10 Advance VsFTP Interview Questions and Answers – Part II

We were overwhelmed with the response we’ve received on our last article. Where we’ve presented 10 wonderful question on Very Secure File Transfer Protocol. Continuing VSFTP interview article we are here presenting you yet another 10 Advance Interview Questions which surely will help you.

  1. 10 Basic Vsftp Interview Question/Answers – Part I
VsFTP Intervew Questions

VsFTP Intervew Questions – Part II

Please note vsftpd.conf file is used to control various aspects of configuration as specified in this article. By default, the vsftpd searches for the configuration file under /etc/vsftpd/vsftpd.conf. However, the format of file is very simple and it contains comment or directive. Comment lines begins with a ‘#‘ are ignored and a directive line has the following format.


Before we start the Question and their well explained Answer we would like to answer a question “Who is going to attend FTP Interview?”. Well no one. Perhaps no one would be attending FTP interview. But we are presenting subject wise questions to maintain a systematic approach so that in any Interview, you wont get a new question which you wont be knowing on any of the topics/subjects we covered here.

11. How would you block an IP which is acting malicious on your internal private VSFTP network?
Answer : We can Block IP either by adding the suspicious IP to ‘/etc/hosts.deny’ file or alternatively adding a DROP rule for the suspicious IP to iptables INPUT chain.
Block IP using host.deny file

Open ‘/etc/hosts.deny’ file.

# vi /etc/hosts.deny

Append the following line at the bottom of the file with the IP address that you want to block access to FTP.

# hosts.deny    This file contains access rules which are used to
#               deny connections to network services that either use
#               the tcp_wrappers library or that have been
#               started through a tcp_wrappers-enabled xinetd.
#               The rules in this file can also be set up in
#               /etc/hosts.allow with a 'deny' option instead.
#               See 'man 5 hosts_options' and 'man 5 hosts_access'
#               for information on rule syntax.
#               See 'man tcpd' for information on tcp_wrappers
Block IP using iptables rule

To block FTP access to particular IP address, add the following drop rule to iptables INPUT chain.

iptables -A RH-Firewall-1-INPUT -p tcp -s -m state --state NEW -m tcp --dport 21 -j DROP
12. How to allow secured SSL connections to Anonymous users? How would you do?
Answer : Yes! It is possible to allow anonymous users to use secured SSL connections. The value of parameter ‘allow_anon_ssl’ should be ‘YES’ in the vsftpd.conf file. If it, set to NO it wont allow anonymous users to use SSL connections. The default value is NO.
# Add this line to enable secured SSL connection to anonymous users.
13. How to allow Anonymous users to create new directory and write to that directory?
Answer : We need to edit the parameter ‘anon_mkdir_write_enable’ and set it’s value to ‘YES’. But in order to make the parameter working, ‘write_enable’ must be activated. The default is NO.
# Uncomment this to enable any form of FTP write command.
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
14. How to enable Anonymous downloads, but disable permission to write?
Answer : In the above said scenario, we need to edit the parameter ‘anon_world_readable_only’. The parameter should be enabled and set to ‘YES’. The default value is YES.
# Add this line to enable read only permission to anonymous users.
15. How to CHMOD all Anonymous uploads automatically. How would you do?
Answer : To chmod all anonymous uploads automatically, we need to edit the parameter ‘chmod_enable’ and set it to ‘YES’. Anonymous users never get to use SITE CHMOD. The default value is YES.
# Add this line to chmod all anonymous uploads automatically.
16. How to disable directory listing in a FTP server?
Answer : The parameter ‘dirlist_enable’ comes to rescue at this point. The value of ‘dirlist_enable’ should be set to NO. The default value is YES.
# Add this line to disable directory listing.
17. How to maintain sessions for logins of VSFTP. How will you do?
Answer : The parameter ‘session_support’ needs to be modified. This parameter controls and manages vsftp attempts to maintain session for logins. The default value is NO.
# Add this line to maintain session logins.
18. How to display time in local time zone, when listing the contents of directory?
Answer : The parameter ‘usr_localtime’ needs to be modified. If enabled, vsftpd will list directory files in local time zone format. The default is to display GMT. The default value is NO.
# Add this line to display directory listing in local time zone.
19. How will you limit the maximum transfer rate from VSFTP server?
Answer : To limit the maximum transfer rate of VSFTP server we need the parameter ‘anon_max_rate’ in bytes per second, for anonymous client. The default value is 0 which means unlimited.
# Add this line to limit the ftp transfer rate.
anon_max_rate=0 # 0 means unlimited
20. How will you timeout the idle session of VSFTP?
Answer : The parameter ‘idle_session_timeout’ needs to be modified here. The timeout in second, which is the maximum time an anonymous user can spend in a session between his client machine and VSFTP server. As soon as the the timeout triggers, the client is logged out. The default time is 300.
# Add this line to set the ftp timeout session.

That’s all for now. We will be coming up with next article very soon, till then stay tuned and connected and don’t forget to provide us with your valuable feedback in our comment section.

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

9 Responses

  1. Gulab Singh says:

    Nice articles………….

  2. Martial says:

    I love it and Thank you very much. https://www.tecmint.com is my favorite website

  3. shanmugam says:

    Nice article please update samba interview question sir ….Thank you so much sir…..

  4. Nanda Kumar says:

    Hi Avishek. This a great Article. How do I get connected to you?

  5. Debasish says:

    Thank you again for this advance article……………….

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.