File Transfer Protocol (FTP)
San Skulrattanakulchai
September 13, 2018
Port Numbers
- One service that TCP & UDP provide to the network applications is the abstraction that an end point of a communication is identified by two pieces of information:
- an IP address, and
- a port number
- The Internet Assigned Numbers Authority (IANA) is the official body to assign port numbers for specific uses.
Port Numbers, continued
- There are 3 kinds of port:
- The well-known ports (or system ports). Their numbers range from 0 to 1023. They are used by system processes that provide important network services (telnet, ftp, http, …). On Unix systems, only system-privileged programs can bind a socket to an IP address using one of these ports. E.g.
- http server: 80
- ftp (data): 20
- ftp (control): 21
- ssh, scp, sftp, port forwarding: 22
- telent: 23
- The registered ports. Their numbers range from 1024 to 49151. They can be used without superuser privileges.
- The dynamic ports (or private or ephemeral ports). Their numbers range from 49152 to 65535. They are for temporary purposes or automatic allocation.
FTP
- The ftp application and protocol have the same name.
- The application uses the Client-Server model.
- The user (client) authenticates using a username and password in clear text, and all data are sent in the clear, so not secure.
- A special user named “anonymous” with password “guest” or email address can list some directories and download some “public” files from ftp archive sites.
- Secure versions include FTPS and SFTP.
FTP, continued
- Uses two channels and has 2 well-known ports
- Controls (or commands) use TCP port 21
- Data transfer (in active mode) uses TCP port 20
- Can work in one of two modes:
- active mode: The steps are
- client starts listening on port M
- client sends command “PORT M” to server
- server initiates a data channel to client from port 20
- passive mode: used when the client is behind a NAT or firewall so can’t accept an incoming TCP connection. The steps are
- client sends command “PASV” to server and receives from the server its ip address and a port number N
- client opens a data connection from an arbitrary client port to server IP address & port N
- Each client request gets a server response over the control channel as a 3-digit ASCII code and optional text message. Something like “200 OK”. User can hit Ctrl-C to abort an ongoing data transfer.
Example commands
- Here are some commands used in the ftp protocol:
- USER username
- PASS password
- LIST
- RETR filename
- STOR filename
Example replies
Here are some example replies.
331 Username OK, password required
125 Data connection already open; transfer starting
425 Can't open data connection
452 Error writing file