Behind the scenes with FTP

File Transfer Protocol (FTP) is a cornerstone network protocol for moving computer files between a client and server on a network. As a Computer Science and Cybersecurity student, I've known about FTP for a while. I might have known more, but I could only recall "port 21" and a basic tool for file sharing in my mind. But today, as FTP came up in my learning, I decided to dig deeper. Here's a fresh, detailed look at FTP, how it works, and some practical examples to illustrate its operations.

Historical Context

• Origins: FTP is one of the oldest protocols still in use today, dating back to the early 1970s. It was developed to support file transfers over ARPANET, the precursor to the modern internet.

• RFC 114: The first specification of FTP was published as RFC 114 in April 1971. This has evolved significantly over time, with the most widely recognized version being defined in RFC 959, published in 1985.

What is FTP?

FTP allows for the transfer of files between two machines over a network. It operates based on a client-server architecture where the client initiates the connection to the server to upload or download files. Let’s break down how FTP works:

1. Establishing Connection: The client connects to the server on port 21 to establish a control connection.
2. Authentication: The client sends login credentials (username and password) over the control connection to authenticate with the server.
3. Command Exchange: The client sends FTP commands over the control connection, such as commands to change directories, list files, or initiate file transfers.
4. Data Transfer: When a file transfer command is issued, the server initiates a data connection on port 20. The actual file data is then transferred over this connection.
5. Termination: After the file transfer is complete, the data connection on port 20 is closed. The control connection on port 21 remains open until the client sends a command to terminate the session.

Connection Establishment

• Port 21 - FTP Control: This port is used for the control connection between the client and the server. Commands such as login credentials, changing directories, and other control commands are sent and received here.
• Port 20 - FTP Data: This port handles the actual data transfer. Once the control connection on port 21 is established, port 20 is used to transfer the data between the client and server.

Authentication

1. Client Initiates Connection: The client connects to the server on port
2. Server Response: The server responds with a greeting message.
3. Client Sends Credentials: The client sends a username and password to authenticate.
4. Server Verifies: The server verifies the credentials and responds with a success or failure message.

Command & Response Exchange

FTP commands are text-based and follow a specific syntax. Each command sent by the client results in a response code from the server. Here are a few examples:

USER: Command to send the username.
PASS: Command to send the password.
LIST: Command to list files in a directory.
RETR: Command to retrieve (download) a file.
STOR: Command to store (upload) a file.

Example command exchange:

Client: USER ftpuser
Server: 331 Password required for ftpuser.
Client: PASS ftppassword
Server: 230 User ftpuser logged in.

Data Transfer Modes

FTP can operate in two modes: Active and Passive.

Active FTP:
In Active FTP, the client opens a port and waits for the server to connect to it from port 20. Here’s how it works:

• The client connects to the server's port 21 and sends the PORT command, specifying which port the client is listening on.
• The server acknowledges and initiates a connection from its port 20 to the client’s specified port.
• The data transfer occurs over this new connection.

Passive FTP:
In Passive FTP, the roles are reversed, making it easier to handle firewall and NAT issues. Here’s how it works:

• The client connects to the server's port 21 and sends the PASV command.
• The server responds with the IP address and port number that the client should connect to for the data transfer.
• The client then establishes a data connection to the specified IP address and port.

Directory Operations

FTP allows clients to navigate and manage directories on the server. Commands for these operations include:

• PWD: Print working directory.
• CWD: Change working directory.
• MKD: Make directory.
• RMD: Remove directory.

File Transfer

File transfer operations involve the RETR and STOR commands:

• Download a File: The client sends RETR filename, and the server transfers the file over the data connection.
• Upload a File: The client sends STOR filename, and the client transfers the file to the server over the data connection.

Some Security Considerations

• Unencrypted Transfers: Standard FTP does not encrypt data, making it vulnerable to eavesdropping and interception. Secure variants like FTPS (FTP Secure) and SFTP (SSH File Transfer Protocol) are used to address these security concerns.
• FTPS: FTPS adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols, providing encryption for both the control and data channels.
• SFTP: Despite its name, SFTP is a completely different protocol based on the Secure Shell (SSH) protocol. It provides secure file transfer capabilities, encrypting both command and data transfers.
• Anonymous FTP: Many public servers support anonymous FTP, where users can log in with the username "anonymous" and an email address as the password. This is often used for distributing public files and software updates.

Hands-On Example: Using FTP with CLI

Let’s explore some hands-on examples using the FTP command line interface. These examples assume that an FTP server is up and running. You may refer this blog to setup one on a windows VM.

Connecting to an FTP Server

ftp <ftp_server_address>

Logging In

Name (ftp_server_address:username): your_username
Password: your_password

Listing Files

ftp> ls

Changing Directories

ftp> cd <directory_name>

Downloading a File

ftp> get <file_name>

Uploading a File

ftp> put <file_name>

Exiting the FTP Session

ftp> bye

Python provides an easy-to-use library called ftplib for FTP operations.

Conclusion

FTP is a powerful protocol for transferring files between a client and a server. Understanding the roles of the control and data ports, along with the differences between Active and Passive modes, can help you effectively use FTP for your file transfer needs. The hands-on examples provided give a practical introduction to using FTP via the command line and Python.

By mastering FTP, you can efficiently manage file transfers in various network environments, ensuring smooth and secure data exchanges. So next time you think of FTP, you’ll see it as more than just port 21, but as a comprehensive protocol that facilitates essential file transfer operations.

Thanks