FTP protocol. Examples of network file services: FTP and NFS What is the name of the service supported by ftp

Hello, dear readers of the blog site. The next step towards understanding the mechanism of information transfer on the Internet will be the study of FTP, through which you can, among other things, work with any files on remote server.

.jpg

Or apply a more complex option if a port other than 21 is used:

ftp://login: [email protected] website:35/images/file-1.jpg

However, using a web browser in this context will only allow you to view or download the files of interest. In order to take full advantage of all the advantages of FTP, you should use specialized software like Filezilla () as a client:

To connect through an already configured FileZilla client to a remote server, you must enter the hostname, which is used, corresponding to its domain ( and ), username, password and port.

By the way, the article about Filezilla provides not only standard information, but also practical advice on how to eliminate its security vulnerability (despite a lot of advantages, it has such problems, however, like other programs of a similar profile), so I strongly recommend read this material by clicking on the link provided above.

But let's continue. Schematically, the client-server interaction during an FTP connection can be visualized as follows:

If you paint this process point by point, you get something like this:

1. The user activates the client application and connects to the server by entering a username and password.
2. A control connection is established between the corresponding modules - protocol interpreters from the client and server sides.
3. The user through the client sends commands to the server that define various parameters of the FTP connection ( active or passive mode, port, type of data transfer, their type), as well as directives for actions that the user intends to perform (for example, delete, rename, upload a file, etc.).
4. After all the necessary parameters are set, one of the participants (for example, a client), which is passive, becomes in the waiting mode for opening a connection to the port that is set to transmit information. The active participant then opens the connection and starts transmitting data over the designated channel.
5. Upon completion of the transfer, this connection is closed, but the control channel between the interpreters remains open, as a result of which the user within the same session can reopen the data transfer.

If the user is the administrator of the site, which is located on a remote server, then after authentication and connection, he is able to perform any possible actions.

However, there are quite a few free FTP servers on the Internet, which are essentially libraries of various kinds of files that are designed to store and download text documents, music, photos, videos, software distributions, etc.

In this case, the registered user, after authorization, has very limited access to certain directories and can only perform certain specified operations with their contents (say, view and download files).

In addition to the standard connection to the server, which involves entering authentication data, there is concept of anonymous FTP when any user can connect to the server without providing personal data. If you use a browser as a client, then the file access address can be simplified and presented as follows:

Ftp://site/images/file-1.jpg

In practice, with anonymous FTP, the commonly known word “anonymous” is used as a login for access, and an email address is used as a password, which, however, is not checked in most cases.

Secure FTP (SFTP, FTPS and using SSH)

This protocol was not originally conceived as secure, as it was developed back in 1971 and was initially used only in the APRANET research network, which had access to only a few military facilities and universities.

But with the development of the World Wide Web, the aforementioned APRANET became its part, and, consequently, the FTP technology migrated there as well, since it had many advantages. However, at the same time, the risk of unauthorized access has increased by several orders of magnitude.

Therefore, there was an urgent need to protect servers from various kinds of attacks. Regular FTP does not have the ability to transfer data in encrypted form, as a result of which usernames, passwords, commands and other information can, if desired, be easily intercepted by intruders.

For this reason, several methods have been developed to encrypt information transmitted via FTP. Together, all these methods received a generalizing and capacious name. "Secure FTP". Here are the types of protocol that correspond to this term:

1. FTPS(FTP + SSL) - in fact, this is an extension of the standard file transfer protocol, which is provided by the cryptographic protocol SSL (Secure Sockets Layer - the level of secure sockets). Today, its more advanced counterpart is TLS (Transport Layer Security - transport layer protection). There are two ways to provide security:

1.1. Implicit is obsolete and uses a standard protocol that requires the use of SSL or TLS, which can encrypt information. With this method, it is mandatory to use ports other than the usual ones, which creates inconvenience because it breaks the compatibility of clients and servers that do not support FTPS.

1.2. Explicit- much more convenient, as it uses the commands of the standard FTP protocol, but encrypts the information when sending the response, which allows you to maintain compatibility, since in this case the same ports are used for both FTPS and FTP. In this case, the AUTH TLS or AUTH SSL command is sent by the client to encrypt the data.

2. SFTP(SSH FTP) is an application layer file transfer protocol that runs over a secure channel and should not be confused with "Simple File Transfer Protocol" which has the same acronym. If FTPS is just an extension of FTP, then SFTP is a separate and unrelated protocol to FTP, which comes with SSH (Secure Shell).

The main thing that distinguishes it from standard FTP and FTPS is that SFTP encrypts absolutely all commands, usernames, passwords and other confidential information. Since this is a completely different configuration, FTP (FTPS) clients cannot connect to the SFTP server.

3. FTP over SSH- produces a regular FTP session through an SSH tunnel, that is, this option should not be confused with SFTP, which is a separate independent protocol. This method is not 100% safe. Why?

The fact is that if several SSH clients establish a tunnel for the control channel, which is initially carried out through port 21 (and this situation is almost always observed), then this channel will be protected. When transmitting data, the client software will open new TCP connections that will no longer be affected by the SSH security shell.

I hope you are not confused by all these options for secure protocols. In order to somehow facilitate understanding, let me make a brief summary. Objectively providing the highest degree of protection is SFTP. Explicit FTPS is slightly inferior to it in reliability, but it is more convenient because it allows you to use regular ports. Which one to choose depends on the type of task you are facing and, of course, the server settings.

One of the oldest network protocols is FTP. What is it intended for, what is its role in the network "communication" of computers, how does it work this protocol and whether it is worth using it - you will find answers to all these questions in the article below.

What is the essence of FTP technology

The modern FTP protocol is used a little differently than before. Initially, it was developed to work with large amounts of data. Therefore, not only the FTP protocol was invented, but also the FTP archive. Now the latter has become a global repository for many files hosted on servers around the world. The archive is formed from a large number of FTP servers and there are special search engines, which allow you to search data by hosts, such as Napalm or FileSearch.

Not every part of the FTP archive can be accessed by an outsider through a search engine. There is a server with different access levels. Many people know FTP as a protocol that is needed to upload a site to a hosting, that is, which is necessary for confidential use. FTP archives are used for exactly the same purposes for commercial organizations that store some kind of secret information in them.

But there are also many public FTP archives, which are similar to file sharing. It is for such archives that special search engines have been created - so that users can immediately find files, and not articles with a long description of programs or games, instead of the applications themselves.

What is the purpose of the FTP protocol

The FTP protocol is intended for data transfer between the client and the server. It is called “data transfer protocol”. Since it has been in use for a very long time, FTP has become one of the Internet standards. The protocol was first used in 1971. During its existence, it has changed a lot. Some features have been removed, and emphasis has been placed on the fact that FTP is well suited for exchanging data between remote computers. Over time, it was made more convenient for ordinary users. After all, you can enter the FTP server either using a special program or using standard services. operating systems. For example, you can even connect to an FTP server using standard Windows Explorer.

In addition, FTP is designed to distribute access rights between server users. Different server users have their own set of rights. For example, some can only read data, while others can move, rename, edit, and upload files to the host. Since creating an FTP server is as easy as using it, many users use this protocol to create remote access to your computers.

Some people confuse FTP and TCP. Although these concepts cannot be compared. FTP is a protocol and TCP is the channel over which it operates. And this channel is established between the server device and the client device. “Device” and not a computer, because FTP can also be used on smartphones using special programs, not just on PC.

Keep in mind that FTP is a good protocol for working on a remote computer if you need to upload some data there, or vice versa - download it.

But this protocol is not at all suitable for transferring confidential information. That is why the developers of the Yandex Disk service refused to use FTP as the main protocol, and chose WebDAV instead. FTP is an open protocol that does not encrypt data. And even if you set password authentication for clients on the server, the data that they enter during authorization will be transmitted to the host in clear text. That is, it is worth intercepting them, and attackers will be able to penetrate the server.

How the FTP protocol works

In general, the FTP protocol model is very simple, so you should not have problems while using it. The most banal model is when the user uses an interpreter program. With it, you can execute all commands in a convenient interface, so you don’t have to know them and enter them into the terminal. You issue commands to the interpreter, and it sends them to the server via a control connection. The control connection works in the TELNET protocol. Thus, by establishing contact with the server interpreter, the user is authorized on the host and is able to use more commands.

The set of commands transmitted over the control connection determines the behavior of the server and client, as well as the data transfer process. In addition, commands can be used to control file system client and server.

For data transmission, another channel is used, different from the control one. But the latter initiates a data connection call. The principle of operation of the data connection differs from the operation of the control channel, because the server initiates the exchange of files and data. Although this connection can be used in both directions: both for receiving and for transmitting data.

But what is the general algorithm of work for any FTP protocol on the server:

1. The server is always in some state of waiting on the part of the user. At any time, the client can connect to the server, so the control channel keeps port 21 open. It is on it that all control commands go. Port 21 is set by default, but it can be changed. Then the user will have to enter the port number manually, otherwise he will not be able to access the control channel.
2. After connecting through the control channel port, the program on the client side can issue commands to the server interpreter. These commands determine both changes within the server's file system and the method of data transfer, their content, volume, type of operation mode, and much more.
3. After all commands for data transfer are agreed, one of the participants in the connection becomes in passive standby mode (server or client). It waits to be given a port number in order to open it and receive or send data on it.
4. After the end of the data transfer process, the connection is closed, but the control channel remains open. This allows the user to do everything again: give a command to the server and start transferring data again. There is no need to re-create the session. That's why FTP works with two types of connections.

Since this is the most banal model of how the FTP protocol works, there are more complex cases. For example, when not the user works with the server, but the server with the server. In this case, the client manages data transfer directly between servers, without intermediaries. And there are a lot of similar examples of server-client configuration. This is one of the advantages of the FTP protocol - the flexibility of work.

The main thing to understand about the operation of the FTP protocol is the interaction of connections and ports. Most errors while working on this protocol are due to the fact that one of the parties to the connection has not configured its port. There is a passive and an active side of the protocol. The passive one should listen carefully and wait until the active one transmits the port number, which must be immediately opened. If the port is not opened, data transfer will not start.

Do not think that you have to manually wait for some commands from the active participant in the connection - this is all done automatically. Problems appear when, for example, one or another port is already occupied on your computer, or it is blocked for incoming / outgoing connections. At such moments, you will have to “roll up your sleeves” and manually configure the computer so that it can work correctly using FTP.

What commands does the FTP protocol use

Most likely, you will not need them in your work, since you will use the user agent in the form of a program with a convenient interface. One such program is FileZilla. But anything happens. Perhaps you will only have Far Maneger at hand, where everything needs to be done through the terminal. In this case, you should be familiar with the basic commands for FTP.

To connect to the server, you will need to use the USER command. It is necessary to indicate the name of the user who wants to open a session with the server. After you enter the user ID in the USER command, you need to enter a login password. To do this, use a special command - PASS.

One of the most popular features with which you can "travel" around the server is CWD. The command is needed so that you can move between server directories. To use the command, enter CWD followed by the path of the directory you want to go to.

If in some case you need to reinitialize, that is, omit all the data and settings of the current connection, then use the REIN command. During its use, the data transfer does not stop, and the transfer parameters remain the same as they were before the REIN command. Or you can do it in an even more radical way - close the control connection with the QUIT command. It also does not interrupt the data transfer, and only after the download is completed, the session is completely interrupted.

In order to register a port in active mode, that is, assign it to a passive member, you need to use the PORT command. The problem is that this command is very difficult to write - you will need to specify 32 bits of the server IP and 16 bits of the port number, which is quite inconvenient. Therefore, it is better to find a way to use a simplified client to work via the FTP protocol, so as not to burden yourself too much. In such a client, changing the port number is a trifling matter. It is enough to go to the settings, find the desired item and enter a different number instead of the current one.

You will use the RETR and STOR commands to transfer data from and to the server. The first command is needed in order to send the selected file to the client device, and the second one to the server. And to rename a file, you need to use two consecutive commands. Write RNFR first with the old filename, then RNTO with the new filename. You will also need the DELE command, which is needed to delete data from the file system, or rather the file that is currently selected.

Other commands are used to remove directories. To delete a highlighted directory, you will need the RMD command. And to create a new folder, use the MKD string. Also, users often need a function to view the files that are in the directory. To do this, use the LIST or NLST command.

What are the analogues of FTP

The FTP data transfer protocol has its direct "heirs", that is, protocols that are formed from FTP. These are two protocols: TFTP and SFTP. The first protocol is not the most popular, because it is very limited in terms of commands. It is much less suitable for managing the server's file system than FTP. You won't even be able to list the files in a directory with it. TFTP is needed only to transfer the simplest 8-bit information, no more. And in this protocol, there are only 5 commands that are needed to read, write, request a data packet and other simple operations.

But the SFTP protocol is much more successful than TFTP and, in some cases, than FTP. The fact is that this is a secure FTP protocol. It is a combination of an encrypted SSH connection and FTP data transfer protocol. In addition, SFTP eliminates many unnecessary features that were introduced to FTP a long time ago, but are not used by anyone. Therefore, SFTP is safer than FTP, and at the same time more modest in the good sense of the word. It is recommended to choose exactly SFTP in those cases when you work with some kind of confidential data. Then even if hackers intercept the data sent over the control connection, they will still be encrypted and will not bring any value to the hackers.

And it is better to use the FTP protocol in normal client programs, and not in the terminal. After all, this way you will significantly speed up the work on the data transfer protocol and get access to its more sophisticated functions.

Can't solve the test online?

Let us help you pass the test. Familiar with the peculiarities of taking tests online in Systems distance learning(LMS) more than 50 universities.

Order a consultation for 470 rubles and the online test will be passed successfully.

1. A group of web pages owned by the same Company, organization or individual and linked by content
website
server
host
folder
domain

2. WEB - pages have the extension ...
.NTM
.TNT
.WEB
.EXE
.WWW

3. Method of connecting to the Internet, providing the greatest opportunities for access to information resources
permanent fiber optic connection
remote access via telephone channels
permanent connection on a dedicated channel
dial-up terminal connection
temporary telephone access

4. To store Files intended for the general access of network users, ...
host computer;
file server
work station
client-server
switch

5. The Transport Protocol (TCP) provides...
splitting files into IP packets in the process of transmission and reassembling Files in the process of receiving
receiving, transmitting and issuing one communication session
providing the user with already processed information
delivery of information from the sending computer to the receiving computer
splitting Files into IP packets in the process of transmission and reassembling Files in the process of receiving

6. The configuration (topology) of a local computer network in which all workstations are connected to the File Server is called ...
annular
radial (star-shaped)
tire
treelike
radial-annular

7. The data transfer rate over a communication channel is measured by the number of transmitted ...
bytes per minute
bits of information per second
words per minute
characters per second

8. The Internet FTP service is for...
creating, receiving and transmitting WEB pages
ensuring the functioning of e-mail
ensuring the work of teleconferencing
receiving and transmitting files of any format
remote control of technical systems

9. In the OSI model, all network functions are divided into ... levels.
8
7
6
5

10. Top-level domain corresponding to the Russian segment of the Internet
ha
su
us
en

11. A computer connected to the Internet must have ...
IP - address
WEB - page
home WEB page
Domain name
URL - address

12. Information and computing systems (networks) according to their size are divided into ...
local, regional, global
terminal, administrative, mixed
wired, wireless
digital, commercial, corporate

13. The layer of the OSI model that provides services that directly support user applications is called ... layer.
applied
representative
session
transport
network

14. The sign "Network topology" characterizes ...
wiring diagram in the network (servers and workstations)
how the network works
network depending on its size
composition of technical means

15. The provider is ...
Internet connection device
Internet Service Provider
Internet service consumer
Internet connection agreement

16. A network protocol is...
set of agreements on interactions in a computer network
sequential recording of events occurring in a computer network
rules for interpreting data transmitted over a network
rules for establishing communication between two computers on a network
coordination of various processes in time

17. Email(e-mail) allows you to send ...
messages and attachments
text messages only
executable programs
www pages
exclusively databases

18. Local area network (LAN) is ...
computer network operating within a division or divisions of an enterprise
unification of computer networks at the state level
network operating within the same subject of the federation
planetary interconnection

19. The reference model for the exchange of information of an open system is called the model ...
ISO
OSI
OIS
OIOS

20. The global computer network is ...
hyperlinked information system
a set of computers connected by information transmission channels and located within the same room, building
collection of host computers and File Servers
a system for exchanging information on a specific topic
totality local networks and computers located at long distances and connected via communication channels into a single system

VBScript script iisftp.vbs , which allows you to manage FTP services through the command line.

The Computer Management Console is used by administrators who manage their Windows servers using MMC. The Computer Management snap-in is also used for remote administration, since it can be run on a workstation and connected to an administered server.

The iisftp.vbs script provides the same administrative functionality as Computer Management , including the ability to remotely manage a host. The iisftp script allows you to automate tasks using a script or by interacting with other scripts. The script is used to perform FTP server programmatic actions based on script logic and can be run task scheduler or user.

Let's take a closer look at the MMC Computer Management snap-in.

1. From the Start menu, select All Programs\Administrative Tools\Computer Management (Programs\Administrative Tools\Computer Management).
2. Click the Services And Applications icon.
3. Click the Internet Information Services (IIS) Manager icon, then click the folder named FTP Sites.
4. If the FTP Sites folder is missing, then the FTP service is probably not installed. The installation of FTP services needs to be well thought out and planned because IIS is not installed by default when IIS is installed. To install the FTP service, open the Control Panel.
5. Select Add And Remove Programs.
6. On the left side of the Add And Remove Programs window, select Add And Remove Windows Components. Will open Windows window Components Wizard (Windows Component Wizard).
7. From the Windows Component Wizard list, select Application Server, then click the Details button.
8. In the Application Server window, in the Subcomponents Of Application Server list, select Internet Information Services. Then click on the Details button.
9. In the Internet Information Services window, the File Transport Protocol (FTP) entry will appear highlighted in the Subcomponents Of Internet Information Services list. Click it to install FTP services.

In the MMC, expand all the icons associated with the desired sites to display the hierarchical relationship of services and site configuration occurrences. After installing the FTP service, expand the FTP Sites node to display the site's FTP sites. Click on any of the FTP sites (if any) to display the virtual directories of the FTP site (if any). During the initial installation of the FTP Services component (FTP services), a default FTP site is created with the name Default FTP Site ( FTP - default site).

To execute the iisftp.vbs script, select Start / Run (Start / Run), enter the command in the line cmd and press the OK button. Run the iisvbs script in the command window that opens. When running the iisftp.vbs script directly from command line Run will open a command window, execute the command, and close the window. Thus, feedback is excluded, and you will not know about the success or failure of the command. Running iisvbs in an open command window will provide status information about the operation. The window will remain open after the command finishes, and you can view the results.

In the command window, type iisftp with the switches and arguments that determine what the script does. The iisftp.vbs script is located in the \Windows\System32\ directory; the PATH variable set on the server describes this location, so you do not need to enter the full path to the script. For help with iisftp, run the following command:

The screen will display help information about the script keys, arguments, and actions performed using certain keys and arguments.

Introduction to Windows Script Host

Windows Script Host (WSH) is a software component of the operating Windows systems An that handles scripts. Scripts allow you to generate output for dialog or command windows. Executable The WSH that processes the script using the window is called Wscript.exe . The WSH executable that processes the script using the command window is called Cscript.exe . Windows uses one of these files by default for script processing. The default setting can be changed with the following command:

<имя файла WSH для обработки сценария>//h:<имя файла WSH для обработки сценария>

For example, to configure WSH to use command windows as the default script executor, run the following command:

CScript //h: CScript

Different scenarios require different actors. Administrators tend to prefer the CScript executor. For the iisftp script, this executor is required. If WS03 is configured to use Wscript by default, the first time you run iisftp, a dialog box will appear stating that Cscript is required to run the script. After closing it, a second dialog box will appear prompting you to change default setting WS03 to use CScript. Clicking the Yes button will install CScript as the standard WSH executor. When restarted, the iisftp script will be executed using CScript .

File Transfer Protocol (FTP) based network file service is one of the earliest services used to access remote files. Prior to the advent of the WWW service, it was the most popular remote data access service on the Internet and corporate IP networks. The first FTP specifications date back to 1971. FTP servers and clients are available in almost every UNIX operating system, as well as in many other network operating systems. FTP clients are built into Internet browsers today because FTP-based file archives are still popular and the browser uses FTP to access such archives.

The FTP protocol allows you to move the entire file from a remote computer to a local one and vice versa, that is, it works according to the upload-download scheme. In addition, it supports several commands for browsing a remote directory and moving through directories on a remote file system. Therefore, FTP is especially convenient to use for accessing those files whose data does not make sense to view remotely, but it is much more efficient to move them entirely to the client computer (for example, files of application executable modules).

The FTP protocol has built-in primitive means of authenticating remote users based on the transmission of a password in cleartext over the network. In addition, anonymous access is supported that does not require a username and password, which is more secure because it does not expose user passwords to the threat of interception.

The FTP protocol is implemented according to the client-server scheme. The FTP client consists of several functional modules:

User Interface -- A user interface that accepts character commands from the user and displays the status of an FTP session on a character screen.

User-Pi -- user command interpreter. This module interacts with the corresponding FTP server module.

User-DTP is a module that transfers file data by commands received from the User-Pi module via the client-server protocol. This module interacts with the client's local file system.

The FTP server includes the following modules:

Server-Pi -- a module that accepts and interprets commands transmitted over the network by the User-PL module

Server-DTP -- a module that controls the transfer of file data on commands from the Server-PL module Interacts with the server's local file system.

The FTP client and server support two sessions in parallel, a control session and a data transfer session. The control session is opened when the initial FTP connection between the client and the server is established, and during one control session, several data transfer sessions can be sequentially performed, within which several files are transferred or received.

The general scheme of interaction between the client and the server is as follows:

1. FTP server always opens TCP control port 21 to listen, waiting for a request to establish an FTP control session from a remote client.

2. After the control connection is established, the client sends commands to the server that specify the connection parameters:

client name and password;

the role of the participants in the connection (active or passive);

data transfer port;

transmission type;

type of transmitted data (binary data or ASCII code);

3. After the parameters are negotiated, the passive participant of the connection switches to the waiting mode for opening a connection to the data port. The active participant initiates this connection and starts the data transfer.

4. After the data transfer is completed, the data port connection is closed, while the control connection remains open. The user can activate a new data session over the control connection.

The FTP client selects the data transfer ports (by default, the client can use the control session port for data transfer), and the server must use a port that is one less than the client's port.

The FTP protocol uses several commands to communicate between the client and the server (they should not be confused with the client user interface commands that a person uses).

These commands are divided into three groups:

system access control commands;

data flow control commands;

FTP service commands.

The set of access control commands includes the following commands:

USER -- Delivers the client's name to the server. This command opens a control session and can also be sent in an open control session to change the username.

PASS - Passes the user's password in plain text.

CWD -- Changes the current directory on the server.

REIN -- reinitializes the control session.

QUIT -- ends the control session.

Flow control commands set data transfer parameters:

PORT -- defines the address and port of the host that will be an active participant in the connection when transferring data. For example, the command PORT 194,85,135,126,7,205 sets the active member to host 194.85.135.126 and port 1997 (calculating the port number is not trivial, but it is quite unambiguous).

PASV -- designates a host as the passive member of a data connection. In response to this command, a PORT command must be sent, indicating the address and port that is in idle mode.

TYPE -- Specifies the type of data being transferred (ASCII code or binary data).

STRU -- defines the structure of the transmitted data (file, record, page).

MODE -- sets the transfer mode (stream, blocks, etc.).

As can be seen from the description, the FTP service can be used to work both with structured files, divided into records or pages, and with unstructured ones.

The FTP service commands initiate actions to transfer files or browse a remote directory:

RETR -- Requests a file transfer from the server to the client host. The command parameters are the file name. An offset from the beginning of the file can also be specified - this allows the file transfer to start from a specific location if the connection is disconnected unexpectedly (this parameter is used in the user interface reget command).

STOR -- Initiates a file transfer from the client to the server. The options are the same as the RETR command.

RNFR and RNTO -- renaming commands remote file. The first one takes the old filename as an argument, and the second one takes the new one.

DELE, MKD, RMD, LIST -- these commands respectively delete a file, create a directory, delete a directory, and list the files in the current directory.

Each FTP protocol command is transmitted in plain text, one command per line. The string ends with CR and LF ASCII characters.

The user interface of an FTP client depends on its software implementation. Along with traditional clients that work in symbolic mode, there are also graphical shells that do not require the user to know symbolic commands.

Character clients typically support the following basic set of commands:

open hostname -- open a session with a remote server.

bye -- end the session with the remote host and exit the ftp utility.

close -- end the session with the remote host, the ftp utility continues to run.

ls (dir) -- print the contents of the current remote directory.

get filename -- copy the remote file to the local host.

put filename -- copy a remote file to a remote server.