File Transfer Protocol: Difference between revisions

From FileZilla Wiki
Jump to navigationJump to search
No edit summary
No edit summary
Line 22: Line 22:
=== Additional documents ===
=== Additional documents ===
* [http://filezilla-project.org/specs/rfc2577.txt RFC <b></b>2577] "FTP Security Considerations"<br />This document discusses the security of the FTP protocol in general and considers things like FTP Bounce Attacks
* [http://filezilla-project.org/specs/rfc2577.txt RFC <b></b>2577] "FTP Security Considerations"<br />This document discusses the security of the FTP protocol in general and considers things like FTP Bounce Attacks
== See also ==
* [[TLS specifications]]

Revision as of 21:28, 6 December 2008

FTP or file transfer protocol is a commonly used protocol for exchanging files over any network that supports the TCP/IP protocol (such as the Internet or an intranet). There are two computers involved in an FTP transfer: a server and a client. The FTP server, running FTP server software, listens on the network for connection requests from other computers. The client computer, running FTP client software, initiates a connection to the server. Once connected, the client can do a number of file manipulation operations such as uploading files to the server, download files from the server, rename or delete files on the server and so on. Any software company or individual programmer is able to create FTP server or client software because the protocol is an open standard. Virtually every computer platform supports the FTP protocol. This allows any computer connected to a TCP/IP based network to manipulate files on another computer on that network regardless of which operating systems are involved (if the computers permit FTP access).

More information about FTP can be found in the Wikipedia article about FTP or in the documents linked below.

Technical Specifications

  • RFC 959 "FILE TRANSFER PROTOCOL"
    This document describes the basic FTP protocol.
  • RFC 854 "TELNET PROTOCOL SPECIFICATION"
    The FTP protocol is implemented on top of Telnet which is specified in this document. Especially the specification of the NVT (Network Virtual Terminal) is of importance.

Protocol extensions

  • RFC 2228 "FTP Security Extensions"
    This document describes the mechanism to use different authentication and encryption schemes using commands like AUTH, PROT and related new commands.
  • RFC 2389 "Feature negotiation mechanism for the File Transfer Protocol"
    Describes the FEAT command to detect available protocol extensions and the OPTS command to change the behaviour of some features.
  • RFC 2428 "FTP Extensions for IPv6 and NATs"
    This RFC makes the FTP protocol ready for IPv6
  • RFC 2640 "Internationalization of the File Transfer Protocol"
    Describes the use of UTF-8 encoding for filenames. Since the original FTP standard did only allow 7-bit US-ASCII as encoding, this extension is fully backwards compatible. However, a few servers and clients are wrongly assuming the local encoding is used for the FTP protocol. Thus this extension seemingly creates incompatibilities where there in fact are none.
  • RFC 4217 "Securing FTP with TLS"
    This RFC describes how to secure the FTP with TLS by using the commands introduced in RFC 2228. It should be noted, that this RFC for the most part also applies to FTP over SSL. See TLS specifications for further information.
  • RFC 3659 This RFC introduces the MLS* family of commands for a machine parsable directory listing format. It also clarifies the use of REST and introduces a specified way to present the server's directory structure using TVFS (Trivial Virtual File Store). In addition, it introduces the SIZE and MDTM commands. It makes it very clear, that the MDTM command should only be used to get the timestamp of a file and should not be used to set the timestamp, as that would add ambiguity.
  • IETF Draft for deflate compression
    This document describes a method to compress the transfer channel using the deflate compression algorithm. For that, it introduces the "MODE Z" command.
  • EPLF specification "Easily Parsed LIST Format"
    Describes a machine parsable directory listing format.
  • The 'MFxx' Command Extensions for FTP. This IETF draft describes the MFMT command to change the file modification time.

Additional documents

  • RFC 2577 "FTP Security Considerations"
    This document discusses the security of the FTP protocol in general and considers things like FTP Bounce Attacks

See also