Page 248 - DCAP602_NETWORK_OPERATING_SYSTEMS_I
P. 248
Network Operating Systems-I
notes The only reason you might favor a different FTP server to vsftpd is if you really need the
configurability of one of the more bloated FTP servers. Having said this, note that vsftpd caters
for the vast majority of use cases. Even if vsftpd appears to be missing a feature, it is often satisfied
by an external component such as PAM or xinetd / tcp_wrappers. In this regard, vsftpd is being
a small modular component in the proper spirit of UNIX. Finally, consider moving to vsftpd even
if it means sacrificing some whacky feature of your current FTP server. The security, performance
and stability gains are waiting for you.
13.1 meaning
Commonly when one thinks of the Internet, the first thing that comes to mind is “surfing” from
one website to another. Being able to go from website to another, and view the contents is indeed
the reason that the Internet is as popular as it is today, and growing bigger every year. If we set
web surfing aside though, just what do we have left in terms of actual usage going on whilst on
the Internet? Well one of the activities that takes place is the downloading of data files, movies,
anti-virus updates, and the such. What these acts have in common is one protocol, namely the
FTP protocol or File Transfer Protocol.
It should be noted that FTP also observes the client/server model. Unlike HTTP though, where
there is a clear cut winner for web browsers and web servers, no such program can make the
same claim as it relates to FTP. There is a large selection of FTP clients and servers out there
today. It is worth noting that your version of Windows come with a built-in FTP client.
FTP itself uses the TCP transport protocol exclusively, or in other words, it never uses UDP for
its transport needs. Typically an application layer protocol will use one or the other. One notable
exception to that is DNS or Domain Name System. FTP also is odd in the fact that it uses two
ports to accomplish its task. It typically uses port 20 for data transfer and port 21 to listen to
commands. Though having data transferred over port 20 is not always the case as it can also be
a different port as well. That is where the confusing part for many people comes into play. There
are two modes to FTP, namely active and passive mode. These two modes are initiated by the
FTP client, and then acted upon by the FTP server.
So just how does active and passive FTP work anyways? Well it all starts with the FTP client
initiating a connection with the FTP server on its port 21. Port 21 is where the server is listening
for commands issued to it, and in turn, which it will respond to. So we will assume that the TCP/
IP handshake is complete, and as normal the client has done all of this on an ephemeral port.
At this point the client begins to listen on it’s ephemeral port + 1, and sends the PORT N+1
command to the server on its port 21 i.e. if the ephemeral port in use by the client is 1026, then
it would listen on port 1027. Once this is done the data transfer port (port 20) on the FTP server
would initiate a connection to the FTP client’s ephemeral port plus 1, as indicated above. This is
pretty much how an active FTP session is conducted by both the client and server. Though if the
client has a firewall in place, this whole communication process will come to a grinding halt. The
clients firewall would drop what it considers to be an unsolicited communication attempt on the
ephemeral port plus one port for the data transfer. The way that FTP gets around this problem
is by using passive FTP.
Did u know? Is FTP uses UDP for its transport needs?
passive approach
By using the passive mode of FTP or as it appears in the ASCII content of a packet “PASV”,
FTP was able to neatly sidestep the firewall issue on the client side. It was done in the following
fashion: The FTP client, let’s say the built in FTP client that comes with a win32 operating system,
will start up two connections to the FTP server. We need to keep in mind as well that both
242 LoveLy professionaL university
