COMPUTER SCIENCE
Abstract on the topic:
"FTP protocol. General information and features ".
Faculty: legal
Completed by: ANTONiO.
Art. ticket: 13U02444
In this window, the program settings are configured general functions... Such as:
· The name of the FTP server;
· maximum amount server users who can be on the server at the same time;
· Server boot options, which are activated when the OS starts up;
· Designation of the port on which ftp will be listened to.
2.3. Optional program settings
These settings are used to configure the optional features of the program. Such important settings how:
· The ability to restrict access to the directory and subdirectories where the FTP server is located;
· Encryption of passwords of user accounts;
Limiting the verification of the user's account and his password to n-times, then automatic installation it is banned or simply thrown out of the server;
· Setting up restriction of access from IP-addresses.
2.4. Additional program settings
This window is used to configure technical capabilities programs that optimize its performance and the system as a whole. These are settings such as:
· Setting the receive buffer (in bytes), useful for slow or busy network solutions;
· The main purpose of the server (upload / download, download only, upload only);
· FTP server priority in the general list of OS processes;
· Blocking of transmission from server to server;
· Anti-hammering system (too frequent attempts to log into the server for no reason).
2.5. Program caching settings
These settings allow you to optimize the caching capabilities of the program. This allows the FTP server to store in memory a list of directories that were accessed for a specified time, which increases the response of access to them if, for a specified time, there were still attempts to access directories located in random access memory computer.
2.7. Statistics generator
This window allows you to configure the frequency of statistics update, the type of statistics collected, as well as for which users to collect statistics.
This option is useful in that you can clearly see the server load and the most popular resources, which allows you to optimize the server operation time and more accurately configure the caching properties of the program (section 2.5).
2.7. Scheduler and Configuring Dynamic IP Addresses
In these settings, you can configure such functions as:
· Start / stop FTP-server according to the schedule;
· Execution of standard system functions of the OS on a schedule;
· Tracking the dynamic change of certain IP-addresses.
The latter allows users with dynamic IP address is in the user base without any restrictions. BulletproofFTP-server itself will track the change in IP-address and register it in the database, as an additional one for a given user.
2.8. Setting up MULTIIP addresses and visualizing the program
These options allow you to configure multiple IP addresses (users can have the same logins and passwords on different "virtual" FTP servers), as well as visualization of the program (displaying the server activity icon in the systemtray, displaying the file transfer status, automatic check program updates, deleting files to the OS recycle bin or directly to DEV \ NULL (physical deletion)).
2.9. Setting up log files (reports.
In this window, you can set up maintenance detailed file a report that no serious FTP server can do without.
2.10. Configuring program reactions to events
This feature is, in my opinion, most useful on websites that host this FTP server. For each action or response of the server, you can configure a specific reaction, such as displaying a message, launching a specific file or doing system function... That. the efficiency of websites is increased several times, and the interaction with active user, in general, rises to an unattainable height.
2.11. Setting up user rights and authorities
These settings can be made through the USERACCOUNTS tab. Here you can register the following powers:
· Ask specific list users and register their powers for each of them;
· Set a list of directories to which the user can access, as well as access attributes for each of them;
Customization additional settings;
· Setting up quotas and speed limits;
· The ability to set a list of allowed / denied IP-addresses;
· Detailed general status for the entire period of server operation.
3.0. Some problems with FTP servers
FTP servers can operate in two modes: active and passive. In active mode, when data transfer starts, the client starts listening on the TCP port and tells the server which port it is listening on, after which the server opens a TCP connection from port 20 to the port specified by the client. The data is then transferred over this connection. In passive mode, the client informs the server that it is ready to transfer data and the server starts listening on a non-special TCP port and tells the client which one. Then the client opens a TCP connection to the port specified by the server and data exchange occurs through this connection.
The problem with these auxiliary connections is that the existing FTP protocol specification does not provide for any method of verifying that the client or server that established the connection is the one who requested this connection in the control session. This, combined with the fact that many operating systems assign TCP ports sequentially in ascending order, means that the result is that the FTP protocol creates conditions that allow an attacker to intercept data that someone else is transmitting, or to spoof data. These attacks differ slightly in active and passive mode. When data transmission is active, the attacker guesses the TCP port number on which the end client is waiting for a connection. Then the attacker continuously sends FTP server to which the client is connected, PORT ip, of, client, machine, port, port RETR filename or STOR filename commands. Using RETR, if you need to replace the data transmitted to the client, or STOR, if you need to intercept data from the client to the server. Or, an attacker can use attacks based on knowledge of the TCP sequence number and spoof the communication session from the server to the client. True, using this type of attack it is impossible to intercept data, you can only replace it with your own.
4.0. FTP protocol commands
The control commands for data transfer control exchanged between the Server Protocol Interpreter and the User Protocol Interpreter can be divided into three large groups:
1. Commands to control access to the system.
2. Commands of data flow control.
3. Commands of the FTP service.
Let's consider a few of the most typical teams from each group. Among the commands for controlling access to the system, the following should be noted:
USER. Typically, this command opens FTP session between client and server. The command argument is the name (identifier) of the user to work with the file system. This command can be issued not only at the beginning, but also in the middle of the session, if, for example, the user wants to change the identifier on whose behalf the actions will be carried out. In this case, all variables related to the old identifier are freed. If data is exchanged while the identifier is being changed, the exchange ends with the old user identifier.
PASS. This command is issued after entering the user ID and, as an argument, contains the user's password. As a reminder, FTP authentication data is transmitted over the network. in plain text, therefore, to ensure the security of the channel, the user needs to take additional measures.
CWD. The command allows users to work with different directories on the remote file system. The argument to the command is a string that specifies the path of the directory on the remote file system in which the user wants to work.
REIN. Reinitialization command. This command clears all variables current user, resets the connection parameters. If, at the time of the command, data transfer occurs, the transfer continues and ends with the same parameters.
QUIT. The command closes the control channel. If at the moment of sending the command, data transmission occurs, the channel is closed after the end of the data transmission.
Flow control commands set data transfer parameters. All parameters described by these commands have a default value, so flow control commands are used only when you need to change the value of the default transfer parameters. Flow control commands can be issued in any order, but they must all precede FTP service commands. The following should be distinguished from the data flow control commands:
PORT. The command assigns the address and port of the host that will be used as an active member of the data link connection. The arguments to the command are a 32-bit IP address and a 16-bit connection port number. These values are split into six 8-bit fields and are represented in decimal form: h1, h2, h3, h4, p1, p2, where hN are the address bytes (high to low) and pN are the port bytes (high to low) ...
PASV. This command is sent to the module, which will play a passive role in transmitting data ("listening" to the connection). The answer to this command there should be a string containing the address and port of the host that are in the waiting mode for connection in the format of the PORT command - "h1, h2, h3, h4, p1, p2".
The TYPE, STRU, MODE commands define, respectively, the type of transmitted data (ASCII, Image and others), the structure or format of data transmission (File, Record, Page), the transmission method (Stream, Block and others). The use of these commands is very important when building interoperability in heterogeneous environments and very different operating and file systems of interacting hosts.
FTP service commands define actions to be performed with the specified files... Typically, the argument to the commands in this group is the path to the file. The syntax for the specified path must satisfy the format requirements for the command handler file system. From the commands of the FTP service, the following can be distinguished:
RETR. This command instructs the Server Communications Utility module to send a copy of the file, given by the parameter of this command to the data transfer module on the other end of the connection.
STOR. The command instructs the "Server Data Transfer Program" module to receive data via the data transfer channel and save them as a file, the name of which is specified by the parameter of this command. If such a file already exists, it will be overwritten by a new one, if not, a new one will be created.
Commands RNFR and RNTO must follow one another. The first command contains the old filename as an argument, the second the new one. Consistent application these commands renames the file.
ABOR. The command instructs the server to abort the preceding service team(e.g. file transfer) and close the data channel.
Command DELE deletes the specified file.
Commands MKD and RMD, respectively, create and delete the directory specified in the argument.
Using commands LIST and NLST you can get a list of files in the specified directory.
All FTP commands are sent by the User Protocol Interpreter to text form- one command per line. Each command line - identifier and arguments - ends with characters
The command handler returns a three-digit code for each command. Processing codes form a certain hierarchical structure and, as a rule, specific command can only return a specific set of codes. The command processing code is followed by a space character -
Below is an example of working with FTP protocol. Legend: S - server, U - user.
S: 220 Service ready for new user
> S: 331 User name okay, need password
S: 230 User logged in, proceed
U: RETR test.txt
S: 150 File status okay; about to open data connection
<Идетпередачафайла...>
S: 226 Closing data connection, file transfer successful
S: 200 Command okay
Network file service File Transfer Protocol (FTP) is one of the earliest services used to access remote files. Before the advent of WWW, it was the most popular remote data access service on the Internet and corporate IP networks. The first FTP specifications date back to 1971. FTP servers and clients are found in virtually every UNIX operating system, as well as many other network operating systems. FTP clients are built into the browsers on the Internet today because FTP-based file archives are still popular and the browser uses FTP to access such archives.
FTP protocol allows you to move the entire file from remote computer to local and vice versa, that is, it works according to the loading-unloading scheme. In addition, it supports several commands to browse a remote directory and navigate directories on a remote file system. Therefore, FTP is especially convenient to use to access those files, the data of which does not make sense to view remotely, but it is much more efficient to move the entire file to client computer(for example, application executable files).
FTP built in primitive authentication remote users based on the transmission of the password over the network to open form... In addition, supported anonymous access that does not require a username and password, which is more secure as it does not expose users' passwords to the threat of interception.
The FTP protocol is made according to the client-server scheme. An FTP client consists of several functional modules:
- User Interface - A user interface that accepts character commands from the user and displays the state of the FTP session on a character screen.
- User-Pi - interpreter for user commands. This module interacts with the corresponding FTP server module.
- User-DTP is a module that transfers file data using commands received from the User-Pi module using the client-server protocol. This module interacts with the client's local file system.
The FTP server includes the following modules:
- Server-Pi - a module that receives and interprets commands transmitted over the network by the User-PL module
- Server-DTP - a module that controls the transfer of file data by commands from the Server-PL module. Interacts with the local file system of the server.
The FTP client and server support two concurrent sessions — a control session and a data transfer session. A control session is opened when the initial FTP connection between the client and the server is established, and during one control session, several data transmission sessions can be performed in succession, during which several files are transmitted or received.
The general scheme of interaction between the client and the server is as follows:
1. The FTP server always opens the control TCP port 21 to listen, waiting for the arrival of a request to establish a control FTP session from a remote client.
2. After establishing the control connection, the client sends commands to the server that specify the connection parameters:
· Name and password of the client;
· The role of the participants in the connection (active or passive);
· Data transfer port;
· Type of transfer;
· Type of transmitted data (binary data or ASCII code);
3. After the parameters are negotiated, the passive participant of the connection goes into the waiting mode for opening a connection to the data transfer port. The active participant initiates this connection and starts transferring data.
4. After the end of the data transfer, the data port connection is closed, and the control connection remains open. The user can activate a new data transfer session over the control connection.
The FTP client chooses the data transfer ports (by default, the client can use the control session port for data transfer), and the server must use a port that is one less than the client port.
FTP uses several commands in client-server communication (not to be confused with client user interface commands that are used by humans).
These commands are divided into three groups:
- system access control commands;
- data flow control commands;
- commands FTP services.
The access control command set includes the following commands:
- USER - Delivers the client's name to the server. This command opens a control session and can also be sent when a control session is open to change the username.
- PASS - transmits the user's password in clear text.
- CWD - Changes the current directory on the server.
- REIN - Re-initializes the control session.
- QUIT - ends the control session.
Flow control commands set data transfer parameters:
- PORT - defines the address and port of the host that will active participant data connections. For example, the command PORT 194,85,135,126,7,205 makes host 194.85.135.126 and port 1997 the active participant (calculating the port number is not trivial, but quite unambiguous).
- PASV - Designates the host as the passive member of the data connection. In response to this command, a PORT command must be sent with the idle address and port.
- TYPE - sets the type of transmitted data (ASCII code or binary data).
- STRU - defines the structure of the transmitted data (file, record, page).
- MODE - sets the transfer mode (by stream, blocks, etc.).
As you can see from the description, the FTP service can be used to work both with structured files, divided into records or pages, and with unstructured ones.
FTP service commands initiate actions to transfer files or browse a remote directory:
- RETR - Requests a file transfer from the server to the client host. The command parameters are the file name. An offset from the beginning of the file can also be specified - this allows you to start transferring a file from a specific point in case of an unexpected disconnection (this parameter is used in the reget command of the user interface).
- STOR - initiates a file transfer from the client to the server. The parameters are the same as for the RETR command.
- RNFR and RNTO - rename commands remote file... The first takes the old filename as an argument, and the second takes the new one.
- DELE, MKD, RMD, LIST - these commands respectively delete a file, create a directory, delete a directory and pass the list of files of the current directory.
Each FTP command is transmitted in text form, one command per line. The string ends with the ASCII characters CR and LF.
User interface FTP client depends on it software implementation... Along with the traditional character mode clients, there are also graphical shells that do not require the user to know symbolic commands.
Character clients generally support the following basic set of commands:
- open hostname - open a session with the remote server.
- bye - ends the session with the remote host and exits the ftp utility.
- close - end the session with the remote host, the ftp utility continues to work.
- ls (dir) - Print the contents of the current remote directory.
- get filename - copy the remote file to localhost.
- put filename - Copies the remote file to the remote server.
If you have been reading this blog for a long time, then you may remember how I decided to collect in it a description of the popular (and not so) network protocols... Why do I need this, you can read in the article A fairly complete description of the SMTP protocol. So I decided to replenish the collection with the FTP protocol, which is widely used for file transfer.
1. We go
By tradition, I'll start right away with an example:
$ telnet example.ru 21
Trying 192.168.0.1 ...
Connected to example.ru.
Escape character is "^]".
220-Welcome to Pure-FTPd
You are user number 5 of 100 allowed.
Local time is now 17:41. Server port: 21.
220 You will be disconnected after 15 minutes of inactivity.
USER afiskon
331 User afiskon OK. Password required
PASS lamepassword
230-User afiskon has group access to: coders
230 OK. Current restricted directory is /
The FTP server usually runs on port 21. In the above example, strings starting with numbers are sent by the server, the rest are sent by the client. Client requests always consist of one format line COMMAND [arguments], while server responses may contain multiple lines.
The first and last line starts with three digits representing the response code, followed by text description answer, separated from the code by either a space or a dash. If a space is used as a separator, then the line is the last in the response (and, possibly, the only one), otherwise, we received the first line of a multi-line response. We've seen this somewhere, haven't we?
There are five groups of server responses:
As you can see from the example, it all starts with the server sending the 220 code. Then the user must log in using the USER and PASS commands. If everything is done correctly, the first server will respond with the code 331, and the second - 230. For anonymous login (if it is allowed by the server settings), enter “anonymous” as the username, and your e-mail as the password. In practice, one usually sends either an empty e-mail or something like [email protected]
As you can see, the password is transmitted in clear text, therefore it is highly desirable to encrypt the FTP connection using SSL (this is called FTPS - FTP plus SSL), and even better - transfer files over SSH using the scp, sftp or WinSCP utilities. The first two are found in any unix-system and use the same-named protocols for transferring files, working over SSH. WinSCP is written for Windows and looks like Total commander, can work with both the outdated SCP (Secure Copy) and SFTP (SSH File Transfer Protocol), which appeared only in SSH-2.
2. Looking around
But something carried me into the wrong steppe. After passing the authentication (wow, I no longer confuse it with authorization) The FTP server will happily execute our commands. Here is a list of them:
| Command | Expected code | Description |
| DELE | 250 | Delete a file |
| RMD | 250 | Delete directory |
| CWD | 250 | Go to directory |
| MKD | 257 | Create directory |
| PWD | 257 | Find out the current directory |
| QUIT | 221 | Finish work |
| TYPE | 200 | Set transfer type |
| PORT | 200 | Go to active mode |
| PASV | 227 | Go to passive mode |
| LIST | 150, 226 | Get directory contents |
| RETR | 150, 226 | Download file |
| STOR | 150, 226 | Upload file |
| ABOR | 426,226 | Cancel transfer |
| RNFR | 350 | Select file to rename |
| RNTO | 250 | Rename file |
Here I have listed only the basic commands, which are enough to write a full-fledged FTP client. The point is that in real conditions FTP servers are very selective about supporting the commands described in RFC959 and RFC3659. So, if we want to get a really working application, and not a spherical horse in a vacuum, we will have to restrict ourselves to only the commands from the above list.
The most simple commands- this is QUIT, DELE, MKD, CWD and RMD... We just command and check the code returned by the server. If it is equal to the expected one, then everything is OK, if not, we handle the error.
MKD ftp_test
257 "ftp_test": The directory was successfully created
CWD ftp_test
250 OK. Current directory is / ftp_test
CWD ..
250 OK. Current directory is /
RMD ftp_test
250 The directory was successfully removed
If I were writing an FTP client, then the code responsible for executing the named commands would look something like this:
int code;
char * dir;
// ...
if (code = rawcmd (250, "RMD% s \ r \ n ", dir))
printf ("Error:% d \ n ", code);
else
printf ("All done! \ n ")
;
Slightly more difficult with parsing the server response to the command PWD:
PWD
257 "/ ftp_test" is your current location
The current directory is passed in a single (last?) Line in the server's response, enclosed in double quotes. If full name the current directory contains double quotes, they are replaced with two quotes:
PWD
257 "/ ftp" "test" is your current location
A couple of commands are used to rename files - RNFR and RNTO:
RNFR old_file.zip
350 Are you kidding?
RNTO new_file.zip
250 Done!
Apparently, this is such an optimization so that the buffer into which the server reads client commands is of the order of the maximum allowable length of the full file name, and not twice as long. In 1971, when the protocol was created, this could be important.
Command TYPE allows you to set the file transfer mode. Example:
TYPE E
200 TYPE is now EBCDIC
TYPE A
200 TYPE is now ASCII
TYPE I
200 TYPE is now 8-bit binary
As far as I can tell, today this command is already outdated and all data can be safely transferred in binary format (TYPE I). Quoting from Wikipedia:
The first computers used a byte-sized format, machine word, double machine word, not a multiple of 8. They were usually multiples of six. Eight bits per byte were adopted in the development of the machine instruction set for the IBM System / 360. It has become international standard and since the early 1970s most computers use 8-bit bytes and machine words that are multiples of 8.
3. We act
Feature of the FTP protocol - for executing commands and transferring files, different connections... This is generally normal. design solution... We do not know what is written in these files, and if you transfer them together with commands, you will have to somehow encode the contents of the file to distinguish it from commands. Why increase the traffic and complicate the protocol when you can just open a new connection and send the file as it is?
When establishing a new connection, someone should actually connect, and someone should accept the connection. If the client opens a port and the server connects to it, the file transfer mode is called active. Otherwise, passive. Due to the fact that many Internet users today sit behind NAT, passive mode is usually used. And this is not very good, because the number of ports on the server is limited.
What's interesting is that it is possible to transfer files from one FTP server to another directly. But since this feature was often used in DDoS attacks, it is now disabled almost everywhere.
To switch to passive mode, use the command PASV, to switch to active - PORT:
PORT 192,168,10,1,21,133
200 PORT command successful
PASV
227 Entering Passive Mode (192,168,0,1,21,216)
As you might guess, the numbers are used to encode the IP address and port for the connection. Let's say we are in passive mode and want to establish a data connection:
$ telnet 192.168.0.1 `expr 21 \ * 256 + 216`
Trying 192.168.0.1 ...
Connected to example.ru.
Escape character is "^]".
Then we can, for example, view the contents of the current directory by using the command LIST:
LIST
150 Accepted data connection
226-Options: -a -l
226 5 matches total
We look at the telnet output:
drwx ------ 5 afiskon coders 512 Jul 7 11:35.
drwx ------ 5 afiskon coders 512 Jul 7 11:35 ..
drwxr - r-- 3 afiskon coders 512 Jun 6 14:30 site
drwxr-xr-x 2 afiskon coders 1024 Jul 7 00:16 logs
drwxr - r-- 2 afiskon coders 512 Jun 6 14:30 tmp
Connection closed by foreign host.
Downloading and uploading files occurs in absolutely the same way, only the commands are used RETR (file) and STOR (file) respectively. The RETR, STOR and LIST commands can be interrupted during execution with the command ABOR, in response to which the server should respond 426 "transmission aborted", and then 226 "canceled operation was successful."
4. Conclusion
On this I, perhaps, will end my story. It turned out 9 KB of text versus 130 KB of RFC959. This article is quite possible to write a simple FTP client or server, I checked! The most important thing is to test it for compatibility with as many software as possible, because, as I noted, few people in the FTP world strictly follow RFCs. And the last thing - remember Golden Rule"Be liberal with input, strict with output".
FTP(File Transfer Protocol) is one of the three main Internet protocols (mail, www, ftp). FTP or "File Transfer Protocol" is one of the oldest protocols on the Internet and is part of its standards. FTP data exchange takes place over a TCP channel. An exchange was built using the "client-server" technology.
Protocol is an agreed format for transferring data between two devices. The protocol defines the following:
- how error checking will be performed;
- data packaging method (if packaging is used);
- how the sending device reports that it has finished the message;
- how the receiving device reports that it has received the message.
There are a number of standard (reference) protocols from which you can choose the appropriate one. Each protocol has its own advantages and disadvantages (disadvantages); for example, some are simpler than others, some are more reliable, and some are faster.
From the user's point of view, the only thing that interests him about the protocol is that the computer or device must support it (the protocol) correctly if you want to communicate with other computers. The protocol can be implemented in either hardware or software.
FTP is a set of rules that dictate how computers can share files on the Internet.
FTP is built in such a way that various computers with different software and different hardware can effectively exchange any files.
Today many users associate it with warez, mp3, jpeg and mpeg formats. But in fact, this protocol is used to transfer any kind of files, from ordinary text documents to protected program files... FTP protocol is widely used in automatic systems making payments via the Internet and for transmitting information from satellites in space.
Uploading and downloading files on the Internet is so important routine tasks that FTP was widely used even before it appeared on the web Email... However, this protocol makes it much easier to gain access to files on another computer than to allow others to access and read your files.
Technical Processes for Making a Connection Using FTP
- user - username.
- colon is the program separator between username and password
- password - password.
- @ - means separation between user data and address.
Next comes the address itself. It can be IP, or the address can have literal meaning(ftp.ur.ru). The address is again followed by a separating colon, which separates the address and the port number to connect to. By default, this port is 21, but can be any number provided by the server administrator.
The address might look like this:
This will mean that the name by anonymous, the password is E-mail address, and the port is the 21st.
FTP Modes
When using the FTP protocol, two connections are established between and - governing(commands follow) and data connection(files are transferred over it). The control connection is the same for active and passive mode ... The client initiates a TCP connection from a dynamic port (1024-65535) to port 21 on the FTP server and says "Hi! I want to connect to you. Here is my name and my password." Further actions depend on which FTP mode (active or passive) is selected.
- V active mode when the customer says "Hello!" it also tells the server the port number (from dynamic range 1024-65535) so that the server can connect to the client to establish a data connection. The FTP server connects to the specified client port number using TCP port 20 for data transfer. For the client, such a connection is an incoming one, so it is often difficult to work in active mode for clients behind a firewall or NAT, or requires additional settings.
- V passive mode, after the client says "Hello!", the server tells the client the TCP port number (from the dynamic range 1024-65535) to which it can connect to establish a data connection. At the same time, as it is easy to see, the ports in such a connection, both from the client side and from the server side, turn out to be arbitrary. In passive mode, the client can easily work with the server through its firewall, but often to support the passive mode by the server, an appropriate firewall configuration is required already on the server side.
The main difference between active FTP mode and passive FTP mode is the side that opens the data connection. In active mode, the client must be able to accept this connection from the FTP server. In passive mode, the client always initiates this connection itself, and the server must already accept it.
FTP is a service based exclusively on TCP (Transmission Control Protocol). FTP is unusual in that it uses two ports, a "data" port and a "command" port (also known as a management port). Traditionally, this is port 21 for commands and port 20 for data. However, depending on the mode, the data port will not always be 20.
In active mode, the FTP client connects from an arbitrary unprivileged port (N> 1024) to the FTP server command port 21. Then, the client starts listening on port N + 1 and send the FTP command PORT N + 1 to the FTP server. In response, the server connects to the specified client data port from its local port data 20.
In passive mode, the FTP client initiates both connections to the server, solving the problem with firewalls that filter inbound port customer data. On opening FTP connections, the client opens two unprivileged ports locally (N> 1024 and N + 1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to respond to its data port, the client issues a PASV command. As a result, the server opens an arbitrary unprivileged port (P> 1024) and sends the PORT P command to the client. Then, to transfer data, the client initiates a connection from port N + 1 to port P on the server.
FTP FTP (English File Transfer Protocol) is a protocol designed to transfer files to computer networks... FTP allows you to connect to FTP servers, view the contents of directories and upload files from a server or to a server; besides, the mode of transferring files between servers is possible (see FXP).
FTP is one of the oldest application protocols dating back long before HTTP, in 1971. Until the early 1990s, FTP accounted for about half of the traffic on the Internet. It is still widely used today for software distribution and access to remote hosts.
The FTP protocol belongs to the application layer protocols and uses the transport TCP protocol... Commands and data, unlike most other protocols, are transmitted over different ports. Port 20 is used for data transmission, port 21 for command transmission. In case the file transfer was interrupted for any reason, the protocol provides means for downloading the file, which is very convenient when transferring large files.
FTP security problem The protocol is not encrypted; during authentication, the username and password are transmitted in clear text. In the case of building a network using a hub, an attacker, using a passive sniffer, can intercept the logins and passwords of FTP users on the same network segment, or, if special software is available, receive transmitted via FTP files without authorization. To prevent interception of traffic, you must use an encryption protocol SSL data which is supported by many modern FTP servers and some FTP clients.
FTP authorization process The unencrypted authorization process takes place in several stages (characters \ r \ n mean line feed): 1. Establishing a TCP connection to the server (usually on port 21) 2. Sending the command USER login \ r \ n 3. Sending the PASS command password \ r \ n After successful authorization, you can send other commands to the server.
Anonymous login to FTP If anonymous access is allowed to the server (as a rule, only for downloading data from the server), then the login is used keyword"Anonymous" or "ftp" and the password is the email address: 1. USER anonymous \ r \ n 2. PASS
Basic commands ABOR protocol Abort CDUP file transfer Change directory to a higher level. CWD Change directory. DELE Delete file (DELE filename). EPSV - Enter advanced passive mode. Used instead of PASV. HELP Lists commands accepted by the server.
Basic protocol commands LIST Returns a list of files in a directory. The list is sent over a data connection (port 20). MDTM Returns the modification time of the file. MKD Create directory. NLST Returns a list of files in a directory in more short format than LIST. The list is sent over a data connection (port 20). NOOP Empty operation
Basic commands of the PASV protocol Enter passive mode. The server will return the address and port to which you need to connect to pick up the data. The transmission will start when you enter the following commands RETR, LIST, etc. PORT Enter active mode. For example PORT 12,34,45,56,78,89. In contrast to the passive mode, for data transfer, the server itself connects to the client. PWD Returns the current directory. QUIT Disconnect
Example FTP work 220 FTP server ready. USER ftp // Anonymous 230 Login successful. PASV 227 Entering Passive Mode (192,168,254,253,233,92) // Client must open a connection to the transferred IP LIST 150 Here comes the directory listing. // Server sends list of files in directory 226 Directory send OK. CWD incoming 250 Directory successfully changed. PASV 227 Entering Passive Mode (192,168,254,253,207,56) STOR gyuyfotry.avi 150 Ok to send data. // The client sends the contents of the file 226 File receive OK. QUIT 221 Goodbye.
The argument 192,168,254,253,207,56 means that a connection from the server is expected on a host with an IP address on port 207 * 256 + 56 = Many FTP servers have a directory (called incoming, upload, etc.) open for writing and intended to upload files to the server. This allows users to populate the server with fresh data.
PASSIVE MODE Initially, the protocol assumed an opposite TCP connection from server to client to transfer a file or directory contents. This made it impossible to communicate with the server if the client is behind IP NAT, in addition, often the connection request to the client is blocked by the firewall. To avoid this, an extension of the FTP passive mode protocol was developed, when the connection for data transfer also occurs from the client to the server. An important point is that the client establishes a connection with the address and port, the specified server... The server chooses a port at random from a certain range (). Therefore, when you find an ftp server behind NAT, you should explicitly specify its address in the server settings.
NAT-PT Specifically for FTP over firewalls a NAT extension called NAT-PT (rfc2766) was made to allow incoming connections from server to client to be translated through NAT. In the course of such a connection, NAT replaces the transmitted data from the client, indicating to the server the true address and port to which the server can connect, and then broadcasts the connection from the server from this address to the client to its address. Despite all the measures and innovations taken to support the FTP protocol, in practice, the NAT-PT function is usually disabled in all routers and routers in order to ensure additional security from virus threats.
FXP FXP (English File eXchange Protocol File Exchange Protocol) is a method of transferring files between two FTP servers directly without uploading them to your computer. During an FXP session, the client opens two FTP connections to two different servers by requesting a file from the first server, specifying the IP address of the second server in the PORT command. The undoubted advantage of supporting the FXP standard is that on end users who want to copy files from one FTP server to another, the restriction is no longer valid bandwidth their own internet connection. There is no need to download a file for yourself, and then put it on another FTP-server. Thus, the file transfer time will depend only on the connection speed between two remote FTP-servers, which in most cases is obviously higher than the "user" speed.
FXP Unfortunately, attackers began to use FXP to attack other servers: the PORT command specifies the IP address and port of the attacked service on the victim's computer, and the RETR / STOR commands call this port on behalf of the FTP server, not the attacking machine. which made it possible to launch large-scale DDoS attacks using many FTP servers at once, or bypass the security system of the victim's computer if it relies only on checking the client's IP and the FTP server used for the attack is located on a trusted network or on a gateway. As a result, now almost all servers check that the IP address specified in the PORT command matches the IP address of the FTP client and, by default, prohibit the use of third-party IP addresses there. Thus, using FXP is not possible when working with public FTP servers.
FTP client FTP client is a program for easy access to FTP server. Depending on the purpose, it can either provide the user with simple access to a remote FTP server in text console mode, taking on only the work of sending user commands and files, or display files on remote server as if they were part of the user's computer file system, or both. In the last two cases, the FTP client takes on the task of interpreting user actions into FTP protocol commands, thereby making it possible to use the file transfer protocol without familiarizing yourself with all of its intricacies.
FTP client Private examples of using an FTP client can be: Publishing site pages on an Internet server Web developer Downloading music, programs and any other data files regular user the Internet. This example is often not even recognized by many users as using FTP client and protocol, since many public servers do not ask for additional data to authenticate users, but Internet browsers(which are also FTP clients) download files without asking questions.
FTP client Examples of such programs are: Internet browsers (often work in read-only mode, that is, they do not allow adding files to the server) Many file managers, for example: Windows Explorer(Explorer), Total Commander, FAR, Midnight commander, Krusader Specialized programs for example: FileZilla
Access rights and authorization File system on the remote server, as a rule, it has access rights settings for different users. So, for example, only some files can be accessed by anonymous users; users will not know about the existence of others. Another group of users may have access to other files or, for example, in addition to the rights to read files, they may also be given rights to write new or update existing files. The range of access rights depends on operating system and software each specific FTP server. As a rule, they share the rights to view the contents of a folder (that is, the ability to get a list of files contained in it), to read the file (s), to write (create, delete, update) the file (s)
For authorization, the FTP server, when connecting to it an FTP client, asks the latter for a username and password. Most FTP clients, in turn, request this data from the user in interactive mode... There is also another way to specify this information by including it in the FTP server URL. So, for example, in the ftp: // line indicating that we are using the FTP protocol vasya username: username separator and password key separator for authentication information and server address ftp.example.com FTP server address
FTP response codes First position One means that the command has been accepted for execution but not yet completed Two means that the command has been successfully completed. additional command The four says that in this moment the command cannot be executed. Five means the fundamental impossibility of executing the command
FTP response codes Second position Zero matches syntax error Unit corresponds information message A two indicates that the message refers to either a control connection or a data connection. A three corresponds to messages about user authentication and user rights. Four is undefined. A five corresponds to a file system state message.
