File Transfer Protocol - Computer and Information Sciences
Download
Report
Transcript File Transfer Protocol - Computer and Information Sciences
FTP - File Transfer Protocol
TFTP – Trivial FTP
CISC 856 – Fall 2008
Shriram Ganesh
University of Delaware
(some/most slides courtesy of
Brian Lucas,
Umakanth Puppala, William Boyer
Vikram Rajan, Michael Haggerty, and Prof Amer)
[email protected]
Overview
File Transfer Protocol (RFC 959)
• Why FTP?
• FTP’s connections
• FTP in action
• FTP commands/responses
Trivial File Transfer Protocol (RFC 1350)
• TFTP and TFTP’s message formats
• FTP and TFTP compared
A Bit of History - FTP
Direct (e.g. telnet)
Network Use
Indirect (e.g. FTP)
RFC 114 – April 1971 before TCP and IP existed
- Used NCP to do FTP on ARPANET
RFC 354 – July 1972
- Overall Communication Model
RFC 542 – August 1973
- Remarkably similar to today’s FTP
- Still based on NCP
RFC 765 – June 1980
- FTP over TCP/IP
Why do we need a FTP service?
Purpose: To Transfer files between two computers
Goals of FTP Service
• Promote sharing of files (programs and/or data)
• Encourage indirect/implicit use of remote computers
• Shield users from variations in file storage among hosts
• Transfer data reliably and efficiently
Problems of file transfer
• At first, file transfer may seem simple
• Heterogeneous systems use different:
–
–
–
–
–
Operating Systems
Character Sets
Naming Conventions
Directory Structures
File Structures and Formats
• FTP needs to address and resolve these
problems
FTP’s 2 Connections
client
User
Interface
* Non-persistent
Persistent
command
*Server
Insulates
users
from
“raw”
data
is
listening
on
port
21
*Server“raw”
uses FTP
portcommands
20
* Routes
and
reply
connection
commands
forFTP
connection
requests
for
data server’s
connections
* connection
Receives
replies
server
User
Protocol
Interpreter
User
Data Transfer
Function
Control
Connection
Data
Connection
21
Server
Protocol
Interpreter
Server
Data Transfer
20
Function
FTP’s 2 Connections - Establishment
ftp> open strauss.udel.edu
client
User
Interface
User
Protocol
Interpreter
User
Data Transfer
Function
Connected to strauss.udel.edu
220 strauss FTP server ready.
331 Password req for ganesh.
Password:
230 User ganesh logged in.
ftp>
USER mypass
ganesh
PASS
server
Control
Connection
Data
Connection
Server
Protocol
Interpreter
Server
Data Transfer
Function
FTP’s 2 Connections – Data Transfer
client
ls client.txt
-rw-r--r-- lucasb client.txt
User
Interface
128.4.40.17 (19×256)+137
128.4.40.17:5001
226
Data Connection
128.4.40.17
19,137
PORT
200 Closing
LIST
Port
128,4,40,17,19,137
client.txt
Command
Sucessful
150
Data
Connection
will be open shortly
server
User
Protocol
Interpreter
Control
Connection
Passive open on
Port 5001
User
Data Transfer
Function
Data
Connection
Server
Protocol
Interpreter
Server
Data Transfer
Function
Establish Data Connection
FTP’s 2 Connections – Connection Closing
client
User
Interface
bye
221
Service Closing
QUIT
server
User
Protocol
Interpreter
User
Data Transfer
Function
Control
Connection
Data
Connection
Server
Protocol
Interpreter
Server
Data Transfer
Function
FTP Connection
Server
Client
ftp> open server
Eph
SYN
SYN|ACK
21
ACK
220 Service Ready
ACK
ftp> USER ganesh
ACK
331 User OK,password?
ftp> PASS mypass
ACK
ACK
ACK
230 User login OK
FTP – Data transfer (get command)
Server
Client
PORT 128,4,40,17,19,137
Eph
21 200 Command Successful
LIST client.txt
20
5001
ACK
ACK
Eph
5001
150 Data Connection
will be open shortly
Control connection 21
Data Connection 20
ACK
226 Closing Data
Connection
FTP – Data transfer (put command)
Server
Client
PORT 128,4,40,17,19,137
Eph
21 200 Command Successful
LIST client.txt
20
5001
ACK
ACK
Eph
5001
150 Data Connection
will be open shortly
Control connection 21
Data Connection 20
ACK
226 Closing Data
Connection
FTP Client Commands (issued by user interface)
Command
Description
get filename
mget filename*
put filename
Retrieve file from server
mput filename*
open server
bye / close / exit
Copy multiple local files to server
ls / dir
List files in current remote dir on
server
lcd
cd
Change local directory
rhelp / remotehelp
Lists commands the server accepts
Retrieve multiple files from server
Copy local file to server
Begin login to server
Logoff server
Change remote directory
*Server sends list of matching files to client, Client protocol interpreter
asks the user for operation on each matching file.
A-PDU FTP Commands
Command
Description
LIST [filelist ]
USER username
PASS password
List files or directories (ls / dir)
PORT h1,h2,h3,h4,p1,p2
Client IP and port number
RETR filename
STOR filename
TYPE (A, I, E, N or T)
Retrieve (get) filename
Send username to server
Password on server
Store (put) filename
Defines the file type or print format
FTP Response Format
Reply
Description
x2z
Positive preliminary reply.The action is being started but
expect another reply before sending another cmd.
Positive completion reply. A new cmd can be sent.
Positive intermediate reply. The cmd has been accepted but
another cmd must be sent.
Transient negative completion reply. The requested action
did not take place but can be sent later
Permanent negative completion reply. Cmd not accepted and
should not be reissued.
Syntax
Information
Connections. Replies referring to control or data connections.
x3z
Authentication and accounting
x4z
Unspecified
Filesystem status
1yz
2yz
3yz
4yz
5yz
x0z
x1z
x5z
Example FTP Responses
• 120
Service will be ready shortly
• 200
Command OK
• 230
User login OK
• 331
User name OK; password is needed
• 421
Service not available
• 530
User not logged in
• 552
Requested action aborted; exceeded storage allocation
Summary of FTP Connections
• FTP has 2 connections
- Control (persistent connection)
- Server issues a passive open on well-known 21
- Client uses an ephemeral port to issue active open
- Server ultimately closes control connection
- Data (ephemeral connection)
- Client issues passive open on an ephemeral port
- Client sends this port to server via PORT
command
- Server receives the port number and issues active
open using its well-known 20 to the received
ephemeral port
Data Connection
• PORT does not always work…why?
• Instead, use PASV command
– Client sends PASV command to server
– Server chooses ephemeral port: passive open
– Server responds with IP, Port in reply (227)
– Client issues active open to server’s port
• Ultimately, the data sender closes connection
FTP Passive Data Transfer
client
ls client.txt
-rw-r--r-- lucasb client.txt
User
Interface
226
Closing
Data Connection
227
LIST
PASV
Entering
client.txt
Passive
Mode
150
Data
Connection
will (128,4,40,42,20,5)
be open shortly
server
User
Protocol
Interpreter
User
Data Transfer
Function
Control
Connection
Server
Protocol
Interpreter
Passive open on
Port 5125
Server
Data
Data Transfer
Connection
Function
Establish Data Connection
Trivial FTP (TFTP)
• Used only to read and
write files from/to a
remote server
– Cannot list directories
• Useful for
bootstrapping diskless
systems
TFTP
UDP
IP
Ethernet
Physical
TFTP Message Formats
Diagrams from McGraw-Hill
TFTP Connection Establishment
Passive
open
Client
69
Server
a. Passive open by server
Active
open
Client
50032
69
Server
b. Active open by client
Client
69
50032
62000
Server
c. Rest of communication
Diagram from McGraw-Hill
TFTP Data Transfer
Diagram from McGraw-Hill
TFTP Connection - Timers
Server
Client
Read Request
Eph
RRQ “fullOS”
DATA 1
69
Eph
First Block of
512 Bytes Sent
ACK 1
Block 2 Lost
DATA 2
Timeout
DATA 2
Block 3 Damaged
ACK 2
DATA 3
Timeout
DATA 3
ACK 3
DATA 4
Timeout
ACK 4
ACK 4
Timer
running
ACK 4 Lost
TFTP Connection (Cont’d)
Server
Client
DATA 5
ACK 5 is Slow
Discard Duplicate
Data is Sent
Twice, Known as
The Sorcerer's
Apprentice Bug
ACK 5
Timeout
DATA 5
ACK 5
DATA 6
ACK 6
DATA 6
ACK 6
DATA 7
ACK 7
DATA 7
ACK 7
DATA 8
ACK 8
DATA 8
ACK 8
Resend Data 6
Block 8 is the Last
Block (383 Bytes)
FTP vs. TFTP
FTP
2 connections: control
(21) and data (20)
Reliable service using
TCP
Many commands
Minimal security using
logon procedure
Larger code size, fullfeatured
TFTP
1 connection (69), stop
and wait flow
Uses UDP, handles own
retransmissions
5 message types, only
reads/writes files
No logon or security
Lightweight, designed to
fit on ROM
Security Issues
FTP Bounce Attack
Control messages
Attacker 10.0.18.30
Victim 10.0.18.35
LIST
PORT 10.0.18.35:5000
Login
Data Connection
FTP Server sthuy
FTP Bounce Attack (cont’d)
• According to FTP protocol, client is
*supposed* to specify its own IP address
and port number.
• Port Scan Attack – Attacker gathers
information on ports of target machine
FTP Bounce Attack (cont’d)
Attacker: 10.0.18.30 FTP login account: sthuy Target: 10.0.18.35
File Exchange Protocol (FXP)
• Method of data transfer which uses the
FTP protocol’s PASV mode.
• Transfer data from one remote server to
another (inter-server) without routing this
data through the client's connection.
• Enabling this can make a server
vulnerable to the FTP bounce attack.