The File Transfer Protocol (FTP)FTP is used to transfer files between computers. It is a complex protocol that enables the exchange of data files using different methods of data representation and file storage. In its simplest form, FTP uses clear-text username and password exchanges and is not considered to be a very secure utility. FTP was originally created when the Internet was still composed mostly of large business, government, and educational institutions, and a breach of security wasn't considered that big of a threat. When used on the Internet, however, most every legacy TCP/IP utility is best used in a secure environment. The commands in this chapter show you how to use FTP. To ensure a secure exchange of information, be sure to read the chapters in Part VIII, "System and Network Security." The syntax for FTP varies from one vendor's implementation to another. However, the simplest format, used to initiate a connection, is ftp hostname in which you simply follow the ftp command with a hostnamefor example, ftp ftp.archive.org. You also can use the dotted-decimal address instead of the DNS name of the system with which you want to establish a connection. Alternatively, you can enter ftp at the command prompt and then, from the ftp> prompt, enter the commands needed to accomplish a particular task. Tip The Web site ftp.archive.org is a great place to practice using ftp commands, and is also a great place to obtain a lot of free files if you are interested in historical films. At this site you can set your default directory to pub\movies and will find several thousand "ephemeral" films that have been encoded in several different digital formats (take your pick). These films include everything from home movies to corporate films, as well as TV commercials andfor us old folksthose flicks you used to see in high school way-back-when, telling you how to behave on a date! This site is a treasure trove of files that you should investigate if you have any interest in twentieth-century life. A lot has changed in the past 20 to 30 years. More secure forms of authentication and data exchange have been added to create more secure forms of FTP. Before we look at a few common FTP clients and their syntaxes, let's look at the basic FTP protocol and get a feel for how it works. Note The File Transfer Protocol can be found in a large number of RFC documents that were created over the years. The main RFC that most documents point you to is RFC 959, "File Transfer Protocol (FTP)." RFC 2151, "A Primer on Internet and TCP/IP Tools and Utilities," is also a nice read and covers many of the utilities in this chapter. RFC 2228, "FTP Security Extensions," deals with the inherent security problems found in the FTP protocol. This last RFC discusses extensions that can be used to provide for secure authentication and encryption for the FTP protocol. In addition, there are several proposed RFCs that are on the path toward becoming a standard. RFC 2640, "Internationalization of the File Transfer Protocol," and RFC 2428, "FTP Extensions for IPv6 and NATs," provide insight into the future of FTP. FTP is based on a client/server architecture. An FTP server (called a daemon on Unix or Linux systems and a service on Windows systems) manages a file system (anything from a single directory to a disk farm). FTP servers authenticate the client user using a username and password, and then work with the client to transfer files between the client and server computers. The basic protocol is a simple exchange of messages. Traditional FTP uses a simple command-line interface. Today, many shareware and commercial GUI versions of FTP are available. For example, if you are already using a favorite FTP site, try using a URL such as ftp://ftp.archive.org to see whether your browser supports a GUI interface for FTP. Either way, command line or GUI, it is an extremely useful utility because it allows the transfer of many types of files between two hosts on the network. Note FTP clients come in many forms. As mentioned in the text of this chapter, you can use a command-line interface using a computer running Unix/Linux or any Windows operating system. Really, just about any system running the TCP/IP protocol stack is likely to have FTP included as a service. Most browsers support the prefix "ftp" just as they do the "www" prefix when browsing Internet sites. You can also download GUI FTP applications that operate outside the command line or browser interface. Use a search engine and you will find many of these applications. Most differentiate themselves from others by providing additional features, such as an easy-to-use interface or integration with other applications, such as Windows Explorer. FTP Ports and ProcessesThe FTP server daemon listens in the background for FTP requests on TCP port 21. In the literature, the server is composed of two components, though they are often combined into a single program. The first is the Server-PI, which stands for "server protocol interpreter." This is the component that listens to TCP port 21 and interacts with its client counterpart, the User-PI. The user protocol interpreter initiates an FTP session by sending a request to the server. The client's request can include a port that the client wants the server to use when it opens a data channel. The second component of the server is the Server-DTP, which stands for "server data transfer process." This is the code that interacts with its counterpart, the User-DTP, to perform the actual file data transfers. An overview of this process appears in Figure 25.1. The important thing to notice in this figure is that two channels of communication are used for FTPone for commands and one for the actual exchange of dataand that both of these channels work in both directions. Figure 25.1. The FTP session consists of both a command and a data channel.The client's User-PI should be listening on the specified port for incoming data transmissions before it has issued the commands necessary to start a data transfer from a remote server. The actual commands used on the control connection are in the same format used for the telnet utility (NVT-ASCII), which is discussed later in this chapter. Data TransfersAll FTP data transfers take place using bytes (8 bits), independent of the size of the actual data being transferred. That is, if the local file system uses a different size for storage, such as a word or a floating-point numerical representation, FTP just sends 8 bits at a time. The data is reconstructed on the receiving end into its original format. The client and server applications are responsible for making sure that conversions are done on their end to make data usable on their respective systems. When you're using an FTP client, it is important that you know what type of file you are sending or receiving. The default for most clients is to send/receive ASCII text files. If you want to send or receive an executable program, most clients use the command "binary" to inform the server you interact with that this is not an ASCII text file. Additionally, there are three modes that are used for transfers:
All transfers are done in 8-bit bytes, regardless of the way the bits are interpreted on the receiving system. The data types that FTP allows are very basic. The ASCII type consists of standard 8-bit NVT-ASCII characters. In this format, the carriage-return and line-feed characters are used to indicate the end of a line. Some systems, such as many Unix systems, do not use this combination of characters, and the receiving side converts the received stream of bytes to its own format. The EBCDIC type (Extended Binary-Coded Decimal Interchange Code) is a method of character representation used mainly on IBM mainframe computers, which were quite popular back when development on FTP (and its predecessors) first started. The EBCDIC and ASCII transfers are sent as 8-bit characters and are similar, with just the character representations of the numerical values differing. The IMAGE mode of transfer sends data as a simple stream of bits, which are stored in the usual 8-bit transfer byte used by FTP. At the receiving end, the bits are stored in a contiguous manner, with padding added to the end of a file or record as necessary. The method used must ensure that the process of this padding can be reversed if the file is transferred to another system that does not use that method. The LOCAL type allows the user to set a logical size for the bytes to be sent. All data is still sent as a byte, but on the receiving end this command allows the receiver to know how to reassemble the bits into the correctly sized bytes for that operating system. FTP Protocol CommandsThis section looks at some of the more useful commands that the protocol uses to control an FTP session. This is not an exhaustive discussion of all possible protocol commands, however. The next section looks at examples of the syntax for FTP for several implementations so that you can see how various FTP applications work, and how their command structure matches up user commands to the commands actually used by the FTP protocol processes. Note that these "protocol commands" are the commands exchanged by client and server applications on the network. Commands entered by an end user are a different matter altogether. Many end-user commands involve a sequence of protocol commands to accomplish the desired function. Here we examine the commands exchanged between the server and client applications, not the command entered by a user. FTP protocol commands start with the command code itself and are usually followed by one or more arguments. All FTP protocol commands are four characters or fewer and can be grouped into a few categories:
Table 25.1 is a list of commonly used commands along with a description of their use.
As you can see from this table, there are many commands that the client side can use to control file transfers. In the next section we will look at the replies that the FTP server can send in response to these commands. Remember, these are the commands used in the protocol exchange. The replies in the next section are not manually entered by a user at a keyboard. They are the replies sent by the FTP server in answer to the protocol commands of the FTP client. Server Replies to FTP CommandsIn the FTP protocol, every command must be followed by a reply from the server. In some cases, more than one reply will be sent to the client. The actual reply is a three-digit number, but it is transmitted as text characters. Following this number is usually some variable-length text. The numerical value is used by the program, and the text is intended for the user of the FTP client. Because some of the text is configurable, you can expect to see different text for the same numerical reply from one implementation to another. For example, you can usually specify the text that is displayed on the client when the user first logs in to your server. To reply to the client, the three characters representing the numeric reply code are sent, followed by a minus sign () or space character and then the reply text. A simple convention is used for multiline text messages. The first line contains the three-letter numerical code followed by the character and then the text. The last line replaces the character with the space character. By matching up the two three-digit codes, the client can determine the beginning and ending of a particular multiline message. Reply CodesEach of the actual digits that make up the reply code is significant. If you've ever wondered why all those text lines start with numbers, you'll find their meaning in this section. The text displayed will vary from one vendor to another, but the codes should still be implemented for the same general reply condition. The first digit indicates success or failure:
The second digit is used to place message types into groups:
The third digit in the response code is used to further divide the replies based on the categories indicated by the second digit. In Table 25.2, you can see the recommended reply codes, in numerical order, as specified in RFC 959.
Using a Windows FTP Command-Line ClientClient implementations can vary from simple command-line interfaces to programs that enable you to drag and drop using a graphical interface. All Windows client operating systems, from 98 to XP, provide a default FTP client that works from the command line. The syntax for the Windows XP Professional FTP client is simply the command FTP followed by the server to which you want to connect. The complete syntax for the command is ftp [v] [n] [i] [d] [g] [s: filename] [-a] [-A] [-w:windowsize] [hostname] where
You can also just enter the command ftp and enter a state called interactive mode. During interactive mode, you will see the prompt ftp> at which you can enter commands. These include some of the same options you can enter on the command line and additional commands that can be used to transfer files, list directories, and so on. The following commands are available with the Windows XP client:
As you can see, many commands duplicate functions performed by others. Over the years, commands have been added that are easier to remember. For example, you'll find that some of the commands supported by Linux are different than Windows FTP clients. Note that there are usually two commands to perform file functions, depending on whether you are operating on one or multiple files. For example, use GET filename to get a single file, but to get multiple files, use MGET filename in a format such as MGET REPORTS*.*. Don't forget that, when using the "M" (multiple) commands, you might want to first issue the PROMPT command to turn interactive mode off. Otherwise, you will be prompted before downloading each file and have to enter Y or N. Conversely, you can leave prompting turned on if you know you want to retrieve most of the files that match your file specification but want to exclude a few by answering no to the prompts. In the following listing, you can see how the command is invoked to connect to the remote server, the reply messages received from the server, and a directory listing produced by using the DIR command. Next, the ls command is used to show the difference in the output. Finally, the session is set to show hash marks (hash) and then set to do a binary download (binary). You can see the results of using the HASH command and then the GET command to retrieve a file from the remote server. J:\>ftp ftp.twoinc.com Connected to ftp.twoinc.com. 220-ArGoSoft FTP Server for WinNT/2000, Version 1.2 (1.2.1.1) 220-Welcome to Active Web Hosting 220-For more information on our 220-services please call 220 (800) 946-7764 or (702) 451-1577. User (ftp.twoinc.com:(none)): twoinc.com 331 User name OK, need password Password: 230 User twoinc.com logged in successfully ** ftp> dir 200 Port command successful 150 Opening binary data connection drw-r--r-- 1 user group 0 Mar 06 00:00 .. -rw-r--r-- 1 user group 436 Feb 24 13:36 cnt.htm -rw-r--r-- 1 user group 455 Feb 24 13:36 default.htm -rw-r--r-- 1 user group 949 Feb 24 13:36 default.html -rw-r--r-- 1 user group 807 Feb 24 13:36 emp.htm -rw-r--r-- 1 user group 1729597 Mar 06 09:52 hiroshimamontage.mp3 -rw-r--r-- 1 user group 268 Feb 24 13:36 lnk.htm drw-r--r-- 1 user group 0 Jan 26 12:56 logs -rw-r--r-- 1 user group 1969 Feb 24 13:36 pub.htm -rw-r--r-- 1 user group 1317 Feb 24 13:36 who.htm 226 Transfer complete ftp: 807 bytes received in 0.15Seconds 5.38Kbytes/sec. ftp> ls 200 Port command successful 150 Opening binary data connection .. cnt.htm default.htm default.html emp.htm hiroshimamontage.mp3 lnk.htm logs pub.htm who.htm 226 Transfer complete ftp: 147 bytes received in 0.05Seconds 2.94Kbytes/sec. ftp> hash Hash mark printing On ftp: (2048 bytes/hash mark) . ftp> binary 200 Type set to Image (binary) ftp> get hiroshimamontage.mp3 200 Port command successful 150 Opening binary data connection ############################################################################# ############################################################################# ############################################################################# ############################################################################# ############################################ 226 Transfer complete ftp: 1729597 bytes received in 573.14Seconds 3.02Kbytes/sec. ftp> As you can see, using the FTP utility is an easy way to examine directory information on remote systems or to exchange files. Using Red Hat Linux FTPRed Hat Linux, since version 8.0, has offered both a GUI FTP client and a command-line client. If you choose to install the server version of Red Hat Linux, you will also find an FTP server. In Figure 25.2 you can see an example of the GUI version. To start up the GUI FTP client, click on the Red Hat symbol (it's in the same place as the Start button on Windows systems), Extras, Internet, and then gFTP. Figure 25.2. Red Hat Linux offers a GUI FTP client.From Figure 25.2 you can see that the GUI FTP client allows you to enter the destination location (Host = ftp.archive.org) and also lets you use the CD (change directory) command to get to the target directory (/pub/movies/mpeg2). From this directory you simply double-click on the file to download. The lower portion of the window shows the progress being made (the number of total bytes for the file, and the number of bytes transferred so far). At the very bottom of the window, you can see the actual FTP commands that are used during this session. These can be just as useful as those from a command-line client when you're trying to determine what has gone wrong during troubleshooting efforts. Also notice that on the right side of the window you can see the files available in the local directory (in this case the root directory, which you shouldn't use unless you know what you are doing!). Tip Because this GUI client is so easy to use, it is the preferred method for those who are just now learning how to use Linux. One important thing to note here is that, unlike with Windows, there are several graphical user interfaces, usually referred to as desktops in the Unix/Linux community. In the example shown in Figure 26.2, you are seeing the Gnome desktop. Another popular desktop is the KDE desktop. Depending on the company from which you obtain your Linux system, you may find one of these, both of these, or other desktops. Some even allow you to use one desktop while listing accessories from the other desktops installed on the system! Additionally, Linux itself is just an operating system. The applications, such as the GUI FTP client described here, are open-source applications that Red Hat decided to ship with its version of Linux. With other Linux vendors, your mileage may vary, as the saying goes. Using the Red Hat Linux Command-Line FTP ClientJust about every operating system in existence today offers, just as Windows does, a command-line version of the FTP client. Although a GUI version is usually easier to use, the command-line version offers specific capabilities (as you learned earlier about the Windows version) that can be incorporated into script files. For those who are used to using a command-line version, you'll find it in Linux also. If you are trying to automate the transfer of a file (such as a report or data file created by an application) to another system, then the command-line version is the choice to make. You could manually use the GUI version, but if you use the command-line version, the process can be automated. Simply check the log file to ensure that the file has successfully been transferred to (or from) the other system. Note In the FTP syntax listing for Linux, keep in mind that unlike some other operating systems, Linux is case-sensitive. That is, a a is not the same as a A. And the command ftp is to be entered, not FTP. Other commands, such as quit, will not work if capitalized. You will find that many Unix/Linux utilities use the same alphabetic characters in the same utility, and it is the case of the character that makes the difference. And don't forget filenames! If you attempt to send a file from a Unix/Linux system that is named myfile, you'll get an error (file not found) when trying to send MYFILE or MyFile. The syntax of the Red Hat Linux command-line version of the FTP client is ftp [-v] [-d] [-i] [-n] [-g] [-k realm] [-f] [-x] [-u] [-t] hostname where
Similar to the Windows version, if you simply enter ftp for the Red Hat command utility, you will enter a command-line interpreter mode in which you can issue commands interactively. Most of the commands you can enter in interactive mode are the same as the Windows versions. Following is a list of additional commands provided by the Red Hat ftp command-line utility in interactive mode.
There are other commands available in interactive mode, such as those related to security. Use the help command interactively to learn about these and other commands that are not often used. The Trivial File Transfer Protocol (TFTP)This protocol was developed to be a "lite" version of FTP, where security and elaborate mechanisms for error control were not needed. Generally, TFTP is used to download operating systems, firmware upgrades, and other files to network devices or diskless workstations. For example, a diskless workstation can use BOOTP (or DHCP) to obtain IP configuration information and the location of a TFTP server, along with the name of the file to download. For more information about BOOTP and DHCP and how they allow diskless workstations to obtain the information they need in order to boot, see Chapter 28, "BOOTP and Dynamic Host Configuration Protocol (DHCP)." No authentication is used, so this is a service that should be used only where it is absolutely needed. The syntax for the TFTP command is tftp [-i] host [get | put] source [destination] The command-line option -i specifies a binary image transfer, which is precisely the kind of transfer for which this utility is usually used. If you omit this option, an ASCII file transfer is done by default. The get command specifies that the source file is to be transferred from source to destination. The put command works, just as in FTP, in the opposite direction to send a file from the client to the TFTP server. The following are other important differences between FTP and TFTP:
The official specification for TFTP can be found in RFC 1350, "The TFTP Protocol (Revision 2)." It uses a simple set of messages to establish the file exchange. In each message, the first 2 bytes are reserved for use as an opcode. Five message types are used:
The interoperation of this protocol is quite simple. For each block sent, an acknowledgment is sent back to the sender. This is sometimes called a stop-and-wait protocol. Remember that TCP uses an acknowledgment mechanism in which one ACK can acknowledge multiple segments of data. In TFTP, each block is acknowledged. Block numbers are numbered starting at 1. However, for a write request, the acknowledgment number returned to the sender is a zero because a data block has not yet been exchanged. Termination of the file transfer is also simply done. When a block that has less than 512 bytes of data in it is received, the file transfer has finished. Because UDP is used instead of TCP, the TFTP client/server software must implement its own retransmission technique for blocks that get lost or damaged in the network. Again, to make the protocol as simple as possible, no checksum is calculated on the TFTP messages. Instead, the simpler methods used by UDP are depended on to catch any errors. Ports used by TFTP are allocated on a client-by-client basis. When the TFTP server receives the first client request message on its well-known TFTP port of 69, the server then allocates another port for use and communicates this back to the client. The client can continue to use a port on its side of the connection. However, from that point on it uses the newly assigned port it received from the TFTP server as the server host port. This feature allows a TFTP server to service multiple requests from different clients. The well-known port of 69 is used only for the initial communication. |