Easy! IT | Protocol | File Transfer Protocol

This article is a rough explanation of the File Transfer Protocol.

Everything might be not exactly correct in this article but it’s very useful for beginners to understand IT terms. If you want to learn IT but you don’t have any experience to work in the IT industry, I wish it helps you to understand IT. And I hope this article makes you study IT more.

Let’s start our 3 minutes lesson!

What is the File Transfer Protocol?

  • The File Transfer Protocol is a protocol to transfer files.
  • FTP is the abbreviation for the File Transfer Protocol.
  • FTP uses a client-server model.
  • There are different types of FTP. 

1.File Transfer Protocol(FTP)

A protocol is a set of rules used by computers that are connected or networked together, which specify how the computers communicate or interact with others.

The protocol is a rule on how to communicate with each other.

The File Transfer Protocol (FTP) is a standard communication protocol to transfer files from a server to a client on a computer network, so FTP uses a client-server model. Servers host the file, and clients can connect to the servers and edit files, download files, upload files, delete files, rename files, and so on. FTP users may authenticate themselves, normally in the form of a username and password, but they can connect anonymously if the server is configured to allow it.

FTP is a protocol to share files.

Because FTP is a client-server model, there are two softwares. One is for a client and another is for a server. It means FTP needs to establish two connections, control connection and data connection.

Tow connection for control and data

What is different from HTTP?

FTP is a very useful tool for exchanging information from your laptop to other ones(usually servers). But HTTP sometimes is used for the same use. Because HTTP essentially fixes the bugs in FTP. FTP is not good at transferring small ephemeral transfers(temporary transfer) in web pages. While FTP needs to establish two connections, HTTP is stateless and multiplexes control and data over a single connection from the client to server on well-known port numbers, which trivially passes through NAT gateways and is simple for firewalls to manage. Accounts vary as to which is better HTTP or FTP to transfer files. You better choose considering your environment and reasons to use.

What is HTTP?: Easy! IT | WEB | HyperText Transfer Protocol | Japan Teams

2.ACTIVE and PASSIVE

There are two modes, ACTIVE and PASSIVE.

In active mode, the client starts listening for incoming data connections from the server on port M(M is port number). It sends the FTP command PORT M to inform the server on which port it is listening. The server then initiates a data channel to the client from its port 20, the FTP server data port.

File Transfer Protocol – Wikipedia
ACTIVE MODE

In situations where the client is behind a firewall and unable to accept incoming TCP connections, passive mode may be used. In this mode, the client uses the control connection to send a PASV command to the server and then receives a server IP address and server port number from the server, which the client then uses to open a data connection from an arbitrary client port to the server IP address and server port number received.

File Transfer Protocol – Wikipedia
The firewall sometimes blocks the well-known port.
What is the Firewall?: IT Learning | Security | Firewall – Saving Alabasta | Japan Teams
Passive mode

3. FTP clients

There are many clients commands. All people who use FTP learn and remember them? No, because there are many FTP software tools, such as FileZilla, WinSCP, Cyberduck, and so on. Those tools provide a user interface in which you don’t have to use commands. 

List of FTP command

4. Security

FTP doesn’t encrypt the traffic, so actually, this protocol has many security weaknesses. The well-known attacks are:

  • Brute-force attack
  • FTP bounce attack
  • Packet capture
  • Port stealing (guessing the next open port and usurping a legitimate connection)
  • Spoofing attack
  • Username enumeration
  • DoS or DDoS

So you need to take security measures if you want to use FTP. I’ll explain how in other articles.

fin



Follow me!

  • X

コメントを残す

メールアドレスが公開されることはありません。 が付いている欄は必須項目です

CAPTCHA