File Transfer Protocol
- See file transfer protocol (disambiguation) and FTP (disambiguation) for alternative meanings.
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
Link layer |
The File Transfer Protocol (FTP) is a software standard for transferring computer files between machines with widely different operating systems. It belongs to the application layer of the Internet protocol suite.
FTP is an 8-bit client-server protocol, capable of handling any type of file without further processing, such as MIME or Uuencode. However, FTP has extremely high latency; that is, the time between beginning the request and starting to receive the required data can be quite long, and a sometimes-lengthy login procedure is required.
Overview
FTP is commonly run on two ports, 20 and 21. Port 20 is a data stream which transfers the data between the client and the server. Port 21 is the control stream and is the port where commands are passed to the ftp server. While data is being transferred via the data stream, the control stream sits idle. This can cause problems with large data transfers through firewalls which time out sessions after lengthy periods of idleness. While the file may well be successfully transferred, the control session can be disconnected by the firewall, causing an error to be generated.
The objectives of FTP, as outlined by its RFC, are:
- To promote sharing of files (computer programs and/or data).
- To encourage indirect or implicit use of remote computers.
- To shield a user from variations in file storage systems among different hosts.
- To transfer data reliably and efficiently.
Disadvantages are:
- Passwords and file contents are sent in clear text, which can be intercepted by eavesdroppers.
- Multiple TCP/IP connections are used, one for the control connection, and one for each download, upload, or directory listing. Firewall software needs additional logic to account for these connections.
- It is hard to filter active mode FTP traffic on the client side by using a firewall, since the client must open an arbitrary port in order to receive the connection. This problem is largely resolved by using passive mode FTP.
- It is possible to abuse the protocol's built-in proxy features to tell a server to send data to an arbitrary port of a third computer.
- FTP is an extremely high latency protocol due to the number of commands needed to initiate a transfer.
FTP, though usable directly by a user at a terminal, is designed mainly for use by FTP client programs.
Many sites that run FTP servers enable so-called "anonymous ftp". Under this arrangement, users do not need an account on the server. By default, the account name for the anonymous access is 'anonymous'. This account does not need a password. Although users are commonly asked to send their email addresses as their passwords for authentication, usually there is trivial or no verification, depending on the FTP server and its configuration.
FTP and web browsers
Most recent web browsers and file managers can connect to FTP servers. This allows manipulation of remote files over FTP through an interface similar to that used for local files. This is done via an FTP URL, which takes the form ftp://<ftpserveraddress> (e.g., [1]). A password can optionally be given in the URL, e.g.: ftp://<login>:<password>@<ftpserveraddress>. Most web-browsers require the use of passive mode FTP, which not all FTP servers are capable of handling.
References
The protocol is standardized in RFC 0959 by the IETF as:
- RFC 0959 File Transfer Protocol (FTP). J. Postel, J. Reynolds. Oct-1985. (Format: TXT, 147316 bytes at http://www.ietf.org/rfc/rfc959.txt ) This obsoleted the preceding RFC 765 and earlier FTP RFCs back to the original RFC 114.
See also
- Trivial File Transfer Protocol (TFTP)
- SSH file transfer protocol (SFTP), a protocol running over SSH
- Secure FTP, FTP run over SSH
- FTPS, FTP run over SSL
- Simple File Transfer Protocol (SFTP), the historic protocol RFC 913
- Archie search engine
- FTP client
- List of FTP clients
- Comparison of FTP clients
- FTP server
- List of FTP servers
- FTPFS
External links
- FTPplanet.com Tutorials, discussion forums and more information related to FTP.
- Dmoz directory about FTP
- Cyberduck a freely distributable GPL licensed FTP/SFTP client for Mac OS X.
- Filezilla a freely distributable GPL licensed FTP client for Windows.
- FTP Tutorial Basic commands
- JAFS Enterprise class Open Source Java FTP server.
- RFC 0959 File Transfer Protocol (FTP). J. Postel, J. Reynolds. Oct-1985., also RFC0959 in html format
- An Overview of the File Transfer Protocol explains how the FTP works at the protocol level.
- The FTP and Your Firewall details FTP's problems with firewalls and how to deal with them.
- Tutorials for Beginning Computer Users: Introduction to the File Transfer Protocol (FTP)
- 01FTP - web based client FTP client allowing web based file transfers
- Active vs. Passive FTP explained and illustrated
- FTP Sequence Diagram