user01@linux221.example.com
Subject: test from linux220
111
.
Cc:
[root@linux220 /etc/mail]# su - user01
[user01@linux220 ~]$ mailx
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/user01": 5 messages 3 new 5 unread
U 1 root@linux220.exampl Mon May 9 19:57 19/696 "test2"
U 2 root@linux220.exampl Mon May 9 19:57 18/662 "test3"
>N 3 root@linux220.exampl Mon May 9 21:10 16/663 "local test"
N 4 root@linux221.exampl Mon May 9 21:16 19/902 "test from linux221"
N 5 root@Linux219.exampl Mon May 9 21:17 19/892 "test from linux219"
& exit
[user01@linux220 ~]$ exit
logout
[root@linux220 /etc/mail]# mailx user01@linux219.example.com
Subject: test from linux220
111
.
Cc:
[root@linux220 /etc/mail]# nslookup -q=MX linux221.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Non-authoritative answer:
linux221.example.com mail exchanger = 10 mail.liunx221.example.com.
Authoritative answers can be found from:
linux221.example.com nameserver = ns1.linux221.example.com.
You have new mail in /var/spool/mail/root
[root@linux220 /etc/mail]# nslookup -q=MX linux219.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Non-authoritative answer:
linux219.example.com mail exchanger = 10 mail.linux219.example.com.
Authoritative answers can be found from:
linux219.example.com nameserver = ns1.linux219.example.com.
mail.linux219.example.com internet address = 172.16.6.219
[root@linux220 /etc/mail]# mailx
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/root": 8 messages 8 new
>N 1 logwatch@linux220.ex Wed Apr 27 17:25 269/10396 "Logwatch for linux220.example.com (Linux)"
N 2 logwatch@linux220.ex Thu Apr 28 17:26 662/27461 "Logwatch for linux220.example.com (Linux)"
N 3 logwatch@linux220.ex Fri Apr 29 17:10 272/9283 "Logwatch for linux220.example.com (Linux)"
N 4 logwatch@linux220.ex Mon May 2 19:02 47/1841 "Logwatch for linux220.example.com (Linux)"
N 5 logwatch@linux220.ex Tue May 3 17:09 168/6958 "Logwatch for linux220.example.com (Linux)"
N 6 logwatch@linux220.ex Wed May 4 17:07 135/4887 "Logwatch for linux220.example.com (Linux)"
N 7 logwatch@linux220.ex Mon May 9 17:07 47/1841 "Logwatch for linux220.example.com (Linux)"
N 8 MAILER-DAEMON@mail.l Mon May 9 21:17 61/2353 "Returned mail: see transcript for details"
& 8
Message 8:
From MAILER-DAEMON@mail.linux220.example.com Mon May 9 21:17:36 2016
Date: Mon, 9 May 2016 21:17:36 +0900
From: Mail Delivery Subsystem <MAILER-DAEMON@mail.linux220.example.com>
To: <root@linux220.example.com>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="u49CHaVK007214.1462796256/mail.linux220.example.com"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
This is a MIME-encapsulated message
--u49CHaVK007214.1462796256/mail.linux220.example.com
The original message was received at Mon, 9 May 2016 21:17:35 +0900
from localhost.localdomain [127.0.0.1]
----- The following addresses had permanent fatal errors -----
<user01@linux221.example.com>
----- Transcript of session follows -----
550 5.1.2 <user01@linux221.example.com>... Host unknown (Name server: mail.liunx221.example.com.: host not found)
--u49CHaVK007214.1462796256/mail.linux220.example.com
Content-Type: message/delivery-status
Reporting-MTA: dns; mail.linux220.example.com
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Mon, 9 May 2016 21:17:35 +0900
Final-Recipient: RFC822; user01@linux221.example.com
Action: failed
Status: 5.1.2
Remote-MTA: DNS; mail.liunx221.example.com
Last-Attempt-Date: Mon, 9 May 2016 21:17:36 +0900
--u49CHaVK007214.1462796256/mail.linux220.example.com
Content-Type: message/rfc822
Return-Path: <root@linux220.example.com>
Received: from linux220.example.com (localhost.localdomain [127.0.0.1])
& q
Saved 1 message in mbox
Held 7 messages in /var/spool/mail/root
[root@linux220 /etc/mail]#
219 -> 220 (O)
219 <- 220 (O)
220 -> 221 (O)
221 <- 220 (X) 호스트를 찾을수가 없다고
[root@linux220 /etc/mail]# grep -n /etc/aliases /etc/mail/sendmail.cf
180:O AliasFile=/etc/aliases
[root@linux220 /etc/mail]# vi /etc/aliases
[root@linux220 /etc/mail]# vi /etc/aliases
[root@linux220 /etc/mail]# cat /etc/aliases | tail -4
#
# Local aliases below
#
mail01: mail02
[root@linux220 /etc/mail]# newaliases
/etc/aliases: 77 aliases, longest 10 bytes, 777 bytes total
[root@linux220 /etc/mail]# ls -l /etc/aliases*
-rw-r--r-- 1 root root 1.6K May 9 21:49 /etc/aliases
-rw-r----- 1 root smmsp 12K May 9 21:49 /etc/aliases.db
[root@linux220 /etc/mail]# praliases | grep mail
mailnull:root
mail01:mail02
mailer-daemon:postmaster
mail:root
[root@linux220 /etc/mail]# useradd mail01
[root@linux220 /etc/mail]# passwd mail01
Changing password for user mail01.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@linux220 /etc/mail]# useradd mail02
[root@linux220 /etc/mail]# passwd mail02
Changing password for user mail02.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@linux220 /etc/mail]# grep mail /etc/passwd | tail -3
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
mail01:x:504:504::/home/mail01:/bin/bash
mail02:x:505:505::/home/mail02:/bin/bash
[root@linux220 /etc/mail]# grep mail /etc/passwd
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
mail01:x:504:504::/home/mail01:/bin/bash
mail02:x:505:505::/home/mail02:/bin/bash
[root@linux220 /etc/mail]# mailx mail01
Subject: mail fowarding test
hello
.
Cc:
[root@linux220 /etc/mail]# su - mail01
[mail01@linux220 ~]$ id
uid=504(mail01) gid=504(mail01) groups=504(mail01)
[mail01@linux220 ~]$ mailx
No mail for mail01
[mail01@linux220 ~]$ su - mail02
Password:
[mail02@linux220 ~]$ id
uid=505(mail02) gid=505(mail02) groups=505(mail02)
[mail02@linux220 ~]$ mailx
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/mail02": 1 message 1 new
>N 1 root@linux220.exampl Mon May 9 21:52 16/672 "mail fowarding test"
& 1
Message 1:
From root@linux220.example.com Mon May 9 21:52:00 2016
Date: Mon, 9 May 2016 21:52:00 +0900
From: root <root@linux220.example.com>
To: mail01@linux220.example.com
Subject: mail fowarding test
hello
& d a
& exit
[mail02@linux220 ~]$ exit
logout
[mail01@linux220 ~]$ exit
logout
[root@linux220 /etc/mail]#
[root@linux220 ~]# vi /etc/aliases
[root@linux220 ~]# cat /etc/aliases | tail -6
#
# Local aliases below
#
mail01: mail02
teammain:team01,tema02,user01@emample.com
teamsub::include:/etc/mail/list/teamsub.list
[root@linux220 ~]# newaliases
/etc/aliases: 79 aliases, longest 36 bytes, 860 bytes total
[root@linux220 ~]# praliases | grep team
teammain:team01,tema02,user01@emample.com
teamsub::include:/etc/mail/list/teamsub.list
[root@linux220 ~]# useradd team01
[root@linux220 ~]# passwd team01
Changing password for user team01.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@linux220 ~]# useradd team02
[root@linux220 ~]# passwd team02
Changing password for user team02.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@linux220 ~]# mailx teammain
Subject: mailing test
hello
.
Cc:
[root@linux220 ~]# mail -u team01
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/team01": 1 message 1 new
>N 1 root@linux220.exampl Mon May 9 21:57 16/671 "mailing test"
& 1
Message 1:
From root@linux220.example.com Mon May 9 21:57:13 2016
Date: Mon, 9 May 2016 21:57:08 +0900
From: root <root@linux220.example.com>
To: teammain@linux220.example.com
Subject: mailing test
hello
& d a
& exit
[root@linux220 ~]# mail -u team02
No mail for team02
[root@linux220 ~]# mailx
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N 1 MAILER-DAEMON@mail.l Mon May 9 21:57 76/2830 "Returned mail: see transcript for details"
& d a
& exit
[root@linux220 ~]# vi /etc/aliases
You have mail in /var/spool/mail/root
[root@linux220 ~]# cat /etc/aliases | tail -6
#
# Local aliases below
#
mail01: mail02
teammain:team01,team02,user01@emample.com
teamsub::include:/etc/mail/list/teamsub.list
[root@linux220 ~]# praliases
postmaster:root
daemon:root
adm:root
lp:root
shutdown:root
operator:root
ftp:root
radiusd:root
dbus:root
nscd:root
pcap:root
apache:root
dovecot:root
quagga:root
amanda:root
ident:root
gdm:root
mailnull:root
sshd:root
smmsp:root
squid:root
ntp:root
mysql:root
desktop:root
rpcuser:root
nfsnobody:root
ingres:root
toor:root
abuse:root
newsadmin:news
usenet:news
ftpadm:ftp
ftp-admin:ftp
webmaster:root
noc:root
security:root
hostmaster:root
info:postmaster
marketing:postmaster
sales:postmaster
decode:root
mail01:mail02
teammain:team01,tema02,user01@emample.com
@:@
mailer-daemon:postmaster
bin:root
sync:root
halt:root
mail:root
news:root
uucp:root
games:root
gopher:root
nobody:root
nut:root
vcsa:root
canna:root
wnn:root
rpm:root
webalizer:root
fax:root
radvd:root
pvm:root
privoxy:root
named:root
xfs:root
postgres:root
postfix:root
netdump:root
ldap:root
rpc:root
system:root
manager:root
dumper:root
newsadm:news
ftpadmin:ftp
ftp-adm:ftp
www:webmaster
support:postmaster
teamsub::include:/etc/mail/list/teamsub.list
[root@linux220 ~]# newaliases
/etc/aliases: 79 aliases, longest 36 bytes, 860 bytes total
[root@linux220 ~]# praliases | grep team
teammain:team01,team02,user01@emample.com
teamsub::include:/etc/mail/list/teamsub.list
[root@linux220 ~]# mail -u team02
No mail for team02
[root@linux220 ~]# mailx teammain
Subject: mailing test
hello
.
Cc:
[root@linux220 ~]# mail -u team01
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/team01": 2 messages 2 new
>N 1 root@linux220.exampl Mon May 9 21:57 16/671 "mailing test"
N 2 root@linux220.exampl Mon May 9 21:59 16/671 "mailing test"
& d all
No applicable messages from {all}
& d a
& exit
You have new mail in /var/spool/mail/root
[root@linux220 ~]# mail -u team01
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/team01": 2 messages 2 new
>N 1 root@linux220.exampl Mon May 9 21:57 16/671 "mailing test"
N 2 root@linux220.exampl Mon May 9 21:59 16/671 "mailing test"
& 1
Message 1:
From root@linux220.example.com Mon May 9 21:57:13 2016
Date: Mon, 9 May 2016 21:57:08 +0900
From: root <root@linux220.example.com>
To: teammain@linux220.example.com
Subject: mailing test
hello
& d 1
& d 2
& exit
[root@linux220 ~]# mail -u team02
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/team02": 1 message 1 new
>N 1 root@linux220.exampl Mon May 9 21:59 16/671 "mailing test"
& 1
Message 1:
From root@linux220.example.com Mon May 9 21:59:05 2016
Date: Mon, 9 May 2016 21:59:05 +0900
From: root <root@linux220.example.com>
To: teammain@linux220.example.com
Subject: mailing test
hello
& d 1
& exit
[root@linux220 ~]#
[root@linux220 ~]# mkdir /etc/mail/list
[root@linux220 ~]# vi /etc/mail/list/teamsub.list
[root@linux220 ~]# cat /etc/passwd | awk -F: '{print $1}'
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
gopher
ftp
nobody
distcache
nscd
vcsa
apache
rpc
mailnull
smmsp
webalizer
dovecot
squid
pcap
ntp
dbus
avahi
rpcuser
nfsnobody
named
hsqldb
sshd
haldaemon
avahi-autoipd
xfs
gdm
sabayon
fedora
tomcat
user01
user02
user03
ftpupload
mail01
mail02
team01
team02
[root@linux220 ~]# cat /etc/passwd | awk -F: '$3 > 499 && $3 < 60000 {print $1}'
fedora
user01
user02
user03
mail01
mail02
team01
team02
[root@linux220 ~]# cat /etc/passwd | awk -F: '$3 > 499 && $3 < 60000 {print $1}' > /etc/mail/list/teamsub.list
[root@linux220 ~]# cat /etc/mail/list/teamsub.list
fedora
user01
user02
user03
mail01
mail02
team01
team02
[root@linux220 ~]# mailx teamsub
Subject: mailing test
hello
.
Cc:
[root@linux220 ~]# mail -u team01
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/team01": 1 message 1 new
>N 1 root@linux220.exampl Mon May 9 22:06 16/668 "mailing test"
& q
Held 1 message in /var/mail/team01
[root@linux220 ~]# mail -u team02
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/team02": 1 message 1 new
>N 1 root@linux220.exampl Mon May 9 22:06 16/668 "mailing test"
& q
Held 1 message in /var/mail/team02
[root@linux220 ~]#
그림10
그림11
그림12
그림13
그림14
'모의해킹 침해대응 전문가 과정' 카테고리의 다른 글
| 20160511 리눅스 네트워크 (0) | 2016.05.12 |
|---|---|
| 20160510 리눅스 네트워크 (0) | 2016.05.11 |
| 20160504 리눅스 네트워크 (0) | 2016.05.05 |
| 20160503 리눅스 네트워크 (0) | 2016.05.04 |
| 20160502 리눅스 네트워크 (0) | 2016.05.03 |