Introduction
File transfer protocol (FTP) is a protocol used to transfer files from one computer to another over a network connection, such as the Internet. Abhay Bhushan designed the first FTP protocol in 1971. It originally used dos command prompt, but has been redesigned using the Graphical User Interface (GUI) (Kozierok 1). FTP is used to transfer files created on different web pages from a server to other computers. Files and other programs are downloaded from many servers in the Internet to the personal computer. This paper focuses on the FTP and other types of protocols used over the Internet.
File Transfer Protocol
According to Mathews protocols are regulations that manage data transfer and communication between computers connected to form a network (63). There are different types of network standards, such as FTP and HTTP that are essential to enable a computer to communicate with other computers. A standard like the Open Systems Interconnection (OSI) contains the seven layers of protocols. These layers include Application, Presentation, Session, Transport, Network, Data Link and physical layer (Kozierok 1). FTP is among the standards found on the presentation layer, and its purpose is to support file sharing such as programs and data, to protect a user from disparities in methods of file storage, and to transmit data in an organized manner.
FTP servers have many features like bandwidth technology. The servers also have features that make it easy to compress text during data exchange, but there are some commands to be followed in order to compact these files. Mode S support program compresses files and saves space on the hard disk and the network to make it fast. Although FTP is not safe, it has some security features with controls that allow only authorized IP address to transfer files or communicate with the server (Fourozan 14).
OSI model is used to move files using TCP/IP. In order for FTP to operate, the server should be triggered to handle the arriving requests. This enables communication between the server and client computers. The control connection used to run commands and passwords between the computers is open until the communication is terminated. To show that the command was successful, the server gives feed back through the connection using three digits in ASCII. File transfer can be cancelled in the process of data transmission through a break off message (Kozierok 1).
Clark asserts that FTP uses two modes of data transfers, which depend on how the connection has been set: it runs in either passive or active modes (44). In active mode, the client gives the IP address and port digit that it will listen to and then the server starts the connection. In case the client is protected by a firewall, passive mode is used because the client is unable to accept any connection and is most preferred by administrators for safety. Firewalls have capabilities that reject other connections from outside or unauthorized access.
Additionally, the data transfer network uses four data transmission modes: ASCII, image mode, EBCDIC, and local mode. ASCII mode is used for wordings where data is converted from the sender into an 8 bit ASCII prior to its transfer to the receiving host. Image mode is applied to transmission of images that are converted into binary and then bytes for easy transmission. Bytes are sent continuously forming a byte stream, which the receiver stores until the whole image, is complete. EBCDIC mode is almost the same as ASCII because it is meant for plain text involving the hosts. The local mode is applicable to two computers with the same setups. It enables these computers to transfer data without having to convert it into ASCII (Clark 55).
Similarly, FTP uses three modes to transfer data: stream mode, block mode, and compressed mode. In a stream mode, streams of data are sent in a continuous flow and hence the FTP is saved from processing, which is done by TCP. In a block mode, data is broken down into small parts and then sent to the TCP for processing. In compressed mode, large amounts of data are compressed and are sent as a single stream (Parker 1).
FTP grants access to users using passwords or usernames login. Both the password and the user names are sent to the server using USER and PASS controls. If the server allows the USER and PASS, it will notify the client and their session will unlock. Sometimes a server allows a user to login without providing the passwords and usernames, but in this case, access is limited, but it also depends on what the user is authorized to do (Kozierok 1).
Differences Between FTP and Other Protocols
Forouzan argues that there are many network protocols, including Secure File Transfer Protocol (SFTP), Domain Name System (DNS), Hypertext Transfer Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), Post Office Protocol Version 3 (POP3), and Internet Message Access Protocol (IMAP) (14). All these protocols are different in many ways, for example, HTTP and FTP have different functionalities. HTTP’s main function is to enable a user to access the World Wide Web while FTP’s main function is file transfer from different computers. A large number of people as use HTTP compared to FTP. HTTP is used each time a user opens a site, when reading emails, and updating some information on the website.
FTP is also used to download huge files, although HTTP can also do the same. Though FTP is older than HTTP, most files are hosted to HTTP and visitors find it easy to browse and download file through it. Currently, FTP is being replaced by other new protocols and almost becoming obsolete. HTTP is on the winning side and still remains leading protocol on the Internet even in future because many languages are being build up to improve HTTP (Kozierok 1).
Secure File Transfer Protocol ensures that data is transmitted over a secure network, for example, Secure Shell Protocol. However, FTP does not guarantee secure transfer of data since users can access the site anonymously. A user without an account can access the server when he FTP provides prompts where he fills his email address and password. SFTP has various operations, which includes restarting interrupted file transfers, file removal, and directory records. It can be used in Windows and Linux or any other platform (Mathews 23).
In addition, Kozierok argues that Telnet protocol is different from FTP because it has features that permit users to provide commands remotely and a user can check the responses that are sent while FTP is precisely used to transfer data into a remote point (1). FTP has many ways to secure its files transfer, but Telnet is unsecured. FTP is a dependable method of uploading files to the servers, while Telnet is used to analyze network services.
Secure Shell is another type of a network protocol that makes communication easy between two computers in spite of distance, while FTP is a meant for file transfer. FTP is only able to transfer files, copy, move, or delete while SSH has a range of applications, which allows the user to give commands that can be finished by a remote computer. It is also used for transfer of files, checking and tunneling running applications (Kurose & Ross 35).
Kurose and Ross assert that Trivial File Transfer Protocol is another protocol whose function is to transfer files (56). It serves the same function as FTP, but transfers data in small amounts. FTP has an authentication process, but TFTP does not have. With TFTP, transfer of data is never encrypted, but for FTP, there is a limit on what data to access despite allowing anonymous access. Similarly, the function of POP3 protocol is to pick emails from the server and then SMTP sends the emails. SMTP is a text-based protocol that forwards data from one server to another. IMAP stores data on the server and leaves it for the client to decide on whether to delete it or not.
Advantages and Disadvantages of Using FTP
FTP allows a user to upload many files to a server as well as many downloads, but if a user wants to download few files, it would be problematic. It can transfer bulky files across the network. FTP has a repeated and automatic backup. When data is edited from a host computer, it can be copied to the host computer and incase the data is lost or destroyed, there is a copy saved as backup (Parker 1). Therefore, FTP can be used when one needs to send bulky files, these files may be more than 60 MB and FTP clients like FileZilla can be used. It transfers web page contents from the client computer to the server, which hosts it.
In addition, FTP allows a user to select the mode of data transfer. A user can transfer data using ASCII or in binary mode. A user can use records from a remote computer and rename files when transferring them to different computers. FTP has features and tools such as macros that make work easier. It is able to continue file transfer if the connected is interrupted. It can easily add other items on a row to be uploaded or downloaded. The protocol has no maximum value for the single transfer of data because it can transfer bulky files.
According to Parker, FTP has some few disadvantages, especially when it comes to file transfer (1). It has no proper data encryption and hence it can be intercepted to other sites. Since FTP was not developed to be a fully secure protocol, it can cause attacks during sending of data. Such attacks include Spoof attacks, Packet sniffing, and bounce attacks. Likewise, another user can read user names and passwords because they are sent in clear text. Host servers can be spoofed to send data to the wrong computer.
The relationship between FTP and Peer-to-Peer (P2P)
P2P is a protocol used to receive requests from different nodes. It distributes tasks to nodes after they complete a request. Just like FTP, its main task is to transfer data. Peer to peer nodes serves the same purpose as servers. In P2P, each node knows where other nodes are located on the network. P2P also allows users to download files that contain music and games. It allows computers to check files from other computers, but FTP allows users to search only in the servers (Forouzan 78).
Although both FTP and Peer to Peer have similar features of file transfer, each protocol has its own way of data transfer. Peer to peer uses a tracker and software such as Guntella for effective transfer of files. The tracker keeps records and is able to track users file on both client and server. A client allows a user to download parts of a file from different computers. When a user starts to download files, the trackers search a computer with part of the file using Gnutella software. The download begins as soon as those files are located in a computer. When the file download is complete, other people on the network can download the same file (Kozierok 1).
Software that Facilitate FTP Usage
Gleason argues that the software that help users to use FTP include FileZilla, which is a freeware and is usually available in different platforms such as windows and Linux (1). In addition, Smart Ftp is software that allows a user to transfer files from a client to a server on the internet. FlashFXP is also software that makes it easier to transfer files. This program is quick and efficient when transferring files.
Other useful software include Core FTP Lite & Pro, FireFTP, WS FTP, Cute FTP, Coffee cup FTP, FTP Explorer, FTP voyager, Ace FTP, and Nofeel FTP (Gleason 1). Core FTP Lite & Pro is a program that provides a dependable, fast and easier way to maintain and update a website using FTP. FireFTP is free platform found in Mozilla Firefox and allows easy access to servers. WS FTP Home is a program that makes it easy for a single user to transfer both small and bulky files to any server. Cute FTP is used to transfer data from a computer to servers that use FTP. Coffee Cup FTP is a program that allows a user to edit files on a server. It has features such as drag and drop and several server profiles. FTP explorer is a program that allows a user to search for FTP servers in order to transfer data. It enables a user to transfer data to or from his computer. Web developers use FTP Voyager to move and edit files on the internet program. It has a drag and drop feature that makes it easy to update a site and transfer files through FTP servers. Its also has capabilities of retrieving interrupted downloads. FTP desktop is a program that enables a user to access FTP sites with ease. A user can move files from FTP sites and save them to the hard disk. AceFTP enables a user to transfer files in a safe mode because it provides security and simplicity. Nofeel FTP gives many features for a user to upload and download files. FTP navigator is an application that makes navigation easier by displaying facts about files by use of a directory.
Forouzon suggests that Server FTP software include Apache FtpServer, which uses Java (56). It is portable and can be used on open protocols. The gIFTPd is another server software that has many features such as user management capabilities, ability to count the number of files that are being uploaded and bandwidth throttling. VSFTPD, which stands for Very Secure FTP Daemon also ensures that the site is secure by using an outside library and makes simpler the code of the server. It also directs anonymous connection in an encryption, thus making file transfers secure. Users’ access can either be granted or rejected, and the server has a detailed history of logins.
Security of FTP
FTP is not fully secure because usernames and passwords are sent in bare texts. Source accounts cannot be used for FTP. FTP is just like Telnet, POP, and IMAP protocols that send data in plain text. FTP security is important because it is used to upload and download files to many servers. Another user might get access to the email server and read, delete, or block the mail. A user or malicious person who gets another user’s FTP password can destroy or remove the website contents. There some new FTP protocols such as SFTP that encrypts the sent contents between computers.
FTP also downloads and uploads files without protecting them from malicious users. Online shopping is not safe for customers who send their credit cards to buy items like clothes and shoes. The HTTPS page on which the credit card details are being entered might be unsafe because sellers may download these details using FTP. Anonymous access is made easy when FTP first installed in default in Windows 2000. Users can have access without having accounts and malicious user can paste illegal files and copyrights. A user should remove anonymous access feature in order to limit illegal access (Kozierok 1).
Parker suggests that FTP is sometimes secure when it is “blind” put; this means that users can only send files to the server, but not remove them from your server (1). They can also write down files, but cannot read from FTP directory. This will protect the files stored at the FTP from unauthorized access from either malicious or other users. FTPs with disk quotas that limit to the size of disk space that a user can have are also secure. This can help in limiting the damages incase FTP is accessed and taken over.
Hackers are also discouraged because of the small disk space. FTP with logon restrictions is also secure because users are only allowed to access the site at specific hours. Also, the FTPs that are regularly audited so as to see any attempts to log on are secure. Numerous log on attempts can be viewed during audit and any malicious activity can be detected (Gleason 1).
There is need for organizations that use protocols that are secure because FTP was developed with no concern on security. Many technologies can send and receive large amounts of data in a secure manner. They are easy to install and are allows audits. According to Kurose and Rose, FTPs that use strong password are secure because unauthorized users cannot easily guess a password (37). For instance, Linux makes administrators to oblige users to follow and comply with strong password requirement rules. Users are supposed to follow restrictions such as not writing their names as user name, passwords having a minimum length of 6 characters, as well as passwords having upper and lower case characters and digits from 0 to 10 plus alphanumeric characters such as hash, full stop and commas. Account lockouts are also helpful because they allow network administrators to minimize the number of attempted logins to which it is locked out after 2 or 3 times attempts. This minimizes the risk of password hackers.
Conclusion
In conclusion, File Transfer Protocol is being developed each day into newer versions of protocols that are meant to transfer data and for data communications. A user should decide on which versions of FTP to use depending on efficiency and security issues. Some of the FTP softwares have no guarantee on security and especially the older versions. The choice of FTP is important because a protocol that does not have good or latest features is not effective and wastes time and patience. The speed of a protocol depends on the environment and application used. The newer versions of FTP are more reliable, especially when streaming protocols and are able to manage mixed signals. These versions include SFTP, which can be used in several platforms such as Linux and Windows and can resume interrupted file transfers. In essence, FTP and other Internet protocols have improved communications over the Internet, but full security features is yet to be realized.
Works Cited
Clark, Martin. Data Networks IP and the Internet. West Sussex: John Wiley & Sons Ltd, 2003. Print.
Forouzan, Behrouz. TCP/IP: Protocol Suite. New Delhi: Tata Mc Graw-Hill Publishing Company Limited, 2000. Print.
Gleason, Mike. The File Transfer Protocol and Your Firewall/NAT. 2005. Web.
Kozierok, Charles. The TCP/IP Guide v3. 2005. Web.
Kurose, James and Keith Ross. Computer Networking. 5th ed. Boston, MA: Pearson Education, Inc., 2010. Print.
Mathews, Jeanna. Computer Networking: Internet Protocols in Action. Danvers, MA: John Wiley & Sons Inc., 2005. Print.
Parker, Don. Understanding the FTP Protocol. 2005. Web.