Embed Size (px)
Citation preview
FTPFTP
(File Transfer Protocol)(File Transfer Protocol)
Altaf Hussain Srikanth Nutigattu
Agenda…Agenda…
Introduction to FTPIntroduction to FTP OverviewOverview FTP in DetailFTP in Detail Advantages/Limitations Advantages/Limitations Programming for FTPProgramming for FTP AlternativesAlternatives
IntroductionIntroduction
FTPFTP or or File Transfer ProtocolFile Transfer Protocol is used to is used to transfer data from one computer to transfer data from one computer to another over the Internet, or through a another over the Internet, or through a network. network.
Specifically, FTP is a commonly Specifically, FTP is a commonly used protocol for exchanging files over used protocol for exchanging files over any network that supports the any network that supports the TCP/IP protocol protocol
The The FTP serverFTP server, running , running FTP server FTP server softwaresoftware, listens on the network for , listens on the network for connection requests from other connection requests from other computers. The client computer, running computers. The client computer, running FTP client software, initiates a connection , initiates a connection to the server. to the server.
FTP Server FTP Client
File System
File System
Server Protocol
Interpreter
Server Data
Transfer Process
User PI
User DTP
UI
FTP Server FTP Client
FTP Commands/Replies
Data Connection
(port 21)
(port 20)
OverviewOverview
FTP runs exclusively over FTP runs exclusively over TCPFTP servers by default listen on FTP servers by default listen on port 21port 21for for
incoming connections from FTP clients.incoming connections from FTP clients.(control stream ) (control stream )
For the actual file transfer to take place, a For the actual file transfer to take place, a different connection is required by default different connection is required by default port 20port 20 (data stream) (data stream)
Connection Modes:Connection Modes:
Active ModeActive Mode Passive ModePassive Mode Extended Passive ModeExtended Passive Mode
FTP in detail:FTP in detail:
- Two Primary file transfer modes Two Primary file transfer modes - ASCII (plain text)ASCII (plain text)
- End-of-line translation occurs between platformsEnd-of-line translation occurs between platforms- Data is considered to be only 7 bits (high order bits are lost)Data is considered to be only 7 bits (high order bits are lost)
- Binary imageBinary image- Data is transferred raw (not interpreted)Data is transferred raw (not interpreted)
- Other Modes (EBCDIC, local) are rarely ever usedOther Modes (EBCDIC, local) are rarely ever used
- Mode must be set before transfer beginsMode must be set before transfer begins- Many clients have an auto-select mode.Many clients have an auto-select mode.
- File suffix / name guides selection of transfer modeFile suffix / name guides selection of transfer mode- Common mistake to transfer a binary file in ASCII mode.Common mistake to transfer a binary file in ASCII mode.
..contd.,..contd.,
- - The server stores files in a directory structure The server stores files in a directory structure - Clients log on, traverse the directories, and Clients log on, traverse the directories, and
download files download files - Anonymous access is an optionAnonymous access is an option- The FTP request command determines the
direction of the data transfer (GET/PUT)
Different FTP clients hide the protocol Different FTP clients hide the protocol details in different ways:details in different ways:
Command line – closest to the real protocolCommand line – closest to the real protocol
Dedicated FTP clients, such as ‘Filezilla’ – Dedicated FTP clients, such as ‘Filezilla’ – easier to use, more flexible and robusteasier to use, more flexible and robust
Web browsers – tend to make FTP and webWeb browsers – tend to make FTP and webaccess look similaraccess look similar
Standard Connection Model Standard Connection Model
ControlControl
DataDataAAAA BBBB
Alternative Connection ModelAlternative Connection Model
ControlControl
DataData
AA
BBBB CCCC
ControlControl
Access Control CommandsAccess Control Commands
USER USER specify user specify user
PASS PASS specify passwordspecify password
CWD CWD change directorychange directory
CDUPCDUP change directory to parentchange directory to parent
QUITQUIT logoutlogout
Transfer Parameter CommandsTransfer Parameter Commands
PORT PORT publish local data portpublish local data port
PASVPASV server should listen server should listen
TYPETYPE eestablish data representationstablish data representation
MODEMODEestablish transfer modeestablish transfer mode
STRUSTRU establish file structureestablish file structure
Service CommandsService Commands
RETRRETR retrieve fileretrieve file
STORSTOR send filesend file
STOUSTOU send file and save as uniquesend file and save as unique
APPEAPPE send file and append send file and append
ABORABOR abort prev. service commandabort prev. service command
PWDPWD print working directoryprint working directory
LISTLIST transfer list of files over data linktransfer list of files over data link
FTP RepliesFTP Replies
All replies are sent over control All replies are sent over control connection.connection.
Replies are a single line containingReplies are a single line containing3 digit status code (sent as 3 numeric 3 digit status code (sent as 3 numeric
chars).chars). text message.text message.
The FTP spec. includes support for The FTP spec. includes support for multi-line text replies.multi-line text replies.
Data Transfer ModesData Transfer Modes
STREAM: file is transmitted as a stream of STREAM: file is transmitted as a stream of bytes.bytes.
BLOCK: file is transmitted as a series of BLOCK: file is transmitted as a series of blocks preceded by headers containing count blocks preceded by headers containing count and descriptor code (EOF, EOR, restart and descriptor code (EOF, EOR, restart marker).marker).
COMPRESSED: uses a simple compression COMPRESSED: uses a simple compression scheme - compressed blocks are transmitted. scheme - compressed blocks are transmitted.
Advantages/LimitationsAdvantages/Limitations
Advantages over HTTP:Advantages over HTTP:
Allows inspection of file-tree, file size and Allows inspection of file-tree, file size and time-stamps.time-stamps.
No HTML code required.No HTML code required.Easy to implement download/uploading Easy to implement download/uploading
Limitations:Limitations: Passwords and file contents are sent in and file contents are sent in clear text, ,
which can be intercepted by which can be intercepted by eavesdroppers. . There are protocol enhancements that There are protocol enhancements that circumvent this. circumvent this.
Multiple TCP/IP connections are used, one for Multiple TCP/IP connections are used, one for the control connection, and one for each the control connection, and one for each download, upload, or directory listing. Firewall download, upload, or directory listing. Firewall software needs additional logic to account for software needs additional logic to account for these connections. these connections.
It is hard to filter active mode FTP traffic on the It is hard to filter active mode FTP traffic on the client side by using a client side by using a firewall, since the client , since the client must open an arbitrary must open an arbitrary port in order to receive the in order to receive the connection. This problem is largely resolved by connection. This problem is largely resolved by using passive mode FTP. using passive mode FTP.
FTP is a high latency protocol due to the number FTP is a high latency protocol due to the number of commands needed to initiate a transfer. of commands needed to initiate a transfer.
No integrity check on the receiver side. If No integrity check on the receiver side. If transfer is interrupted the receiver has no way to transfer is interrupted the receiver has no way to know if the received file is complete or not. It is know if the received file is complete or not. It is necessary to manage this externally for example necessary to manage this externally for example with with MD5 sums or sums or cyclic redundancy checking. .
No error detection. FTP relies on the underlying No error detection. FTP relies on the underlying TCP layer for error control, which uses a weak TCP layer for error control, which uses a weak checksum by modern standards. checksum by modern standards.
Java Programming for FTPJava Programming for FTP
There is no standard API for FTP (eg like There is no standard API for FTP (eg like http package)http package)
Should rely on ‘URL’ and ‘URLConnection’ Should rely on ‘URL’ and ‘URLConnection’ classes.classes.
Sun provides an undocumented and Sun provides an undocumented and unsupported API called ‘unsupported API called ‘sun.net.ftp’sun.net.ftp’
For enhanced capability should rely on For enhanced capability should rely on third party API’s.third party API’s.
sun.net.ftpsun.net.ftpJava.net
JDK support for FTP
Third party API’s for FTP clientThird party API’s for FTP client JScape, JScape, iNet FactoryiNet Factory: com.jscape.inet.ftp.Ftp : com.jscape.inet.ftp.Ftp IP*WorksIP*Works: ipworks.Ftp : ipworks.Ftp Enterprise Distributed Technologies, Enterprise Distributed Technologies, Java FTP Client Java FTP Client
LibraryLibrary: com.enterprisedt.net.ftp.FTPClient : com.enterprisedt.net.ftp.FTPClient IBM alphaWorks, IBM alphaWorks, FTP Bean SuiteFTP Bean Suite: :
com.ibm.network.ftp.protocol.FTPProtocol com.ibm.network.ftp.protocol.FTPProtocol SourceForge, SourceForge, JFtpJFtp: net.sf.jftp.net.FtpConnection : net.sf.jftp.net.FtpConnection The Jakarta Project, The Jakarta Project, Jakarta Commons/NetJakarta Commons/Net: :
org.apache.commons.net.ftp.FTPClientorg.apache.commons.net.ftp.FTPClient JavaShop JavaShop JNetBeansJNetBeans: jshop.jnet.FTPClient : jshop.jnet.FTPClient Florent Cueto, Florent Cueto, JavaFTP APIJavaFTP API: com.cqs.ftp.FTP : com.cqs.ftp.FTP Bea Petrovicova, Bea Petrovicova, jFTPjFTP: cz.dhl.ftp.Ftp : cz.dhl.ftp.Ftp The Globus Project, The Globus Project, Java CoG KitJava CoG Kit: :
org.globus.io.ftp.FTPClient org.globus.io.ftp.FTPClient
The comprehensive comparison can be The comprehensive comparison can be found at:found at:
http://www.javaworld.com/javaworld/jw-04-http://www.javaworld.com/javaworld/jw-04-2003/ftp/jw-0404-ftptable.html2003/ftp/jw-0404-ftptable.html
Alternatives and EnhancementsAlternatives and Enhancements
FTP over SSH (secure FTP )FTP over SSH (secure FTP )FTP over SSHFTP over SSH refers to the practice of tunneling refers to the practice of tunneling
a normal FTP session over an SSH a normal FTP session over an SSH connection.connection.
FTP over SSL (FTPS )FTP over SSL (FTPS )SSH File Transfer ProtocolSSH File Transfer Protocol ( (SFTPSFTP))
This is not related to standard FTP. Here, the This is not related to standard FTP. Here, the entire conversation (credentials and data) is entire conversation (credentials and data) is always protected by the SSH protocol. always protected by the SSH protocol.
Additional References:
www.wikipedia.comhttp://java.sun.com/j2se/1.4.2/docs/api/http://www.javaworld.com/http://jakarta.apache.org/commons/net/http://www.enterprisedt.com/publications/FTP_Overview.htmlRFC 959. File Transfer Protocol. J.Postel. J Reynolds. 1985.http://www.ietf.org/rfc/rfc0959.txt
Thank you!!Thank you!!
