|
Background:
After reading the old FTP tutorial, I decided rather then
fixing it up, a complete rewrite was necessary. In this new
FTP tutorial, instead of following in the footsteps of the
old tutorial, I would actually like to talk about the File
Transfer Protocol. This tutorial is aimed at the
intermediate newbie. One that knows the basics of the
internet: what a socket is, what TCP/IP is, etc.
Down
To Work:
The File Transfer Protocol (FTP), as its name states, is a
set of rules that dictates how files should be transfered
over the TCP/IP protocol. A basic FTP connection consists of
a client and a server. The client gets a file by opening a
connection to the server. Usually, the server is run on port
21, however, the system administrator can change this if he
or she wishes.
Once the client has connected to the server, the server
will send a “greeting” to the client. A greeting usually
looks something like the following:
220 SpiderMan's FTP
server. Please login!
The number before the text is known as a “completion code”.
The server greeting will be one of two codes: 220 if the
server accepts the connection or 421 if the server rejects
the connection.
After the server has sent its greeting, the client sends a
request. A request is made up of a verb and, for some verbs,
a parameter. Common verbs are:
Verbs Description
--------------------------------------------------------------
CWD Change the current directory on the server.
PWD Print the current directory on the server.
CDUP Moves up to the parent directory.
LIST List the contents of a directory.
MKD Creates a directory on the server.
RMD Removes a directory from the server.
DELE Removes a file from the server.
USER Sends the username for the login.
PASS Sends the password for the login.
ABOR Abort the transfer.
QUIT Closes the connection with the server.
STAT Gets the current status of the server.
TYPE Toggles the binary flag on the server.
PORT Asks the server to connect to the client.
PASV Requests a data connection on a new port.
RETR Requests the server to send a file.
STOR Sends a file from the client to the server
APPE Same as STOR, except data is appended.
REST Start a download at a certain position.
SYST Gets the OS information of the server.
HELP Get help on a verb.
NOOP No operation.
--------------------------------------------------------------
After sending a request, the client should wait for the
server to respond before the client sends another request;
however, the client can send an ABOR, STAT, or QUIT request
without waiting for the server to respond. Typically, after
the server has sent the greeting, the client will respond
with a USER request in which the client sends the username
to log into the FTP server with.
After the client has sent the server a request, the server
replies with a “response”. A response consists of a
completion code followed by one, or more, lines. Generally,
if the second digit of the completion code is a 0, it is a
syntax error message; if the second digit of the completion
code is a 2, it is a hello or goodbye message.
Once the client is logged in, he or she would then get the
file he or she wishes to retrieve. A typical session would
look similar to this:
220 SpiderMan's FTP server. Please login!
USER SpiderMan
331 Username okay. Send password!
PASS password
230 Password accepted, user logged in.
LIST
150 Opening ASCII mode data connection for /bin/ls
226 Transfer complete
TYPE I
200 Type set to I
PASV
227 Entering passive mode (206,84,161,87,28,46)
RETR datafile.zip
150 Opening BINARY mode data connection for datafile.zip
226 Transfer complete
When downloading a file, the client should specify whether
he or she wants the file sent in ASCII mode (each line ended
with a CR/LF) or binary mode. To set the mode of transfer,
the client sends the TYPE request. TYPE I would set the
binary mode. By default, binary mode is turned off. It is
important that the server send the file in the correct mode
to avoid file corruption.
I should elaborate on the PASV and PORT request since they
are very important to FTP. You may be wondering just what
the PASV request is used for and what the odd looking
response from the server is supposed to mean. When the
client sends a PASV request, the server opens up a temporary
socket and sends a reply to the client which informs the
client of port to connect to. The reply would look like
this:
PASV 227 Entering passive mode (206,84,161,87,28,46)
The numbers in the parentheses play an important role. The
numbers separated by the first four commas make up the IP
address to connect to. In this example, the IP would be
206.84.161.87. The remaining numbers specify which port to
connect to. Usually, this is done by multiplying the first
number by 256 and adding the second number. In this example,
the port number would be 7214 (28*256+46= 7214). Now that
the server has replied to the PASV request, two channels are
open: the first (the original one) is the “communication
channel” where the requests are sent and the second is the
“data channel” where the data is transfered.
The PORT request is similar to the PASV request, however,
when the client sends a PASV request, the server opens
another socket and the client connects to it. When a client
sends a PORT request, the server connects to the
client—usually on port 20.
With the advent of IPv6, you may be wondering how FTP will
be carried out since the servers are replying to the PASV
requests with an IPv4 IP. One solution, proposed by D.
Bernstein, would be to have IPv6 servers send a nonexistent
IP address and have IPv6 clients ignore the IP and skip
straight to the port number. This way, older clients using
IPv4 will connect to a fake IP and give up trying to connect
to the server.
Now that you know how FTP works, I'll show you how to log
into a server, look around, and then get a file. Before I
begin, I should tell you about anonymous FTP servers. An
anonymous FTP server is just like a normal server, however,
you can login using the username “anonymous” and an e-mail
as the password. In this example, I'll use a fake e-mail of
guest@guest.com. Most anonymous FTP servers only read up to
the @ sign, so if you're lazy you can just type in “guest@”.
A lot of sites offer anonymous FTP because it is an easy way
to let the public get files without assigning each person a
login. On with the example!
First, I connect to the server and send my username and
password.
220 SpiderMan's FTP server. Please login!
USER anonymous
331 Anonymous login okay, send e-mail as password.
PASS guest@guest.com
230 Password accepted, logged in as anonymous.
Now that I'm in, I'll change to the “files” directory and
download a file.
CWD ./files
250 CWD command successful.
TYPE I
200 Type set to I
PASV
227 Entering passive mode (210,52,165,168,15,26)
RETR code.zip
150 Opening BINARY mode data connection for code.zip
226 Transfer complete
I've got the file I want, now I'll move up to the parent
directory, move to another directory, and download another
file.
CWD ..
250 Okay
CWD ./jokes
250 CWD command successful.
TYPE A
200 Type set to A
PASV
227 Entering passive mode (210,52,165,168,15,26)
RETR jokes.txt
150 Opening ASCII mode data connection for jokes.txt
226 Transfer complete
I got the two files I wanted, so now I'll logout.
QUIT
221 Goodbye, please come back!
Further Reading:
RFC 959
The FTP Handbook
The WarFTP FTP resource site
Conclusion:
And so ends yet another text file. As always, if you find
any errors or have any comments please send them to
spiderman@witty.com. Please direct all questions to the
message board. Until next time...
Credits
Blacksun Research Facilitiy
http://blacksun.box.sk
http://spidrman.cjb.net/
SpiderMan (spiderman@witty.com)
Last updated: 11/01/01 |