Overview of the FTP protocol. In the early days of the Internet, applications were mostly restricted to mail transfer (email) and file transfer. FTP (File Transfer Protocol) is one of the first standardized protocols for exchanging binary and text files between hosts. FTP is rather simple in that it uses a TCP connection for exchanging commands and a data transfer TCP connection for the actual file transfer. In normal FTP operation, the client opens the control connection to the FTP server while it is up to the server to open data connections for each file transfer. With the upcoming firewalls, this scheme proved to pose a problem since firewalls tend to block incoming TCP connections. Thus a passive mode was defined where the client is responsible to open the data connection to the server.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
copy Peter R Egli 2014 119
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
bull Contents 1 FTP versus TFTP
2 FTP principle of operation
3 FTP trace analysis
4 FTP File Transfer Protocol RFC959
5 FTP Active mode versus passive mode
6 FXP File Exchange Protocol
7 FTP clients
copy Peter R Egli 2014 219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
bull FTP
FTP session (stateful)
FTP is comparatively simple
FTP is better (faster more efficient)
for large files
FTP has a control and a data connection
and communicates TCP port numbers for
data connection in control connection
(so-called sbquonon-well-behavinglsquo protocol)
With FTP the user sbquoseeslsquo the directory
structure on the server
bull HTTP
No session (stateless)
Web clients and servers became very
complex since they need to support many
protocols scripting languages file types etc
Complexity is also a security problem
HTTP is better suited for the transfer of
many small files (since from HTTP 11 on TCP
connections are used for many objects)
HTTP uses a single TCP connection for
control and data (better for passing through
firewalls)
Through use of Hyperlinks the directory
structure on the server may be made
invisible to the user
1 FTP versus HTTP Before the advent of HTTP FTP was the prime protocol for file transfer in the Internet HTTP
was meant to replace FTP but (so far) did not FTP has still some advantages over HTTP
copy Peter R Egli 2014 319
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
FTP Server
FTP Client
2 FTP principle of operation FTP has a control and a data connection
1 Client opens a control connection to the server (TCP)
This control connection (server port 21 client uses an ephemeral port) is used for FTP
commands (clientserver) and FTP replies (serverclient)
2 A new data connection (TCP usually server port 20 client uses an ephemeral port) is
created for the transfer of a file In non-passive mode this connection is opened by server
(for RETR and STOR operations)
3 The sender (server for RETR operation client for STOR operation) closes the data TCP
connection when the file is completely transferred
Server
Data Transfer
Process
Server
Protocol
Interpreter
User
Data Transfer
Process
User
Protocol
Interpreter
User Interface
FTP CommandsReplies
in FTP control connection (TCP)
File transferred in data connection
copy Peter R Egli 2014 419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
3 FTP trace analysis (18) Trace of a typical session using a simple command line front-end (1)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
bull FTP
FTP session (stateful)
FTP is comparatively simple
FTP is better (faster more efficient)
for large files
FTP has a control and a data connection
and communicates TCP port numbers for
data connection in control connection
(so-called sbquonon-well-behavinglsquo protocol)
With FTP the user sbquoseeslsquo the directory
structure on the server
bull HTTP
No session (stateless)
Web clients and servers became very
complex since they need to support many
protocols scripting languages file types etc
Complexity is also a security problem
HTTP is better suited for the transfer of
many small files (since from HTTP 11 on TCP
connections are used for many objects)
HTTP uses a single TCP connection for
control and data (better for passing through
firewalls)
Through use of Hyperlinks the directory
structure on the server may be made
invisible to the user
1 FTP versus HTTP Before the advent of HTTP FTP was the prime protocol for file transfer in the Internet HTTP
was meant to replace FTP but (so far) did not FTP has still some advantages over HTTP
copy Peter R Egli 2014 319
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
FTP Server
FTP Client
2 FTP principle of operation FTP has a control and a data connection
1 Client opens a control connection to the server (TCP)
This control connection (server port 21 client uses an ephemeral port) is used for FTP
commands (clientserver) and FTP replies (serverclient)
2 A new data connection (TCP usually server port 20 client uses an ephemeral port) is
created for the transfer of a file In non-passive mode this connection is opened by server
(for RETR and STOR operations)
3 The sender (server for RETR operation client for STOR operation) closes the data TCP
connection when the file is completely transferred
Server
Data Transfer
Process
Server
Protocol
Interpreter
User
Data Transfer
Process
User
Protocol
Interpreter
User Interface
FTP CommandsReplies
in FTP control connection (TCP)
File transferred in data connection
copy Peter R Egli 2014 419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
3 FTP trace analysis (18) Trace of a typical session using a simple command line front-end (1)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 319
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
FTP Server
FTP Client
2 FTP principle of operation FTP has a control and a data connection
1 Client opens a control connection to the server (TCP)
This control connection (server port 21 client uses an ephemeral port) is used for FTP
commands (clientserver) and FTP replies (serverclient)
2 A new data connection (TCP usually server port 20 client uses an ephemeral port) is
created for the transfer of a file In non-passive mode this connection is opened by server
(for RETR and STOR operations)
3 The sender (server for RETR operation client for STOR operation) closes the data TCP
connection when the file is completely transferred
Server
Data Transfer
Process
Server
Protocol
Interpreter
User
Data Transfer
Process
User
Protocol
Interpreter
User Interface
FTP CommandsReplies
in FTP control connection (TCP)
File transferred in data connection
copy Peter R Egli 2014 419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
3 FTP trace analysis (18) Trace of a typical session using a simple command line front-end (1)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
3 FTP trace analysis (18) Trace of a typical session using a simple command line front-end (1)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
Ethereal trace of FTP session
32 33740317 192168115 -gt 193554110 FTP Request PORT 192168115948
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
Ethereal trace of FTP session
63 60670981 192168115 -gt 193554110 FTP Request TYPE I
64 60691198 193554110 -gt 192168115 FTP Response 200 Type set to I
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
Connect to ftphsz-tch
User enters username
User enters password
User types lsquolsrsquo
FTP Client
19
35
541
102
1
19
21
681
152
349
19
21
681
152
351
1 SYN
2 SYN ACK
3 ACK
6 USER ltusernamegt rn
4 220 FTP server readyrn
8 331 Password required for ltusernamegtrn
10 PASS ltpasswordgt rn
12 230 User ltusernamegt logged in rn
14 PORT 192168115947 rn
15 200 Port command successful rn
16 NLST rn
20 150 Opening ASCII mode data connection rn
FTP client performs
a passive open of
data connection
19
35
541
102
0
User
3 FTP trace analysis (48) Trace of a typical session as message sequence diagram (15)
Blue Control connection
Red Data connection
17 SYN
18 SYN ACK
19 ACK
FTP Server
copy Peter R Egli 2014 819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoget textfile1txtrsquo
User types lsquocd temprsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
21 Data (raw file list)
30 250 CWD command successful rn
22 FIN ACK
23 ACK
24 FIN ACK
25 ACK
27 226 Transfer complete rn
29 CWD temp rn
32 PORT 192168115948 rn
33 200 Port command successful rn
34 RETR textfile1txt rn
38 150 Opening ASCII mode data connection
for textfile1txt (333 bytes) rn
19
35
541
102
0
19
21
681
152
351
1
92
1681
152
352
19
35
541
102
0
3 FTP trace analysis (58) Trace of a typical session as message sequence diagram (25)
35 SYN
36 SYN ACK
37 ACK
FTP Server
copy Peter R Egli 2014 919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoput textfile2txtrsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
39 Data (340 bytes of textfile1txt)
40 FIN ACK
45 226 Transfer complete rn
47 PORT 192168115949 rn
48 200 Port command successful rn
49 STOR textfile2txt rn
53 150 Opening ASCII mode data connection
for textfile2txt rn
19
21
681
152
352
19
35
541
102
0
19
21
681
152
353
19
35
541
102
0
3 FTP trace analysis (68) Trace of a typical session as message sequence diagram (35)
41 ACK
42 FIN ACK
44 ACK
50 SYN
51 SYN ACK
52 ACK
FTP Server
copy Peter R Egli 2014 1019
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoput tuxgifrsquo
User types lsquobinrsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
61 226 Transfer complete rn
63 TYPE I rn
64 200 Type set to I rn
66 PORT 192168115950 rn
67 200 Port command successful rn
68 STOR tuxgif rn
19
21
681
152
353
19
35
541
102
0
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (78) Trace of a typical session as message sequence diagram (45)
54 Data (340 bytes of textfile2txt)
55 FIN ACK
56 ACK
57 ACK
58 FIN ACK
59 ACK
69 SYN
70 SYN ACK
71 ACK
72 150 Opening BINARY mode data connection
for tuxgif rn
FTP Server
copy Peter R Egli 2014 1119
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoquitrsquo
User FTP Client
19
35
541
102
1
19
21
681
152
349
73 Data (1440 bytes of tuxgif)
74 Data (118 bytes of tuxgif)
82 226 Transfer complete rn
84 QUIT rn
85 221-You have transferred 2238 bytes
in 3 files rn
86 221-Total traffic for this session was 3244
bytes in 4 transfers rn FIN
87 ACK
89 ACK
88 FIN ACK
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (88) Trace of a typical session as message sequence diagram (55)
75 FIN ACK
76 ACK
77 ACK
78 ACK
79 FIN ACK
80 ACK
FTP Server
copy Peter R Egli 2014 1219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (13) The protocol in a nutshell
1 FTP is a simple request reply protocol
Requests are 4 characters followed by (optional) argument (eg bdquoSTORldquo bdquoRETRldquo)
Replies are 3 character codes followed by (optional) human readable text (eg bdquo200 Okldquo)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoget textfile1txtrsquo
User types lsquocd temprsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
21 Data (raw file list)
30 250 CWD command successful rn
22 FIN ACK
23 ACK
24 FIN ACK
25 ACK
27 226 Transfer complete rn
29 CWD temp rn
32 PORT 192168115948 rn
33 200 Port command successful rn
34 RETR textfile1txt rn
38 150 Opening ASCII mode data connection
for textfile1txt (333 bytes) rn
19
35
541
102
0
19
21
681
152
351
1
92
1681
152
352
19
35
541
102
0
3 FTP trace analysis (58) Trace of a typical session as message sequence diagram (25)
35 SYN
36 SYN ACK
37 ACK
FTP Server
copy Peter R Egli 2014 919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoput textfile2txtrsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
39 Data (340 bytes of textfile1txt)
40 FIN ACK
45 226 Transfer complete rn
47 PORT 192168115949 rn
48 200 Port command successful rn
49 STOR textfile2txt rn
53 150 Opening ASCII mode data connection
for textfile2txt rn
19
21
681
152
352
19
35
541
102
0
19
21
681
152
353
19
35
541
102
0
3 FTP trace analysis (68) Trace of a typical session as message sequence diagram (35)
41 ACK
42 FIN ACK
44 ACK
50 SYN
51 SYN ACK
52 ACK
FTP Server
copy Peter R Egli 2014 1019
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoput tuxgifrsquo
User types lsquobinrsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
61 226 Transfer complete rn
63 TYPE I rn
64 200 Type set to I rn
66 PORT 192168115950 rn
67 200 Port command successful rn
68 STOR tuxgif rn
19
21
681
152
353
19
35
541
102
0
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (78) Trace of a typical session as message sequence diagram (45)
54 Data (340 bytes of textfile2txt)
55 FIN ACK
56 ACK
57 ACK
58 FIN ACK
59 ACK
69 SYN
70 SYN ACK
71 ACK
72 150 Opening BINARY mode data connection
for tuxgif rn
FTP Server
copy Peter R Egli 2014 1119
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoquitrsquo
User FTP Client
19
35
541
102
1
19
21
681
152
349
73 Data (1440 bytes of tuxgif)
74 Data (118 bytes of tuxgif)
82 226 Transfer complete rn
84 QUIT rn
85 221-You have transferred 2238 bytes
in 3 files rn
86 221-Total traffic for this session was 3244
bytes in 4 transfers rn FIN
87 ACK
89 ACK
88 FIN ACK
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (88) Trace of a typical session as message sequence diagram (55)
75 FIN ACK
76 ACK
77 ACK
78 ACK
79 FIN ACK
80 ACK
FTP Server
copy Peter R Egli 2014 1219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (13) The protocol in a nutshell
1 FTP is a simple request reply protocol
Requests are 4 characters followed by (optional) argument (eg bdquoSTORldquo bdquoRETRldquo)
Replies are 3 character codes followed by (optional) human readable text (eg bdquo200 Okldquo)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoput textfile2txtrsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
39 Data (340 bytes of textfile1txt)
40 FIN ACK
45 226 Transfer complete rn
47 PORT 192168115949 rn
48 200 Port command successful rn
49 STOR textfile2txt rn
53 150 Opening ASCII mode data connection
for textfile2txt rn
19
21
681
152
352
19
35
541
102
0
19
21
681
152
353
19
35
541
102
0
3 FTP trace analysis (68) Trace of a typical session as message sequence diagram (35)
41 ACK
42 FIN ACK
44 ACK
50 SYN
51 SYN ACK
52 ACK
FTP Server
copy Peter R Egli 2014 1019
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoput tuxgifrsquo
User types lsquobinrsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
61 226 Transfer complete rn
63 TYPE I rn
64 200 Type set to I rn
66 PORT 192168115950 rn
67 200 Port command successful rn
68 STOR tuxgif rn
19
21
681
152
353
19
35
541
102
0
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (78) Trace of a typical session as message sequence diagram (45)
54 Data (340 bytes of textfile2txt)
55 FIN ACK
56 ACK
57 ACK
58 FIN ACK
59 ACK
69 SYN
70 SYN ACK
71 ACK
72 150 Opening BINARY mode data connection
for tuxgif rn
FTP Server
copy Peter R Egli 2014 1119
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoquitrsquo
User FTP Client
19
35
541
102
1
19
21
681
152
349
73 Data (1440 bytes of tuxgif)
74 Data (118 bytes of tuxgif)
82 226 Transfer complete rn
84 QUIT rn
85 221-You have transferred 2238 bytes
in 3 files rn
86 221-Total traffic for this session was 3244
bytes in 4 transfers rn FIN
87 ACK
89 ACK
88 FIN ACK
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (88) Trace of a typical session as message sequence diagram (55)
75 FIN ACK
76 ACK
77 ACK
78 ACK
79 FIN ACK
80 ACK
FTP Server
copy Peter R Egli 2014 1219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (13) The protocol in a nutshell
1 FTP is a simple request reply protocol
Requests are 4 characters followed by (optional) argument (eg bdquoSTORldquo bdquoRETRldquo)
Replies are 3 character codes followed by (optional) human readable text (eg bdquo200 Okldquo)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1019
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoput tuxgifrsquo
User types lsquobinrsquo
FTP client performs
a passive open of
data connection
User FTP Client
19
35
541
102
1
19
21
681
152
349
61 226 Transfer complete rn
63 TYPE I rn
64 200 Type set to I rn
66 PORT 192168115950 rn
67 200 Port command successful rn
68 STOR tuxgif rn
19
21
681
152
353
19
35
541
102
0
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (78) Trace of a typical session as message sequence diagram (45)
54 Data (340 bytes of textfile2txt)
55 FIN ACK
56 ACK
57 ACK
58 FIN ACK
59 ACK
69 SYN
70 SYN ACK
71 ACK
72 150 Opening BINARY mode data connection
for tuxgif rn
FTP Server
copy Peter R Egli 2014 1119
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoquitrsquo
User FTP Client
19
35
541
102
1
19
21
681
152
349
73 Data (1440 bytes of tuxgif)
74 Data (118 bytes of tuxgif)
82 226 Transfer complete rn
84 QUIT rn
85 221-You have transferred 2238 bytes
in 3 files rn
86 221-Total traffic for this session was 3244
bytes in 4 transfers rn FIN
87 ACK
89 ACK
88 FIN ACK
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (88) Trace of a typical session as message sequence diagram (55)
75 FIN ACK
76 ACK
77 ACK
78 ACK
79 FIN ACK
80 ACK
FTP Server
copy Peter R Egli 2014 1219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (13) The protocol in a nutshell
1 FTP is a simple request reply protocol
Requests are 4 characters followed by (optional) argument (eg bdquoSTORldquo bdquoRETRldquo)
Replies are 3 character codes followed by (optional) human readable text (eg bdquo200 Okldquo)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1119
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
User types lsquoquitrsquo
User FTP Client
19
35
541
102
1
19
21
681
152
349
73 Data (1440 bytes of tuxgif)
74 Data (118 bytes of tuxgif)
82 226 Transfer complete rn
84 QUIT rn
85 221-You have transferred 2238 bytes
in 3 files rn
86 221-Total traffic for this session was 3244
bytes in 4 transfers rn FIN
87 ACK
89 ACK
88 FIN ACK
19
21
681
152
354
19
35
541
102
0
3 FTP trace analysis (88) Trace of a typical session as message sequence diagram (55)
75 FIN ACK
76 ACK
77 ACK
78 ACK
79 FIN ACK
80 ACK
FTP Server
copy Peter R Egli 2014 1219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (13) The protocol in a nutshell
1 FTP is a simple request reply protocol
Requests are 4 characters followed by (optional) argument (eg bdquoSTORldquo bdquoRETRldquo)
Replies are 3 character codes followed by (optional) human readable text (eg bdquo200 Okldquo)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1219
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (13) The protocol in a nutshell
1 FTP is a simple request reply protocol
Requests are 4 characters followed by (optional) argument (eg bdquoSTORldquo bdquoRETRldquo)
Replies are 3 character codes followed by (optional) human readable text (eg bdquo200 Okldquo)
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1319
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
In the early days of the Internet (70ies) bandwidth was precious thus a character set with only
7 bits was defined (ASCII)
Today bandwidth is usually high enough so saving 18 of bandwidth through using only
7 bits is not justified anymore
FTP supports different file types the most important being ASCII (text) and binary
Some clientsservers make a difference between ASCII and binary some donlsquot
Eg UNIX clients strip everything past non-ASCII characters The windows client transmits
all characters anyway
Itlsquos always save to switch to binary mode since then files are transmitted (and stored)
sbquoas islsquo (unchanged)
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1419
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
4 FTP File Transfer Protocol RFC959 (33) Control connection commands and responses
The control connection is used to send ASCII commands and response codes between
FTP client and server
Important control commands USER ltusernamegt ltCRLFgt
Open FTP session for user ltusernamegt (PASS command to follow as next command)
PASS ltpasswordgt ltCRLFgt
Enter password (USER ltusernamegt entered previously)
NLST ltCRLFgt
Raw list files or directories (no additional information)
LIST ltCRLFgt
List of files and directories with additional human readable information
PORT ltn1n2n3n4n5n6gt ltCRLFgt
Client IP address (n1n2n3n4) and port (n5256+n6) for data connection
RETR ltfilenamegt ltCRLFgt
Retrieve (get) a file
STOR ltfilenamegt ltCRLFgt
Store (put) a file
QUIT ltCRLFgt
Quit current FTP session
The response codes are grouped into ranges (like SMTP HTTP SIP etc) 100 Series The requested action is being initiated expect another reply before proceeding with a new command
200 Series The requested action has been successfully completed
Eg ldquo200 Command okayrdquo
300 Series The command has been accepted but the requested action is dormant pending receipt of further
information
400 Series The command was not accepted and the requested action did not take place but the error condition is
temporary and the action may be requested again
500 Series The command was not accepted and the requested action did not take place
Eg 500 Syntax error command unrecognized This may include errors such as command line too long
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1519
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (13)
Problem Many clients have firewalls that do not allow incoming TCP connections (incoming
SYN) This blocks data transfer since with active FTP the server opens the TCP data connection
(incoming TCP connection for the client for both STOR and RETR commands)
Solution FTP passive mode Client opens TCP data connection thus there are only outgoing
TCP connections (control and data) The Server is passive ie opens a TCP socket in listening
mode
Passive mode is initiated by the client with the PASV command Server responds with its IP
address and TCP port number for the TCP data connection
Internet
Firewall
Passive mode
Client Request ldquoPASV rnrdquo
Server Reply ldquo227 Entering Passive Mode (n1n2n3n4n5n6) rn
Internet
Firewall
Active mode
FTP Client FTP Server
FTP Client FTP Server
Control connection
Control connection
Data connection
Data connection
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1619
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
5 FTP Active mode versus passive mode (23) Sample FTP session with Telnet passive mode
FTP uses NVT characters for the control connection TELNET uses NVT too so a simple
TELNET connection can be used to mimick an FTP control connection
The data connection can not be established with TELNET since it opens an outgoing
connection for the incoming data connection on the client an additional tool is needed (netcat)
that allows to start (listening) incoming connections on the client
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C LIST
S 425 Canlsquot build data connection Connection refusedc
C PORT 1935542626133
S 200 PORT command successful
C CWD temp
S 250 command successful
C RETR textfile1txt
S 226 Transfer complete
C QUIT
S 221-You have transferred 0 bytes in 0 files
S 221-Total traffic for this session was 681 bytes in 1 transfers
S 221-Thank you for using the FTP service on marge
S 221 Goodbye
Client data connection TCP
port is 26256+133=6789
Start netcat (listening on
TCP port 6789) and redirect
received data to sbquooutputfilelsquo
nc ndashl ndashp 6789 gt outputfile
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1719
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
cmdgttelnet ftpfhzhch 21
S 220 marge FTP server ready
C USER pegli
S 331 Password required for pegli
C PASS
S 230 User pegli logged in
C PASV
S 227 Entering Passive Mode (19355411032193)
C CWD temp
S 250 CWD command successful
C RETR textfile1txt
S 150 Opening ASCII mode data connection for textfile1txt (1772 bytes)
S 226 Transfer complete
Start second TELNET session
to ftpfhzhch port
32256+193=8385
NB The second TELNET session will be closed after the transfer of the file is complete
5 FTP Active mode versus passive mode (33) Sample FTP session with Telnet passive mode (contlsquod)
In passive mode the client opens the data connection to the server (server is listening) Thus
a second TELNET connection can be used for the data transfer from client to server
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1819
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
6 FXP File Exchange Protocol = server to server transfer FTP allows to transfer files directly between 2 FTP servers controlled by a FTP client (= FXP)
Advantage The transfer speed depends solely on the connection between the servers
1 The client opens the control connections to FTP server 1 and 2
2 The client sends the PASV command to server 1 Server 1 responds with its IP address and listening data
connection port number (eg 1721664154137) Server 1 opens a passive (listening) data connection on the
specified IP address and port number
3 The client sends the PORT command to server 2 with IP address and port number returned by server 1
4 The client sends the STOR ltfilenamegt (upload bdquoclientserverldquo) command to server 1
5 The client sends the RETR ltfilenamegt (download bdquoserverclientldquo) command to server 2 This will now
invoke server 2 to open the data connection to the IPport specified by the previous PORT command (server
1) Since server 1 is in passive mode it accepts the connection request receives the file transferred through
the data connection and stores it locally
NB This will not work on all servers often the servers perform a check if the data connection terminates on
the same host as the client connection (security)
FTP Client
FTP Server 1 FTP Server 2
FTP control FTP control
FTP data (connection initiated by server 2)
PASV
STOR filetxt
PORT n1n2n3n4n5n6
RETR filetxt
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command
copy Peter R Egli 2014 1919
Rev 350
FTP - File Transfer Protocol ndash RFC959 indigoocom
7 FTP clients Web browser can be used as FTP front-end (Web browser runs ftp scheme (protocol))
FTP URL ftpuserpasswordhostportpath
Most web browsers are full-fledged FTP clients that allow to get and put files fromto
the server with the FTP protocol
FTP download managers
More sophisticated FTP clients (GUI) are able to bdquoresumeldquo an FTP transfer in case of transfer
failure This is particularly helpful for large files (Murphylsquos law dictates that the transfer fails
at gt95) These download managers make use of the FTP Restart (REST) command