File Transfer Protocol abbreviated as FTP. It is a Typical Internet-based protocol for exchanging files between two computers over the Internet or on a network. FTP works on the Client-Server Architecture, which uses TCP/IP protocol for Data Transfer and secured with SSL/TLS.
In an 7- Layer OSI Architecture the FTP is present in the Top-Most Application layer. Made on the Client-Server model architecture. FTP has separate data channel for transmitting files and command channel for regulating the conversations for connections between server and clients.
A client can upload, download, remove, rename, move, delete the files on the Server using FTP.
How FTP Works:
FTP works in a similar manner as HTTP and SMTP where HTTP fetches pages on the web to the browsers and SMTP to transfer E-mails over the net.
Do you think about Authentication? Yes, the user needs to sign in with a username and password based on the configuration of the FTP Servers or else to maintain anonymity there is a way of using Anonymous FTP logins.
History of File Transfer Protocol:
Till 1980 it ran on NCP. Later, it moved on to TCP/IP RFC 765 in 1980, June and RFC 959 in 1985, October. In the following years, it grew with proposed standards.
- Firewall-Friendly FTP on 1994, February (RFC 1579)
- Security Extensions on 1997, June (RFC 2228)
- New type of Passive mode with IPv6 support on 1998, September (RFC 2428)
Understand about history with this infographic with precise data and explanation.
A Layman’s Guide to Use File Transfer Protocol:
The primary need of FTP is when files transfer between two systems. It is a general guide for any FTP Clients or FTP Servers irrespective of the software.The user’s computer serves as local host, and the server connected to the internet is a remote computer which runs the FTP software.
- A connection is established between the local host and the remote Computer via the internet by identifying the IP Address of the remote desktop.
- The client initiates by sending a PASV command to the server but before this, the client opens the port 21 for FTP server.
- The server responds in port 2000 in which it listens for the data connection.
- The client initiates the data connection, and the acknowledgement is given back from the server.
- Enter using Username and Password or Use Anonymous login.
- It works well in Command-line Interface(for Microsoft, Apple or Linux) added it also consists of a GUI, allows to drop files between the local host and remote using series of FTP Commands between the machines.
Types of Sessions:
Active FTP: Data Transmission follows when the server initiates a data connection to the client after it receives the command channel request from session initiated by the client.
Passive FTP: The server points to the client via command channel to open the data channel since in passive client does all the Connection initialization and works perfectly fine with the firewalls and NAT Gateways (Network Address Translation).
An FTP service may provide with Authentication or Anonymous access based on the host’s interest. Many FTP hosts allow Anonymous logins. When prompted with the logins, use Lower-case or Case-Sensitive “anonymous” and enter only an Email id (not password) and no verification is also done. Setting up Anonymous FTP is very simple.
Types of FTP:
SSH File Transfer Protocol
The Secure File Transfer Protocol or SFTP provides file access, file transfer and management over a reliable data stream. Designed by IEFT by extending SSH to give secure data transfer capacity. The protocol runs over a secure channel; the server authenticates the client, and the identity is visible to the protocol.
It is an acronym of FTP Standard for FTP sessions to be encrypted based on the client requests by sending “AUTH TLS” command. Can be specified to use different ports when compared to plain FTP.
Trivial File Transfer Protocol (TFTP) runs the same operation parallel by allowing the client to put or get the file from the remote host. It lacks security than the available robust FTP.
The Complexity of SFTP lies between TFTP and FTP. It is Unsecured and not accepted by many on the internet so given “Historical” Status by IEFT.
File Transfer Protocol Commands
Some of the most commonly used File Transfer Protocol commands are listed below,
Get the detailed list of all FTP commands.
The FTP Url syntax specified in the given form:
A user may specify a username, password, Port number only if it is needed (because [ ] are not mandatory). An FTP can access through the many browsers since the support PASV Mode(passive). For, e.g., ftp://abc.xyz/root/vector/imborn.jpeg where imborn.jpeg is the file name, root/vector/ is the Directory, abc.xyz is the server in which FTP resource is present.
FTP shows a broad range of security issues since it was not designed to be a secure protocol having many Vulnerabilities.
- FTP Bounce Attack
- Brute Force Attack
- Username Protection
- Packet Capture
- Spoofing Attack
- Port Stealing
FTP Reply Codes:
FTP server returns these 3-digit reply codes.
1st Digit returns one of the following Success, Failure, error or incomplete reply.
- 2yz – Success reply
- 4yz or 5yz – Failure reply
- 1yz or 3yz – Error or Incomplete Reply
2nd Digit defines what kind of error had occurred.
- x0z – Syntax. These replies refer to syntax errors.
- x1z – Information. Replies to requests for information.
- x2z – Connections. Replies are referring to the control and data connections.
- x3z – Authentication and accounting. Replies for the login process and accounting procedures.
- x4z – Not defined.
- x5z – File system. These replies relay status codes from the server file system.
3rd Digit provides additional detail for each category of the errors defined in 2nd Digit.
For more information about FTP, Contact us. To Stay Updated, Bookmark us.