ftp

What is ftp server?

==>The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network.

==>FTP is built on a client-server model architecture and uses separate control and data connections between the client and the server.FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS). SSH File Transfer Protocol (SFTP) is sometimes also used instead, but is technologically different.

==>FTP may run in active or passive mode, which determines how the data connection is established.In both cases, the client creates a TCP control connection from a random, usually an unprivileged, port N to the FTP server command port 21. In active mode, the client starts listening for incoming data connections from the server on port M. It sends the FTP command PORT M to inform the server on which port it is listening. By default, M=N. The server then initiates a data channel to the client from its port 20, the FTP server data port. In situations where the client is behind a firewall and unable to accept incoming TCP connections, passive mode may be used. In this mode, the client uses the control connection to send a PASV command to the server and then receives a server IP address and server port number from the server, which the client then uses to open a data connection from an arbitrary client port to the server IP address and server port number received.

#################################################################

The Basics

Active FTP

  • FTP server’s port 21 from anywhere (Client initiates connection)
  • FTP server’s port 21 to ports > 1023 (Server responds to client’s control port)
  • FTP server’s port 20 to ports > 1023 (Server initiates data connection to client’s data port)
  • FTP server’s port 20 from ports > 1023 (Client sends ACKs to server’s data port)

Passive FTP

  • FTP server’s port 21 from anywhere (Client initiates connection)
  • FTP server’s port 21 to ports > 1023 (Server responds to client’s control port)
  • FTP server’s ports > 1023 from anywhere (Client initiates data connection to random port specified by server)
  • FTP server’s ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client’s data port)

==>FTP uses two different ports –

  1. Port 20 is used for data port, But the data port is not always on 20 port. It may change in passive mode.
  2. Port 21 is used as command port.

FTP works on two different modes (Active FTP vs Passive FTP) as per server and client configuration. In this article, I am trying to define Active FTP vs Passive FTP a definitive explanation, I hope this will help you to understand its working.

FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a ‘data’ port and a ‘command’ port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20.

In active mode FTP the client connects from a random unprivileged port (N > 1023) to the FTP server’s command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client’s specified data port from its local data port, which is port 20.

From the server-side firewall’s standpoint, to support active mode FTP the following communication channels need to be opened:

When drawn out, the connection appears as follows:

In step 1, the client’s command port contacts the server’s command port and sends the command port 1027. The server then sends an ACK back to the client’s command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4.

The main problem with active mode FTP actually falls on the client side. The FTP client doesn’t make the actual connection to the data port of the server–it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client–something that is usually blocked.

#####################################################

In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode.

In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1023 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1023) and sends P back to the client in response to the PASV command. The client then initiates the connection from port N+1 to port P on the server to transfer data.

From the server-side firewall’s standpoint, to support passive mode FTP the following communication channels need to be opened:

In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client’s data port.

While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use.

The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode.

########################################################################

[root@ftpserver ~]# rpm -qa vsftpd*

[root@ftpserver ~]# yum install vsftpd -y

[root@ftpserver ~]# rpm -qi vsftpd
Name        : vsftpd                       Relocations: (not relocatable)
Version     : 2.2.2                             Vendor: Red Hat, Inc.
Release     : 14.el6                        Build Date: Friday 06 March 2015 02:29:37 AM PST
Install Date: Wednesday 27 January 2016 02:00:24 AM PST      Build Host: x86-032.build.eng.bos.redhat.com
Group       : System Environment/Daemons    Source RPM: vsftpd-2.2.2-14.el6.src.rpm
Size        : 339540                           License: GPLv2 with exceptions
Signature   : RSA/8, Tuesday 31 March 2015 07:45:07 AM PDT, Key ID 199e2f91fd431d51
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla&gt;
URL         : http://vsftpd.beasts.org/
Summary     : Very Secure Ftp Daemon
Description :
vsftpd is a Very Secure FTP daemon. It was written completely from
scratch.

############################################################################

[root@ftpserver ~]# ls -l /etc/vsftpd/
total 20
-rw——-. 1 root root  125 Mar  6  2015 ftpusers
-rw——-. 1 root root  361 Mar  6  2015 user_list
-rw——-. 1 root root 4599 Mar  6  2015 vsftpd.conf
-rwxr–r–. 1 root root  338 Mar  6  2015 vsftpd_conf_migrate.sh

#########################################################################

[root@ftpserver ~]# service vsftpd status
vsftpd is stopped

[root@ftpserver ~]# /etc/init.d/vsftpd start
Starting vsftpd for vsftpd:                                [  OK  ]

[root@ftpserver ~]# service vsftpd status
vsftpd (pid 2694) is running…

[root@ftpserver ~]# chkconfig –list | grep vsftpd
vsftpd          0:off 1:off 2:off 3:off 4:off 5:off 6:off

[root@ftpserver ~]# chkconfig vsftpd –level 35 on

[root@ftpserver ~]# chkconfig –list | grep vsftpd
vsftpd          0:off 1:off 2:off 3:on 4:off 5:on 6:off

#########################################################################

[root@ftpserver ~]# cat /etc/vsftpd/vsftpd.conf
# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd’s
# capabilities.
#
# Allow anonymous FTP? (Beware – allowed by default if you comment this out).
anonymous_enable=YES
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd’s)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages – messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# The target log file can be vsftpd_log_file or xferlog_file.
# This depends on setting xferlog_std_format parameter
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using “root” for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# The name of log file when xferlog_enable=YES and xferlog_std_format=YES
# WARNING – changing this filename affects /etc/logrotate.d/vsftpd.log
#xferlog_file=/var/log/xferlog
#
# Switches between logging into vsftpd_log_file and xferlog_file files.
# NO writes to vsftpd_log_file, YES to xferlog_file
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command “SIZE /big/file” in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the “-R” option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as “ncftp” and “mirror” assume
# the presence of the “-R” option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When “listen” directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd with two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

#########################################################################

[root@ftpserver ~]# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      2694/vsftpd
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      2196/sshd
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      2039/cupsd
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2320/master
tcp        0      0 :::22                       :::*                        LISTEN      2196/sshd
tcp        0      0 ::1:631                     :::*                        LISTEN      2039/cupsd
tcp        0      0 ::1:25                      :::*                        LISTEN      2320/master
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               2036/dhclient
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               2039/cupsd
#######################################################################
[root@ftpserver ~]# iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination
1649  233K ACCEPT     all  —  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
0     0 ACCEPT     icmp —  *      *       0.0.0.0/0            0.0.0.0/0
0     0 ACCEPT     all  —  lo     *       0.0.0.0/0            0.0.0.0/0
1    60 ACCEPT     tcp  —  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
4   896 REJECT     all  —  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

[root@ftpserver ~]# iptables -I INPUT -p tcp –dport 21 -j ACCEPT

[root@ftpserver ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]

[root@ftpserver ~]# service iptables reload
iptables: Trying to reload firewall rules:                 [  OK  ]

[root@ftpserver ~]# iptables -L -n -v | grep 21
0     0 ACCEPT     tcp  —  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:21
#########################################################################
mohammedrafi@NOC-RAFI:~$ telnet 172.16.28.130 21
Trying 172.16.28.130…
Connected to 172.16.28.130.
Escape character is ‘^]’.
220 (vsFTPd 2.2.2)
^C
quit
Connection closed by foreign host.
#########################################################################
mohammedrafi@NOC-RAFI:~$ ftp 172.16.28.130
Connected to 172.16.28.130.
220 (vsFTPd 2.2.2)
Name (172.16.28.130:mohammedrafi): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
425 Failed to establish connection.
#########################################################################

How to see background process running on ftp-server

mohammedrafi@NOC-RAFI:~$ ftp -d 172.16.28.130
Connected to 172.16.28.130.
220 (vsFTPd 2.2.2)
ftp: setsockopt: Bad file descriptor
Name (172.16.28.130:mohammedrafi): anonymous
—> USER anonymous
331 Please specify the password.
Password:
—> PASS XXXX
230 Login successful.
—> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
—> QUIT
221 Goodbye.
#########################################################################
[root@ftpserver ~]# cat /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
#########################################################################
[root@ftpserver ~]# cat /etc/vsftpd/user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
#########################################################################
[root@ftpserver ~]# cat /etc/vsftpd/vsftpd_conf_migrate.sh
#!/bin/bash
#move old config files and symlink them
#shipped with vsftpd-2.0.1-6
PREFIX=”vsftpd”
for file in $( ls /etc/${PREFIX}.* ); do
if [ ! -L $file ]; then
new=`echo $file | sed s/${PREFIX}\./${PREFIX}\\\\//g | sed s/\.rpmsave//g`
mv -f ${file} ${new}
ln -s ${new} ${file}
echo $file moved to $new
fi
done
#########################################################################

Ftp Response code

1xx Positive Preliminary reply

110    Restart marker reply.  

120    Service ready in nn minutes.

125    Data Connection already open; transfer starting.

150    File status okay; about to open data connection.

2xx Positive Completion reply

200    Command okay.

202     Command not implemented, superfluous at this site.

211     System status, or system help reply.

212     Directory status.

213     File status.

214     Help message.

215     NAME system type.

220     Service ready for new user.

221     Service closing control connection.

225     Data connection open; no transfer in progress.

226     Closing data connection.

227     Entering Passive Mode.

230     User logged in, proceed. This status code appears after the client sends       the correct password. Itindicates that the user has successfully logged on.

250    Requested file action okay, completed.

257    “PATHNAME” created.


3xx  Positive Intermediate reply

331    User name okay, need password.

332    Need account for login.

350    Requested file action pending further information.

4xx Transient Negative Completion reply

421    Error 421 Service not available, closing control connection. Error 421 User limit reached Error                 421 You are not authorized to make the connection Error 421 Max connections reached Error                 421 Max connections exceeded.

425    Cannot open data connection.

426    Connection closed; transfer aborted.

450    Requested file action not taken.

451    Requested action aborted: local error in processing.

452    Requested action not taken. Insufficient storage space in system.

5xx Transient Negative Completion reply

500    Syntax error, command unrecognized, command line too long.

501    Syntax error in parameters or arguments.

502    Command not implemented.

503    Bad sequence of commands.

504    Command not implemented for that parameter.

530    User not logged in.

532    Need account for storing files.

550    Requested action not taken. File unavailable, not found, not accessible.

552    Requested file action aborted. Exceeded storage allocation.

553    Requested action not taken. File name not allowed.

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Interview Questions

In Linux Like operating system vsftpd(Very Secure FTP Daemon) is ftp server , which provides the features of downloading and uploading files to the ftp space. In this article we will discuss most common ftp server interview questions along with the Answers.

Q:1 What does VSFTPD Stands for ?

Ans: VSFTPD stands for Very Secure FTP Daemon.

Q:2 What are the defaults ports used in linux ftp server ?

Ans: Port 20 – This is the data transfer port. All the all subsequent data transfers between the client and server are done using this port.

Port 21 – On this port control connection is established. All commands we send and the ftp server’s responses to those commands will go over the control connection, but any data sent back (such as “ls” directory lists or actual file data in either direction) will go over the data connection.

Q:3 What are most common features of vsftpd ?

Ans:some of the Common Features are listed below :

Q:4 What is the configuration file of vsftpd ?

Ans: ‘/etc/vsftp/vsftpd.conf’

Q:5 How to restart the service of ftp server in linux ?

Ans: Service vsftpd restart or /etc/init.d/vsftpd restart

Q:6 Which Users tare not allowed to login via ftp ?

Ans: Users mentioned in the file ‘/etc/vsftpd/ftpusers’ are not allowed to login via ftp.

Q:7 How to disable standard ftpd xferlog log format and enable default vsftpd log ?

Ans : Edit the file ‘ /etc/vsftpd/vsftpd.conf’ & make the below changes:

The default vsftpd log file is /var/log/vsftpd.log

Q:8 What is default directory for ftp / Anonymous user ?

Ans : ‘/var/ftp’ is the default directory for ftp or Anonymous user

Q:9 How to change the default directory for ftp / Anonymous user ?

Ans: Edit the file ‘/etc/vsftpd/vsftpd.conf’ and change the below directive :

After making above change either restart or reload vsftpd service.

Q:10 How to disable Anonymous user in vsftpd ?

Ans: Edit the conf file ‘/etc/vsftpd/vsftpd.conf’ and chnage below directive and restart the ftp service.

Q:11 What is chroot environment in ftp server ?

Ans: chroot environment prevents the user from leaving its home directory means jail like environment where users are limited to their home directory only. It is the addon security of ftp server.

Q:12 How to enable chroot environment in vsftpd server ?

Ans : To enable chroot environment edit the file ‘/etc/vsftpd/vsftpd.conf’ and enable the below directives :

The chroot_list_file variable specifies the file which contains users that are chroot.

Q:13 How to enable only limited/allowed users are able to login via ftp ?

Ans: This can be done by editing the file ‘/etc/vsftpd/vsftpd.conf’ and add the below directives :

The file specified by userlist_file will now contain users that are able to login.

Q:14 How to set ftp banner in linux ?

Ans: Open the file ‘/etc/vsftpd/vsftpd.conf’ and set the below directive :

Q:15 How To limit the data transfer rate, number of clients & connections per IP for local users ?

Ans: Edit the ftp server’s config file(/etc/vsftpd/vsftpd.conf) and set the below directives :

####################################################

Q: – How to deny specific users access to the FTP server ?

To deny specific users access to the FTP server, add their usernames to the /etc/vsftpd/

ftpusers file. By default, system users such as root and nobody are included in this list.

Q: – Can we create logs for ftp authenticated sessions ?

Yes, If the xferlog_enable directive in vsftpd.conf is set to YES, file transfers using the FTP protocol are logged to /var/log/xferlog. Information such as a time stamp, IP address of the client, the file being transferred, and the username of the person who authenticated the connection is included in the log entry.

Q: – What is meaning of max_clients parameter ?

Maximum number of clients that can connect at one time.

If set to 0, the number of clients is unlimited.

Q: – On which port VSFTP server works ?

FTP uses two ports, 20 and 21. By default, the FTP server listens for requests on port 21.

After a connection is established, the client sends commands to the server on port 21.

However, port 20 is used when the server sends data back to the client.

Q: – How to restart VSFTP server ?

service vsftpd restart

Q: – How to allow Anonymous FTP ?

Anonymous FTP is enabled by default by setting the anonymous_enable directive in

/etc/vsftpd/vsftpd.conf to YES.

Q: – What is FTP ?

FTP stands for File Transfer Protocol. An FTP server allows clients to connect to it either

anonymously or with a username and password combination. After successful authentication, files can be transferred back and forth between the server and client. The files are neither encrypted nor compressed.

Q: – For Redhat Linux or Fedora which package is required for FTP service ?

Red Hat Enterprise Linux 5 or FEDORA includes the vsftpd FTP service.

vsftpd-2.0.5-12.el5 (For Redhat)

Q: – Important Configuration file for vsftp server ?

The FTP server uses the /etc/vsftpd/vsftpd.conf configuration file. Using this file, you can set options for displaying a custom banner message after users log in, setting the

default file permissions for uploaded files, and setting the port on which to listen for

incoming connections.

Q: – What is FTP ?

FTP client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as ‘ls’ and ‘get’ are sent over this connection. Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server, and the destination port is a high port (greater than 1024) on the client.

Q: – What is Passive mode?

Passive mode, like active mode, is initiated by the FTP client application. When requesting data from the server, the FTP client indicates it wants to access the data in passive mode and the server provides the IP address and a random, unprivileged port (greater than 1024) on the server. The client then connects to that port on the server to download the requested information.

Q: – Explain directive “session_support”?

When enabled, vsftpd attempts to maintain login sessions for each user through Pluggable Authentication Modules (PAM).

Q: – Is there any way to monitor clients connected to vsftpd?

Yes. We actually have two slightly different methods to monitor vsftpd clients. First, make sure you have enabled the config option, “setproctitle_enable=YES” like in our example above and restart your vsftpd server. Then run the command “watch ps -Cvsftpd -o user, pid, stime, cmd” to watch the processes including ip, username and actions like idle or data retrieval.

Q: – I want to copy multiple files with out prompting for any info, how can I do that one?

ftp -i ftpserver

Q: – Local users cannot log in. How to resolve this issue?

Check “local_enable=YES” in your /etc/vsftpd/vsftpd. conf to allow local users to log in.

Q: – How to change vsftpd default port?

Set “listen_port” option in “vsftpd.conf”

Q: – How to restrict some IP’s not use my FTP server?

Use TCP_WRAPPERS

Q: – Does vsftpd support IPv6?

Yes

Advertisements
Posted in: ftp

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s