File Transfer Protocol
The File Transfer Protocol or FTP) is a network protocol for transferring files between systems connected to a TCP (Transmission Control Protocol) network, based on client-server architecture. From a client computer you can connect to a server to download files from it or to send files to it, regardless of the operating system used on each computer.
The FTP service is offered by the application layer of the TCP/IP network layer model to the user, typically using network ports 20 and 21. A basic problem with FTP is that it is intended to offer maximum speed in the connection, but not the maximum security, since all the exchange of information, from the login and password of the user on the server to the transfer of any file, is carried out in plain text without any type of encryption, with which a A potential attacker can capture this traffic, gain access to the server, and/or hijack the transferred files.
To solve this problem, applications such as SCP and SFTP are very useful, included in the SSH package, which allow you to transfer files but encrypting all traffic.
History
The FTP protocol came into use in April 1971, published as RFC 114, before the TCP/IP stack existed. The general structure was established in 1973. It was modified several times, adding new commands and functionalities. In the end, RFC 959 was published in October 1985, which is the one currently used.
The FTP Model
In the model, the user PI initiates the control connection on port 21. Standard FTP commands are generated by the user PI and transmitted to the server process over the control connection. Standard responses are sent from the server PI to the user PI over the control connection in response to commands.
These FTP commands specify parameters for the data connection (data port, transfer mode, representation type, and structure) and the nature of the operation on the file system (store, retrieve, add, delete, etc.). The user data transfer process (DTP), or another process in its place, should wait for the server to initiate connection to the specified data port (port 20 in active or standard mode) and transfer the data based on the parameters that have been specified.
We also see in the diagram that the communication between client and server is independent of the file system used on each computer, so it does not matter that their operating systems are different, because the entities that communicate with each other are the PIs and DTPs, which use the same standardized protocol: FTP.
It should also be noted that the data connection is bidirectional, that is, it can be used simultaneously to send and receive, and it does not have to exist for the entire duration of the FTP connection. But it had a problem at the beginning, and it was the location of the servers on the network. In other words, the user who wanted to download a file had to know on which machine it was located. The only information search tool that existed was Gopher, with all its limitations.
First information seeker
Gopher means 'to pounce on' information. It is a service whose objective is the location of files based on their title. It consists of a set of resource menus located on different machines that are intercommunicated. Each machine serves an area of information, but its internal organization allows all of them to function as if they were a single machine. The user navigates through these menus until he locates the information he is looking for, and he does not know exactly from which machine he is downloading said information. With the advent of the Internet, powerful search engines left the Gopher service, and locating FTP servers was no longer a problem. Currently, when the user downloads a file from a link on a web page, he does not even know that he is doing it from an FTP server. The FTP service has evolved over time and today it is widely used on the Internet, in corporate networks, Intranets, etc. Supported by any operating system, there is a large amount of software based on the FTP protocol.
FTP Server
An FTP server is a special program that runs on a server computer normally connected to the Internet (although it may be connected to other types of networks, LAN, MAN, etc.). Its function is to allow the exchange of data between different servers/computers.
In general, FTP server programs are not usually found on personal computers, so a user will normally use FTP to connect remotely to one and thus exchange information with it.
The most common applications of FTP servers are usually web hosting, in which their clients use the service to upload their web pages and their corresponding files; or as a backup server (backup copy) of important files that a company may have. For this, there are FTP communication protocols so that data is transmitted encrypted, such as SFTP (Secure File Transfer Protocol).
Server Examples
- Titan FTP Server
- WS_FTP Server
FTP Client
When a browser is not equipped with the FTP function, or if you want to upload files to a remote computer, you will need to use an FTP client program. An FTP client is a program that is installed on the user's computer, and that uses the FTP protocol to connect to an FTP server and transfer files, either to download or upload them.
To use an FTP client, you need to know the name of the file, the computer on which it resides (server, in the case of downloading files), the computer to which you want to transfer the file (in case you want to upload it ourselves). to the server), and the folder in which it is located.
Some basic console-mode FTP clients come built into operating systems, including Microsoft Windows, DOS, GNU/Linux, and Unix. However, clients with added options and graphical interface are available. Although many browsers already have FTP built in, it is more reliable when connecting to non-anonymous FTP servers to use a client program.
Anonymous access
Anonymous FTP servers offer their services freely to all users, they allow you to access your files without having to have a 'USER ID' or a user account. It is the most convenient way outside of the web service to allow everyone to have access to certain information without the administrator of a system having to create an account for each user.
If a server has a 'FTP anonymous' Just by typing the word “anonymous”, when it asks for your username you will have access to that system. No preset password is needed, although you will have to enter one only for that moment, usually your own email address is used.
That alone gives you access to the FTP files, albeit with fewer privileges than a normal user. Normally you will only be able to read and copy the files that are public, as indicated by the administrator of the server to which we want to connect.
Normally, an anonymous FTP server is used to deposit large files that are useless if not transferred to the user's machine, such as programs, and web page servers (HTTP) are reserved to store textual information intended for to online reading.
User login
If you want to have access privileges to any part of the FTP server's file system, to modify existing files, and to be able to upload your own files, it is generally done through a user account. The information of the different user accounts that can access it is stored on the server, so to start an FTP session we must enter an authentication (in English: login) and a password (in English: login).: password) that uniquely identifies us.
Web-based FTP client
A "Web-based FTP client" is nothing more than an FTP client that we can access through our web browser without having to have another application for it. The user connects via HTTP to a web server, and the web server connects via FTP to the file server. The web server acts as an intermediary by passing the information from the FTP server on ports 20 and 21 to the HTTP port 80 that the user sees.
There are always times when we are away from home, we don't have our laptop with us and we need to do some urgent task from a publicly accessible computer, from a friend, from work, from university, etc. The most common is that the applications we need are not installed and in many cases we even lack the necessary permissions to install them. Other times we are behind a proxy or firewall that does not allow us to access external FTP servers.
By having a Web-based FTP client we can access the remote FTP server as if we were doing any other type of web browsing. Through a Web-based FTP client you will be able to create, copy, rename and delete files and directories. Change permissions, edit, view, upload and download files, as well as any other FTP protocol functions that the remote FTP server allows.
Guest access
The unrestricted access to the server provided by user accounts introduces security concerns, which has given rise to a third type of FTP access called guest, which can be thought of as a mix of the previous two.
The idea of this mechanism is the following: it is about allowing each user to connect to the machine using their login and password, but preventing them from having access to parts of the file system that they do not need to do their job, so This way you will access a restricted environment, something very similar to what happens in anonymous access, but with more privileges.
Examples of FTP Clients
Among the various FTP clients that exist, we can mention the following:
- net2ftp
- WebDrive
- Web-Ftp
- Jambai FTP
- ftp4net
- PHP FTP Client
- Asuk PHP FTP
- Weeble File Manager
- FileZilla
- Transmit
FTP client connection modes
FTP supports two modes of client connection. These modes are called active (or Standard, or PORT, because the client sends PORT commands to the server over the control channel when establishing the connection) and passive (or PASV, because in this case it sends PASV type commands). In both Active and Passive modes, the client establishes a connection to the server using port 21, which establishes the control channel.
Active mode
In Active mode, the server always creates the data channel on its port 20, while on the client side the data channel is associated with a random port greater than 1024. To do this, the client sends a command PORT to the server through the control channel, indicating that port number, so that the server can open a data connection through which the files and listings will be transferred, on the specified port.
The above has a serious security problem, and that is that the client machine must be willing to accept any incoming connection on a port greater than 1024, with the problems that this implies if we have the computer connected to an insecure network such as Internet. In fact, the firewalls that are installed on the computer to prevent attacks will surely reject these random connections. To solve this, the passive mode was developed. Although it really is not like that since security will surely have a serious problem.
Passive mode
When the client sends a PASV command over the control channel, the FTP server indicates through the control channel the port (greater than 1024 of the server. Example: 2040) to which the client must connect. The client initiates a connection from the port below the control port (Example: 1036) to the server port specified above (Example: 2040).
Before each new transfer in both Active and Passive mode, the client must again send a control command (PORT or PASV, depending on the mode in which it has connected), and the server will receive that connection from data in a new port (random if in passive mode or by port 20 if in active mode).
Types of file transfers in FTP
In the FTP protocol there are 2 types of transfer in ASCII and in binary. It is important to know how we should transport a file throughout the network, if we do not use the appropriate options we can destroy the information in the file. Therefore, when executing the FTP application, we must remember to use one of these commands (or put the corresponding option in a program with a graphical interface):
- Type ASCII
Suitable for transferring files that contain only printable characters (ASCII files, not word processor output files), for example HTML pages, but not any images they may contain. Some control symbols are transformed to keep them compatible between different systems, for example, if the file is hosted on a linux server, the line break for text files is "n" (byte 10 in decimal). If the client is a Mac system, the line break is "r" (byte 13 in decimal), this mode changes these control symbols so that the file is readable on both sides, just like if it is sent to a windows system, the line break is "rn" (two bytes, 13 and 10). If this mode is used on non-plain text files, if they are exchanged between different systems, that file will be corrupted.
- Binding type
This type is used when it comes to compressed files, executables for PC, images, audio files, among others.
Examples of how to transfer some types of files depending on their extension:
| File extension | Type of transfer |
|---|---|
| txt (text) | ascii |
| html (Website) | ascii |
| doc (document) | binary |
| ps (poscript) | ascii |
| hqx (compressed) | ascii |
| Z (compressed) | binary |
| ZIP (compressed) | binary |
| ZOO (compressed) | binary |
| Sit (compressed) | binary |
| pit (compressed) | binary |
| shar (compressed) | binary |
| uu (compressed) | binary |
| ARC (compressed) | binary |
| (packaged) | binary |
In the network there are various software solutions that develop this type of technology, the best known are Filezilla (free software) and CuteFTP (shareware).
FTP Commands
| Command and arguments | Action carried out |
|---|---|
| open door | Start a connection with an FTP server. |
| close. or disconnect | End a FTP connection without closing the client program. |
| bye or Take it. | End a FTP connection and working session with the client program. |
| cd directory | Change the work directory on the server. |
| Delete file | Delete a file on the server |
| mdelete pattern | Delete multiple files based on a pattern that applies to the name. |
| dir | It shows the contents of the directory in which we are on the server. |
| get file | Gets a file |
| noop No Operation | The server is informed that the client is in non-operation mode, the server usually responds with a “ZZZ” and refreshes the user’s inactive time counter. |
| mget files | Get multiple files |
| hash | Activate the printing of # characters as files are transferred, as a progress bar. |
| lcd directory | Change the local work directory. |
| ls | Displays the directory content on the server. |
| prompt | Activate/deactivate confirmation by the user of command execution. For example by deleting multiple files. |
| Fuck! file | Send a file to the active directory of the server. |
| mput files | Send multiple files. |
| pwd | Displays the active directory on the server. |
| rename file | Change the name to a file on the server. |
| rmdir directory | Delete a directory on the server if that directory is empty. |
| status | Shows the current status of the connection. |
| bin or binary | Activate binary transfer mode. |
| ascii | Activate the transfer mode in text ASCII mode. |
| ! | Allows to leave to command line temporarily without cutting the connection. To get back, type Success on the command line. |
| ? command name | It shows the command information. |
| ? or help | Displays a list of available commands. |
| append file name | Continue a download that has been cut previously. |
| bell | Activate/deactivate the playback of a sound when you have finished any file transfer process. |
| glob | Activate/deactivate the display of long names of our PC. |
| Verbatim | With this order you can run commands from the server remotely. To know the available ones is used: literal help. |
| mkdir | Create the directory indicated remotely. |
| quote | It does the same function as Verbatim. |
| Send file name | Send the file indicated to the active directory of the server. |
| user | To change our username and password without leaving the ftp session. |
FTP Response Codes
The following is a summary of the FTP response codes that may be returned by an FTP server. These codes have been standardized in RFC 959 by the IETF. The response code is a three-digit value. The first digit is used to indicate one of three possible outcomes—success, failure, or to indicate an error or incomplete response:
- 2yz - Success response
- 4yz or 5yz - No answer
- 1yz or 3yz - An incomplete error or response
The second digit defines the error class:
- x0z - Syntax. These responses refer to syntax errors.
- x1z - Information. Responses to requests for information.
- x2z - Connections. Responses to control and data connections.
- x3z - Authentication and Accounting. Responses to the session start-up process and accounting procedures.
- x4z - Not defined.
- x5z - File system. These answers transmit status codes of the server file system.
The third digit of the response code is used to provide additional details for each of the categories defined by the second digit.
Connecting to a protected FTP server from a browser
To log in to an FTP server that requires a password, type the URL like this:
ftp://<username>:<password>@<ftp server>/<url-path>
Where <username> is the username, <ftp server> is the FTP server, <password> is the access password, and <url-path> is the directory where we logged in.
Example: ftp://student:studentpass@ftp.example.com/public
FTP servers
- FTP server (List)
- Titan FTP Server (Windows)
- FileZilla Server (Windows)
- Pure-FTPd (Unix)
- VsFTPd (Unix)
- ProFTPd (Unix)