| The
best thing you can do to "see" it yourself is to grab a packet
sniffer which you will conveniently find in our download section and
try to capture a few packets while you're ftp'ing to a site.
Both
Ports - 20 and 21
- Active FTP Mode
I have
included a screenshot from my workstation which clearly shows the 2
ports used. In the example, I have ftp'ed into ftp.cdrom.com. Please
click here to view
the full picture
Only
Port 21 - Passive FTP Mode
Now, in
the next picture I ftp'ed into my NetWare server here at home and guess
what .... Only Port 21 was used ! Here
is the screen shot:
Please
click here to view
the full picture.
Let
me explain why this is happening:
FTP has
two separate modes of operation: Active
and Passive. You will use either one depending
on whether your PC is behind a firewall.
Active
Mode FTP
Active
mode
is usually used when there isn't any firewall between you and the FTP
server. In such cases you have a direct connection to the Internet.
When you (the client) try to establish a connection to a FTP
server, your workstation includes a second port number (using the PORT
command) that is used when data is to be exchanged, this is known as
the Data Channel.
The FTP
server then starts the exchange of data from its own port
20 to whatever port was designated by your workstation (in the
screen shot, my workstation used port 1086), and because the server
initiated the communication, it's not controlled by the workstation
client. This can also potentially allow uninvited data to arrive to
your computer from anywhere posing as a normal FTP
transfer. This is one of the reasons Passive FTP
is more secure.
Passive
Mode FTP
Using normal
or passive FTP, a client begins a session
by sending a request to communicate through TCP port
21, the port that is conventionally assigned for this use at
the FTP server. This communication is known
as the Control Channel connection.
At this
point, a PASV
command is sent instead of a PORT command.
Instead of specifying a port that the server can send to, the PASV
command asks the server to specify a port it wishes to use for the Data
Channel connection. The server replies on the Control Channel with the
port number which the client then uses to initiate an exchange on the
Data Channel. The server will thus always be responding to client-initiated
requests on the Data Channel and the firewall can correlate these.
It's simple
to configure your client FTP program to use either Active
or Passive FTP.
For example, in Cute FTP, you can set your program to use Passive FTP
by going to FTP--> Settings --> Options and then selecting the
"Firewall" tab :
If you
remove the above options, then your workstation will be using (if possible)
Active FTP mode, and I say "if possible" cause if your
already behind a firewall, there is probably no way you will be using
Active FTP, so the program will automatically
change to Passive FTP mode.
So let's
have a look at the process of a computer establishing an FTP
connection with a server: .
........ ..........
The above
is assuming a direct connection to the FTP server. For simplicity reasons,
we are looking at the way the FTP connection is created and not worring
if it's a Passive or Active FTP connection. Since FTP is using TCP as
a transport, you would expect to see the 3-way
handshake. Once that is completed and there is data
connection established, the client will send its
login name and then password. After the authentication
sequence is finished and the user is authenticated
to the Server, it's allowed access and is ready to leach
the site dry :)
Finally,
below are the most commonly used FTP commands:
ABOR: abort
previous FTP command
LIST and
NLST: list file and directories
DELE: delete
a file
RMD: remove
a directory
MKD: create
a directory
PWD: print
current working directory ( show you which dir. your at)
PASS: send
password
PORT: request
open port number on specific IP address/port number
QUIT: log
off from server
RETR: retrieve
file
STOR: send
or put file
SYST: identity
system type
TYPE: specify
type (A for ASCII, I for binary)
USER: send
username
And that
just about complete's our analysis on the FTP protocol ! |
