FTP protocol is one of the most used transfer protocols. FTP means File Transfter Protocol. A lot of users know this protocol from FTP clients. However more advanced users or server administrators also use FTP servers, which allow them to benefit from invaluable services.
FTP (File Transfer Protocol)
This protocol is designed for transfer of files between network node computers. The pre-requisite for exploitation of File Transfer Protocol are FTP servers (also called FTP archives). These servers are computers/servers with remotely accessible file systems – e.g. the user of a remote computer (FTP client) has rights to "download" files to his own computer or upload files from his computer to FTP server. Different access rights for each user can be defined.
FTPS
In IT industry, FTPS or FTP/SSL or also FTP with SSL/TLS represent various add-ons to FTP protocol, which ensure secure transfer of confidential information (such as login name, password or data to be transferred) over the computer network. Not to be confused with SFTP or Secure FTP.
SFTP (SSH File Transfer Protocol)
Another security related FTP protocol. SSH-2 protocol is generally used for the data transfer itself. This protocol ensures secure data transfer but can also be used in connection with another protocol. SFTP protocol substitutes the SCP protocol, which is too vulnerable. SFTP can be used for designation of a protocol or program.
Secure FTP (Secure File Transfer Protocol)
It may look similar but it is not the same as FTPS. When using this protocol we perform so called FTP tunneling through connection established by SSH protocol. It is sometimes also called Secure FTP.
TFTP (Trivial File Transfer Protocol)
FTP protocol is a "full quality" transfer protocol, e.g. it comprises all mechanisms and properties required for transfer of files in computer networks. However, in some cases, this "full quality" of the FTP may be detrimental, mainly due to its relatively high complexity and demanding implementation. High complexity and demanding implementation of the FTP protocol might be a problem for instance for disc free stations, which only upload their boot image (file containing all necessary information for disc free station switch on) and therefore require the programming code ensuring the boot image upload to be as small as possible in order to be stored in the ROM memory of the disc free station. For such purposes the new TFTP (Trivial File Transfer Protocol) was developed, as the least complex FTP protocol version. This least complext FTP protocol (TFTP) does not deal with users, user access rights or current directory and does not allow remote computers to list through the server directories in order to find files to be downloaded. This means that TFTP client cannot search anything on the server and must be directed directly to the file to be downloaded.
The differences between TFTP and FTP are as follows:
- TFTP uses UDP services for data transport (while FTP uses TCP)
- TFTP does not support directory listing, file deleting and similar functions to be performed on remote computer.
- identification of user asking for transfer is not required in case of TFTP protocol
FTP server
As mentioned above, FTP server is a computer, which allows remote computers to access their file directory. However, before FTP server grants access to its file directory, user authorization needs to be performed. This is username, password and access right verification and setting process. As it is possible to set individual access rights per user (or group of users), the file sharing system is very secure with minimum risk of security problem (access to private folders, deletion of essential files,…).
FileZilla – FTP server for Windows
FileZilla Server is a simple open-source FTP server for Windows 98/2000/ME/NT/XP/2003/Vista platforms. This FTP server allows to transfer files from one computer to another without using an e-mail or internet server. It is a small, powerful, well-arranged and mainly not demanding application for operation and administration of own FTP server. The main advantages of this program are its speed and intuitive GUI (graphic user interface). The most recent version also offers an improved support for passive access and a possibility to enter hostnames instead of standard external IP address.
Fig.: 1 – FileZilla server interface
ProFTPD – FTP server for Linux
ProFTPD is a secure and simply configurable FTP server for Linux platform. Its combination with Apache web server is very popular.
When the ProFTPD project started the most frequently used FTP server was wu-ftpd. Wu-ftps was considered to be a good product with excellent power, but lacked a lot of useful functions of more recent Win32 FPS servers and did not have a very good reputation from the security point of view. A lot of people, inclusind ProFTPD developers, have spent a lot of type dealing with bugs and hacks in wu-ftpd. Luckily they managed to clear the application very fast but it was still necessary to redesign the system, not only for configuration purposes. Therefore a new ProFTPD server was developed. It could seem that ProFTPD server project was hacked from another project/software. However it is not true. ProFTPD is a genuine source good.
FileZilla – FTP client for all platforms
A very popular and quality FTP client. Its main properties are:
- saving a history of individual sessions (password history keeping can be switched on or off)
- SSL and Kerberos GSS support
- support of firewall and proxy connections
- connection keeping to FTP server
- automatic selection of binary or text transfer mode following the file type
- possibility to adjust the interface layout
Fig.: 2 – FileZilla client interface
Program setting can be stored into the registry, which is the most common way for Windows programs, or into XML file. A program source code is also available. FilleZilla is a program suitable both for beginners and experienced computer users.
Author: Jirka Dvořák