Have you ever heard of “what is FTP” or what is the protocol behind transferring files on a computer network? FTP stands for File Transfer Protocol (FTP), and this is the network protocol which helps to transfer computer files from one host to another. It is a standard protocol which works on TCP/IP based network such as the Internet. It is not as popular as HTTP or Email, but still, it is useful in many cases.
FTP is an interactive, connection-oriented client/server protocol. The data transferred using FTP protocol is in the form of plain-text, so it is vulnerable. As cyber security became paramount, this insecure behavior of FTP led to the advent of secure protocols like FTPS and SFTP which encrypt the data and credentials end to end.
So, let’s discuss “what is FTP,” its origin and functioning.
Origin of FTP
Ftp was developed by Abhay Bhushan on 16 April 1971 while he was a student at MIT. It was published as RFC 114. RFC stands for Request For Comments which is a formal document drafted by the Internet Engineering Task Force (IETF) defining the specifications for any technology.
It was later replaced by a TCP/IP version through RFC 765 (June 1980) and RFC 959 (October 1985) that is the current specification.
So, what is FTP?
FTP (File Transfer Protocol) is one of the oldest and universal protocols used for the uploading, downloading, moving or copying files from one host to another. This protocol is a part of OSI (Open System Interconnection ) and TCP/IP reference model. It uses simple application layer semantics and can transfer large files at one time that is difficult to share via mail and other services.
It is interoperable with any operating system, web application and software packages that allows it to store and retrieve any content or data.
Ftp helps the applications and users to share data among themselves within a network or even remotely with the help of the Internet.
It follows client-server architecture like Email or HTTP where we have the FTP client on one side and FTP server on another side. In this client-server architecture, the client is the one who is going to request some services (services like downloading or uploading files) from the server, and the server on receiving the request, reply with the requested services.
The interaction between the FTP client and FTP server is set on TCP protocol (just like HTTP and email) at the transport layer so that it is connection oriented and reliable.
How does FTP work?
Now as you understood what is FTP, let’s get in-depth information about the FTP working. TCP/IP (Transmission Control Protocol/Internet Protocol) plays a vital role underneath FTP in the transferring of files from one host to another.
TCP/IP suite allows a reliable connection so that the data reaches the destination successfully. It uses a function called Auto Resume which means that if by any chance the download or upload is hindered, then on re-connection the process starts from the same instant from where it stopped.
For the exchanging of data the FTP requires two channels, namely:
- Control Channel
- Data Channel
As stated earlier, ftp works on the client and server model. Client or also called FTP client is a software utility that establishes a connection between a host computer and remote server. The FTP client helps by providing bi-directional transmission over a TCP network or internet.
At the server side, the communication begins where the Server-PI (Server-Protocol Interpreter) ‘listens’ on the specific well-known port used for FTP that is port number 21, this helps in the initial connection of the client and server.
Control channel is used for authorization purpose (sign-in with username and password), browsing the directory listings (list of files in current directory). This channel is kept open during a session.
How is this control channel formed? The client uses the Client-PI (Client-Server Protocol) and receives the acknowledgment from the server. By sending the reply ‘Control Channel’ is built where the credentials, remote directory, basic commands and ‘AUTH’ commands including passwords are exchanged.
After the control channel is built, next is transferring data through the ‘Data Channel.’ While the data is being transferred, the control connection must always be in the active condition. Multiple data and file variants are used allowing flexibility for various file transfers. Data connection is initiated at port number 20.
Data channel is closed after each transfer (one file per connection).
Active and Passive mode
FTP supports two modes of operation, one is the active mode, and the other is passive mode.
In active mode, the client will first establish the control channel. For this case, let’s say port 1026 is assigned by the client Operating system and it is going to contact the server on the designated port 21. And once this TCP connection is established, it will sign-in through username and password using commands USER and PASS respectively.
Now, if the client wants to know what are the files present in the main directory, it will use the command LIST. But the client knows that the server will send the directory listing, not on this control channel, it needs a separate data channel for this.
So, before client can even run LIST command, it has to specify to the server, the port on which it is ready to receive the data. For this, client will designate one such port and send this information via the PORT command to the server.
When the server receives this, it is going to acknowledge it and establishes another TCP connection. After the connection is established, the server is going to pass on the directory listing on this particular channel (Data channel).
In a nutshell, we can say that the client establishes the Control channel but the Data channel is established by the server
In passive mode also, the client is going to contact the server on port 21. It will send USER, PASS commands as it did in Active mode. But when it wants the directory listing, instead of sending the port information, it’s going to send PASV (passive) command.
As a consequence of receiving this PASV command, the server is going to say OK and pass on a port information corresponding to some other port on which the server is going to listen.
Now once the client receives the port information of the server, the client establishes a TCP connection to the server on this particular port.
In a nutshell, we can say that the client establishes both the channel.
What to use? Active Mode or Passive Mode?
If you have a firewall (e.g., built-in Windows firewall) or NAT router (e.g., ADSL modem), where incoming connections from outside are blocked, then you need passive mode. Else active mode should be used.
How can FTP be implemented?
FTP can be implemented through Command-line and also in GUI (Graphical User Interface) based systems. For the implementation of FTP in GUI, there are various FTP client software programs available.
These software programs are easy to manage because it is provided with buttons and menus and thus help in the process of transferring files. Some of the popular software are FileZilla client, FTP Voyager, WinSCP, CrossFTP, etc. Even web browsers (ftp://) will let us download files from a given server through the FTP protocol.
By the way, by default, most Operating systems and Browsers include a built-in FTP client. In the Command-line interface, we have to enter a set of commands.
Is ftp secure?
As FTP uses plain-text for username and password, it has considerable risks given that a hacker may steal the credentials or even the data. Back in the 1990’s, FTP went through a significant upgrade, and it started involving encryption for the secure transmission. Currently, we have two secure FTP protocols namely:
FTPS (File Transfer Protocol Security)
FTPS is an extension of FTP which uses SSL (Secure Socket Layer) or TSL (transport layer security) for the encryption of all the data transferred through both of the channels.
Much like HTTPS, FTPS servers should also provide a public key certificate. Tools like OpenSSL can be used to request or create such certificates.
As a trusted certificate authority signs the certificates, this provides assurance of avoiding a man-in-the-middle attack. If the certificate is self-signed or not signed by a trusted CA, the FTPS client will generate a warning and give a choice to either accept the certificate or reject the connection.
In a nutshell, FTPS mainly enables standard FTP communication on top of an SSL-based security connection.
It is also known as FTP Secure.
SFTP (Secure File Transfer Protocol)
SFTP is based on entirely different security protocol which is SSH (Secure Shell). Because of use of ssh, it is also called as SSH File Transfer Protocol.
Unlike FTP, SFTP uses only one in-line connection and encrypts the authentication credentials as well as the original data that is being sent. It does not has separate control and data channels and uses only one channel for both control and data file transfer.
It is more secure as it generates SSH keys involving generation of the private key and then the public key, where the public key is the ‘decryption key,’ and the private key is the ‘encryption key.’ The public SSH key is sent to the server trading partner who loads this key into his/her account.
On connecting to the SFTP server, they exchange the keys and if the keys match they initiate the connection further followed by file transfer that is in the encrypted form. In this, the file transfer is more secure and robust as the encryption filters, and ‘AUTH’ commands cannot be altered or turned off.
SFTP and FTPS both provide robust security algorithm but SFTP is little more popular because of ease of implementation and being firewall friendly.
Over to you on “what is FTP?”
Even after several decades of its invent, FTP is still a favorite for the file transfer between computers. It is universally acceptable for transferring and even sharing files and data across a network. Ftp has gone through many improvisations in the last 40 years, but perhaps most important was enabling “security” with it which ensures end to end encryption of all transmitted data including credentials.