What is FTP (File Transfer Protocol)

|

(File Transfer Protocol)

File Transfer Protocol (FTP) is a standard Internet protocol for transmitting files between computers on the Internet over TCP/IP connections. FTP is a client-server protocol where a client will ask for a file, and a local or remote server will provide it.The end-users machine is typically called the localhost machine, which is connected via the internet to the remote host—which is the second machine running the FTP software.

Anonymous FTP is a type of FTP that allows users to access files and other data without needing an ID or password. Some websites will allow visitors to use a guest ID or password- anonymous FTP allows this.

Although a lot of file transfer is now handled using HTTP, FTP is still commonly used to transfer files “behind the scenes” for other applications — e.g., hidden behind the user interfaces of banking, a service that helps build a website, such as Wix or SquareSpace, or other services. It is also used, via Web browsers, to download new applications.

How FTP works

FTP is a client-server protocol that relies on two communications channels between client and server: a command channel for controlling the conversation and a data channel for transmitting file content. Clients initiate conversations with servers by requesting to download a file. Using FTP, a client can upload, download, delete, rename, move and copy files on a server. A user typically needs to log on to the FTP server, although some servers make some or all of their content available without login, known as anonymous FTP.

FTP sessions work in passive or active modes. In active mode, after a client initiates a session via a command channel request, the server initiates a data connection back to the client and begins transferring data. In passive mode, the server instead uses the command channel to send the client the information it needs to open a data channel. Because passive mode has the client initiating all connections, it works well across firewalls and Network Address Translation (NAT) gateways.

Active FTP and passive FTP compared

Active FTP and passive FTP compared

Users can work with FTP via a simple command line interface (for example, from a console or terminal window in Microsoft Windows, Apple OS X or Linux ) or with a dedicated graphical user interface (GUI). Web browsers can also serve as FTP clients.

Security

FTP was initially defined in 1971, before the definition of TCP and IP, and has been redefined many times — e.g., to use TCP/IP (RFC 765 and RFC 959), and then Internet Protocol Version 6 (IPv6), (RFC 2428). Also, because it was defined without much concern for security, it has been extended many times to improve security: for example, versions that encrypt via a TLS connection (FTPS) or that work with Secure File Transfer Protocol (SFTP), also known as SSH File Transfer Protocol.

FTP does not encrypt traffic, and individuals can capture packets to read usernames, passwords, and other data.

FTP may still be vulnerable to brute force attacks, packet capture, spoofing, FTP bounce and other attacks such as username enumeration or DDoS.

FTP clients

FTP clients are used to uploading, download and manage files on a server. FTC clients include:

  • WinSCP is a Windows FTC client that supports FTP, SSH and SFTP.
  • WS FTP is another Windows FTC client which also supports SSH.
  • Transmit is an FTP client for Mac, supporting FTP, SSH and FTP.

About Author

Reetesh Gupta

administrator

See author's posts

Leave a Reply

Your email address will not be published. Required fields are marked *

PAGE TOP
error

Enjoy this blog? Please spread the word :)

RSS
Follow by Email
Facebook
Twitter