Server Sandbox


The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to another host over a TCP-based network, such as the Internet.

The FTP protocol is divided in two ways: Protcol interpreter and data transfer process.

In the client, the ports for PI and DTP are not established. Can be any free port. In the server is typical use 21 and 20 port respectively. Aslo, FTP can work in two modes:

FTP in Active mode

In active mode, the client have to open a port to communicate with the server.

  • Client init connection with server PI and send command PORT to indicate the port that server need to init a TCP connection.
  • Server create TCP connection and delegate in DTP to send the data.

This mode has two inconvenients:

  • The client connection is not secure. Client have to accept all trafic in the port of the data, and this is very dangerous.
  • Don't work fine if client have a firewall.

FTP in Passive mode

The idea is fix problem in active mode. In this case, the client negotiate the TCP connection with the server and say him that open a port for transfer data.

  • The process is similar to Active mode but in the case client send the command PASV to indicate passive mode and the server response with the number of port that can be use. (>1024).
  • The client init the TCP connection with the server port.

Access control commands
Command Description
USER Character string allowing the user to be identified. User identification is necessary to establish communication over the data channel.
PASS Character string specifying the user's password. This command must immediately precede the USER command. It falls to the client to hide the display of this command for security reasons.
ACCT Character string representing the user's account. The command is generally not necessary. During the response accepting the password, if the response is 230 this stage is not necessary, if the response is 332, it is.
CWD Change Working Directory: this command enables the current directory to be changed. This command requires the directory's access path to be fulfilled as an argument.
CDUP Change to Parent Directory: this command allows you to go back to the parent directory. It was introduced to solve problems of naming the parent directory according to the system (generally "..").
SMNT Structure Mount:
REIN Reinitialize:
QUIT Command enabling the current session to be terminated. The server waits to finish the transfer in progress if the need arises, then supplies a response before closing the connection.
Transfer parameter commands
Command Description
PORT Character string allowing the port number used to be specified.
PASV Command making it possible to indicate to the DTP server to stand by for a connection on a specific port chosen randomly from among the available ports. The response to this command is the IP address of the machine and port.
TYPE This command enables the type of format in which the data will be sent to be specified.
STRU Telnet character specifying the file structure (F for File, R for Record, P for Page).
MODE Telnet character specifying data transfer method (S for Stream, B for Block, C for Compressed).