Ibrahiem Elbarki Ftp

8/8/2019 Ibrahiem Elbarki Ftp

http://slidepdf.com/reader/full/ibrahiem-elbarki-ftp 1/18

RFC 959



File Transfer Protocol (FTP) is a standard networkprotocol used to copy a file from one host toanother over a TCP/IP-based network, such as theInternet. FTP is built on a client-server architecture

and utilizes separate control and data connectionsbetween the client and server.[1] FTP users mayauthenticate themselves using a clear-text sign-inprotocol but can connect anonymously if the serveris configured to allow it.

The first FTP client applications were interactivecommand-line tools, implementing standardcommands and syntax. Graphical user interfaceclients have since been developed for many of thepopular desktop operating systems in use today.



A client makes a TCP connection to the server's port 21.This connection, called the control connection, remainsopen for the duration of the session, with a secondconnection, called the data connection, opened by the

server from its port 20 to a client port (specified in thenegotiation dialog) as required to transfer file data. Thecontrol connection is used for session administration(i.e., commands, identification, passwords)

exchanged between the client and server using a telnet-like protocol. For example "RETR f ilename" would

transfer the specified file from the server to the client.Due to this two-port structure, FTP is considered anout-o f -band, as opposed to an in-band protocol such asHTTP.

RETR >> Transfer a copy of the file (retreive)



The server responds on the control connectionwith three digit status codes in ASCII with anoptional text message, for example "200" (or

"200 OK.") means that the last command wassuccessful. The numbers represent the codenumber and the optional text representexplanations (i.e., <OK>) or needed parameters(i.e., <Need account for storing file>).A filetransfer in progress over the data connectioncan be aborted using an interrupt message sentover the control connection.



FTP can be run in active or passive mode, whichdetermine how the data connection is established. Inactive mode, the client sends the server the IP addressand port number on which the client will listen, and

the server initiates the TCP connection. In situationswhere the client is behind a firewall and unable toaccept incoming TCP connections, passive mode may beused. In this mode the client sends a PASV(enter thepassive mode ) command to the server and receives an

IP address and port number in return. The client usesthese to open the data connection to the server. Bothmodes were updated in September 1998 to add supportfor IPv6. Other changes were made to passive mode atthat time, making it extended passive mode.



1. ASCII mode: used for text. Data is converted, if needed,from the sending host's character representation to "8-bitASCII" before transmission, and (again, if necessary) to thereceiving host's character representation. As a consequence,this mode is inappropriate for files that contain data other

than plain text.2. Image mode (commonly called Binary mode): the sending

machine sends each file byte for byte, and the recipientstores the bytestream as it receives it. (Image mode supporthas been recommended for all implementations of FTP).

3. EBCDIC mode: use for plain text between hosts using theEBCDIC character set. This mode is otherwise like ASCIImode.

4. Local mode: Allows two computers with identical setups tosend data in a proprietary format without the need toconvert it to ASCII



1. Stream mode: Data is sent as a continuousstream, relieving FTP from doing anyprocessing. Rather, all processing is left up to

TCP. No End-of-file indicator is needed, unlessthe data is divided into records.

2. Block mode: FTP breaks the data into severalblocks (block header, byte count, and data

field) and then passes it on to TCP.3. Compressed mode: Data is compressed using

a single algorithm (usually Run-lengthencoding).



FTP was not designed to be a secure protocol³especially by today's standards³and has manysecurity weaknesses. In May 1999, the authors

of RFC 2577 enumerated the following flaws: BounceAttacks

Spoof Attacks

Brute Force Attacks

Packet Capture (Sniffing)

Username Protection

Port Stealing



FTP was not designed to encrypt its traffic; alltransmissions are in clear text, and user names,passwords, commands and data can be easily read byanyone able to perform packet capture (sniffing) on the

network. This problem is common to many InternetProtocol specifications (such as SMTP, Telnet, POP andIMAP) designed prior to the creation of encryptionmechanisms such as TLS or SSL[2]. A common solutionto this problem is use of the "secure", TLS-protected

versions of the insecure protocols (e.g. FTPS for FTP,TelnetS for Telnet, etc.) or selection of a different, moresecure protocol that can handle the job, such as theSFTP/SCP tools included with most implementationsof the Secure Shell protocol.



A host that provides an FTP service mayadditionally provide anonymous FTP access.Users typically log into the service with an

'anonymous' account when prompted for username.Although users are commonly asked tosend their email address in lieu of a password,no verification is actually performed on the

supplied data[7]; examples of anonymous FTPservers can be found here.



Where FTP access is restricted, a remote FTP (or FTPmail)service can be used to circumvent the problem. An e-mailcontaining the FTP commands to be performed is sent to aremote FTP server, which is a mail server that parses theincoming e-mail, executes the FTP commands, and sends

back an e-mail with any downloaded files as an attachment.Obviously this is less flexible than an FTP client, as it is notpossible to view directories interactively or to modifycommands, and there can also be problems with large fileattachments in the response not getting through mailservers. The service was used when some users' only

internet access was via email through gateways such as aBBS or online service. As most internet users these dayshave ready access to FTP, this procedure is no longer ineveryday use.



Most recent web browsers can retrieve files hosted on FTP servers,although they may not support protocol extensions such as FTPS[8].Whenan FTP³rather than HTTP³URL is supplied, the accessible contents ofthe remote server is presented in a manner similar to that used for otherWeb content. A full-featured FTP client can be run within Firefox in theform of an extension called FireFTP [1]

FTP URL syntax is described in RFC1738[9], taking the form: ftp://[<user>[:<password>]@]<host>[:<port>]/<url-path>[9]

(The bracketed parts are optional.) For example: ftp://public.ftp-servers.example.com/mydirectory/myfile.txt or: ftp://user001:[email protected]

servers.example.com/mydirectory/myfile.txt More details on specifying a user name and password may be found in

the browsers' documentation, such as, for example, Firefox and InternetExplorer.

By default, most web browsers use passive (PASV) mode, which moreeasily traverses end-user firewalls.



FTP normally transfers data by having the server connectback to the client, after the PORT command is sent by theclient. This is problematic for both NATs and firewalls,which do not allow connections from the Internet towardsinternal hosts. For NATs, an additional complication is the

representation of the IP addresses and port number in thePORT command refer to the internal host's IP address andport, rather than the public IP address and port of the NAT.

There are two approaches to this problem. One is that theFTP client and FTP server use the PASV command, whichcauses the data connection to be established from the FTP

client to the server. This is widely used by modern FTPclients.Another approach is for the NAT to alter the valuesof the PORT command, using an application layer gatewaysfor this purpose



There are several methods of securelytransferring files that have been called "SecureFTP" at one point or another.



1. FTPS (explicit)Explicit FTPS is an extension to the FTP standard that

allows clients to request that the FTP session beencrypted. This is done by sending the "AUTH

TLS" command. The server has the option ofallowing or denying connections that do notrequest TLS. The latest definition of this protocolis 4217.

2. FTPS (implicit)

Implicit FTPS is deprecated standard for FTP thatrequired the use of a SSL or TLS connection. Itwas specified to use different ports than plainFTP.



3- SFTP

SFTP, the "SSH File Transfer Protocol," is notrelated to FTP except that it also transfers files

and has a similar command set for users.



4- FTP over SSH (not SFTP)

FTP over SSH (not SFTP ) refers to the practice of tunnelinga normal FTP session over an SSH connection.

Because FTP uses multiple TCP connections (unusual for aTCP/IP protocol that is still in use), it is particularlydifficult to tunnel over SSH.With many SSH clients,attempting to set up a tunnel for the control channel(the initial client-to-server connection on port 21) willprotect only that channel; when data is transferred, theFTP software at either end will set up new TCPconnections (data channels), which bypass the SSHconnection, and thus have no confidentiality, integrityprotection, etc.



Otherwise, it is necessary for the SSH client software tohave specific knowledge of the FTP protocol, andmonitor and rewrite FTP control channel messagesand autonomously open new forwardings for FTPdata channels. Version 3 of SSH CommunicationsSecurity's software suite, the GPL licensed FONC, andCo:Z FTPSSH Proxy are three software packages thatsupport this mode.

FTP over SSH is sometimes referred to as secure FTP; thisshould not be confused with other methods of

securing FTP, such as with SSL/TLS (FTPS). Othermethods of transferring files using SSH that are notrelated to FTP include SFTP and SCP; in each of these,the entire conversation (credentials and data) isalways protected by the SSH protocol.

Date post:	09-Apr-2018
Category:	Documents
Upload:	ahmed-aboubakr
View:	220 times
Download:	0 times

Ibrahiem Elbarki Ftp

Documents