What is a FTP Client
From BulletProof Wiki
Contents |
Overview
The file-transfer provided by FTP copies a complete file from one system to another (SERVER to CLIENT, CLIENT to SERVER). In this transfer a computer running BulletProof FTP Client (http://www.bpftp.com) is called the CLIENT and a person running a FTP Server is called a SERVER. A SERVER is a piece of software which adheres to the Internet FTP standard (RFC-959), such as our specially designed BulletProof FTP Server (http://www.bpftpserver.com), but often times the type of server is hidden or not published.
FTP Control/Data Connections
When using a CLIENT, it is sometimes important to understand that there are two types of connections made, control-connections and data-connections.
Control Connections
The control-connection is established in the typical client-server fashion, the SERVER creates a listening socket on the well-known port for FTP (TCP/21) and waits for the CLIENT to make a connection. This default TCP/IP connection on port 21 (shorthand TCP/21), but the SERVER administrator can change this value to anything they wish; as often times, chaing this port can help "hide" the FTP service from would-be hackers or malicious software (virus, worms, etc). This control-connection remains open during the entire time that the CLIENT communicates with the SERVER. This connection is used for commands from the CLIENT to the SERVER and for the SERVER's replies.
Data Connections
The data-connection is created each time a file or data is transferred between the CLIENT and SERVER. FTP uses this data-connection is used in three different ways:
- Sending a file from the CLIENT to the SERVER
- Sending a file from the SERVER to the CLIENT
- Sending a directory-listing from the SERVER to the CLIENT
How they are used
When a CLIENT (BulletProof FTP Client) requests a directory-listing from the SERVER (such as BulletProof FTP Server), the command (LIST) is sent across the control-connection and a data-connection is made to transfer the directory-listing. This avoids any potential limitations that might restrict the size of a directory-listing and makes it easier for the client to save the output and display it in an easy to use point-click interface. During this transfer, the control-connection remains idle while the data-connection is in use.
PORT vs PASV
The creation of the data-connection is dictated by the CLIENT upon issuing of an FTP command (get a file, put a file or obtain a directory-listing). Unfortunately, this is when FTP becomes difficult for most people:
- In the default mode, called port-mode (PORT-mode), the CLIENT issues the command and then begins to listen on a random TCP/IP port for the SERVER to connect and establish the data-connection. Although this mode is effective, it requires the technical ability for the person running the CLIENT to understand how to secure and properly open their network's Firewall/NAT to allow this incoming connection.
- Optionally, the CLIENT can request data-connections to operate in passive-mode (PASV-mode). Thankfully, this mode asks the SERVER to make the listening TCP/IP port for the CLIENT to connect and establish the data-connection.
