FTP uses two or more TCP connections to accomplish data transfers. To start
a session, the FTP client opens a TCP connection to port 21 on the FTP server.
This connection is called the control connection and is used to pass commands
and results between the client and the server. No data, such as file transfers
or directory listings, is passed over the control connection. Instead, data is
transferred over a separate TCP connection called the data connection.
This data connection can be opened in several different ways:
-
Traditional (or active) – The FTP server opens a TCP connection back
to the client's port 20. This method will not work on a multi-user system
because many users may make simultaneous FTP requests, and the system will not
be capable of matching incoming FTP data connections to the appropriate user.
-
Multi-user traditional (or active) – The FTP client instructs the
FTP server to open a connection on some random port in the range 1024 through
65,535. This method creates a rather large security hole because it requires
system administrators to permit inbound TCP connections to all ports greater
than 1023. Although firewalls that monitor FTP traffic and dynamically allow
inbound connections help close this security hole, many corporate networks do
not permit this type of traffic. Most command-line FTP clients default to this
method of transfer and offer a passive command (or something similar) to switch
to passive mode.
-
Passive mode – The FTP client instructs the FTP server that it wants
a passive connection, and the server replies with an IP address and port number
to which the FTP client can open a TCP data connection. This method is by far
the most secure because it requires no inbound TCP connections to the FTP
client. Many corporate networks permit only this type of FTP transfer. Most web
browsers default to this method of FTP transfer.
As an example, assume a typical FTP connection process to connect to an
FTP server and download a file called README.
Once logged in
to an FTP server, the user could type help to get a listing of acceptable
commands. Some of the more popular FTP commands include ascii, binary, cd, dir,
get, help, Is, mkdir, put, pwd, and quit.
An FTP connection can be
tested using any Telnet application that allows a port number to be specified.
Telnet to the IP address of the destination server using port 21. If the
connection is successful, a hello message will be displayed or an unresponsive
Telnet window will open. This indicates connectivity to the server. At this
point the user may want to type in help to see which commands are available.
Since the connection to the FTP server is by way of Telnet, the choice of
commands will vary.
In some instances, a router can be configured to act
as an FTP server. FTP clients can copy files to and from certain directories on
the router. For example, the FTP Server allows retrieval of files, such as
syslog files, from the disk file system on the router.
When the router
receives a request for an FTP connection, the FTP Server process is started. At
this point, the user is typically prompted for a username and password. After
supplying a valid username and password, various commands can be entered.
TFTP
Trivial File Transfer Protocol (TFTP) is a simplified
version of FTP. TFTP operates over port 69 and makes use of the UDP protocol.
UDP makes TFTP faster at uploading and downloading files.
A client can
only read or write a file to a TFTP server. Unlike FTP, TFTP does not support
directory-browsing, file renaming, logging in, or statistics. For this reason,
a user must know the filename of the file they wish to download.
The
following commands display information about file management applications. A
troubleshooter uses the information from these commands to isolate problems at
the application layer that are related to FTP and TFTP.
