Foreword
Just a week ago, I wrote an essay on the topic indicated in the title and was faced with the fact that, let's say, there is not so much cognitive information on the network. Mostly dry facts and setup instructions. Therefore, I decided to slightly correct the text and put it as an article.
What is FTP?
FTP (File Transfer Protocol) is a file transfer protocol over a network. It is one of the basic Ethernet protocols. It appeared in 1971 and initially worked in DARPA networks. At the moment, like HTTP, file transfer is based on a model consisting of a set of TCP / IP (Transmission Control Protocol / Internet Protocol) protocols. Defined in RFC 959.
The protocol defines the following:
- How will error checking be carried out?
- Data packaging method (if packaging is used)
- How the sending device reports that it has completed the message
- How the receiving device reports that it received a message
Client-Server Interaction
Consider the processes occurring during the operation of FTP in more detail. The connection is initialized by the user protocol interpreter. Exchange management is carried out through the control channel in the TELNET standard. FTP commands are generated by the user protocol interpreter and transmitted to the server. Server responses are also sent to the user via the control channel. In general, the user is able to establish contact with the server protocol interpreter and means different from the user interpreter.
FTP , . TCP- 21, . , . . . . , . , , .
FTP , . TCP- IP- , , TCP- . , TCP-, . , PASV, IP- , .
, . . , .
:
- ASCII – . , , - « ASCII», ( , ) . , . , , .
- – - , . FTP.
- EBCDIC – EBCDIC. ASCII-.
- – ASCII.
:
- – , FTP . TCP. , .
- – FTP ( , , ) TCP.
- – ( ).
FTP server – , . , -:
FTP client – , FTP . , , , - URL:
ftp://user:pass@address:port/directory/file
, - . , FTP, .
FTP- / . USER, – PASS. , . , , , .
, FTP-, FTP. «anonymous» ( FTP-) . , . FTP-, , .
«-» FTP- :
FTP
FTP , . . . 1999 RFC 2577 :
- (bounce attacks)
- - (spoof attacks)
- (brute force attacks)
- , (packet capture, sniffing)
- (port stealing)
FTP , , , . — «», TLS- (FTPS) , , SFTP/SCP, Secure Shell.
FTPS
FTPS (FTP + SSL) – , SSL (Secure Sockets Layer — ). TLS (Transport Layer Security — ).
SSL
SSL Netscape Communications 1996 -. ( ) , HTTP, FTP Telnet.
SSL Handshake : . . -, . - , , - .
, -. , , , , .
SSL . RSA. : RC2, RC4, IDEA, DES TripleDES. MD5 — . X.509.
SSL, - . , , , , . , , SSL, ; , , SSL - , .
SSL-
SSL :
FTPS
FTPS, :
- SSL , , , FTP . , FTPS, TCP- 990, — 989. 21 FTP. .
- – , FTP, , FTP, FTPS. , . , FTPS , . RFC 2228 FTP AUTH. , , . , 504. FTPS FEAT, , . FTPS AUTH TLS AUTH SSL, TLS SSL .
SFTP
SFTP (Secure File Transfer Protocol) – , . (Simple File Transfer Protocol), . FTPS FTP, SFTP , SSH (Secure Shell – ).
Secure Shell
IETF Secsh. SFTP , . . , , 14 2006 ( SSH) .
SSH – , TCP- (, ). Telnet rlogin, , , , . SSH . SSH- SSH- .
SSH . , , (, -). SSH , , , X WindowSystem.
, SSH-1, 1995 (). SSH-1 , rlogin, telnet rsh. 1996 , SSH-2, SSH-1. , 2000 . «SSH» SSH-2, .. . 2006 IETF -.
SSH: . OpenSSH. 2006 80 % OpenSSH. SSH Communications Security, Tectia, . .
SSH-2, telnet, («»), « ». SSH-2 (. sessionhijacking), .
« » , , « » (. keyfingerprint). « » , .
SSH UNIX- , ssh. SSH- -UNIX . , Telnet .
SSH
SSH SSH- SSH-. , . .
FTPS
, SFTP FTP FTPS, , SFTP , , .
FTPS SFTP (RSA, DSA), (DES/3DES, AES, Twhofish ..), . FTPS (, , SSL / TLS FTP) X.509, SFTP (SSH ) SSH .
X.509 . , , , . X.509 , .
SSH ( ). . SSH X.509 , — ( ).
FTP, , . , . , . , , - .
In turn, its protected versions solve the problem of confidentiality of stored and transmitted data in the modern world. Both new protocols have their pros and cons and perform slightly different roles. In those areas where a file archive is needed, it is preferable to use FTPS, especially if classic FTP was already used there before. SFTP is less common due to its incompatibility with the old protocol, but it is more secure and has more functionality, as it is part of a remote control system.
List of sources