Introduction
FTPisusedtotransferfilesbetweentwocomputers.ItisoneofthemostwidelyusedservicesintheInternet.Itcansettheusagerightsofeachuseraccordingtoactualneeds,anditalsohascross-platformfeatures,thatis,FTPclientsandserverscanbeimplementedinoperatingsystemssuchasUNIX,Linux,andWindows,andfilescanbetransferredbetweeneachotheracrossplatforms.Therefore,FTPserviceisoneoftheresourcesharingmethodsoftenusedinthenetwork.TheFTPprotocolhastwoworkingmodes:PORTandPASV,namely,activemodeandpassivemode.
FTP(FileTransferProtocol)isafiletransferprotocol.ItisaTCP-basedprotocolthatusesaclient/servermodel.ThroughtheFTPprotocol,userscanuploadordownloadfilesontheFTPserver.AlthoughtherearemanysitesthataredownloadedthroughHTTPprotocol,FTPprotocolcanwellcontrolthenumberofusersandthedistributionofbroadband,anduploadanddownloadfilesquicklyandconveniently.Therefore,FTPhasbecomethepreferredserverforfileuploadanddownloadonthenetwork.Atthesametime,itisalsoanapplicationprogram,throughwhichuserscanconnecttheircomputerstoallserversrunningFTPprotocolaroundtheworld,andaccessalargenumberofprogramsandinformationontheservers.ThefunctionofFTPserviceistorealizetheremotetransmissionofcompletefiles.Thecharacteristicsareasfollows:(1)FTPusestwoparallelconnections:controlconnectionanddataconnection.Thecontrolconnectiontransmitscontrolcommandsbetweenthetwohosts,suchasuseridentity,password,anddirectorychangecommands.Thedataconnectionisonlyusedtotransferdata.
(2)Duringasession,theFTPservermustmaintaintheuserstate,thatis,thecontrolconnectionwithacertainusercannotbedisconnected.Inaddition,whenauserisactiveinthedirectorytree,theservermusttracktheuser'scurrentdirectory.Inthisway,FTPlimitsthenumberofconcurrentusers.
(3)FTPsupportsfiletransferinanydirection.Aftertheuserestablishesaconnectionwitharemotecomputer,theusercanobtainaremotefileortransferalocalfiletotheremotemachine.
Servicecontent
Generallyspeaking,theprimarypurposeofusers'networkingistorealizeinformationsharing,andfiletransmissionisoneofthemostimportantcontentsofinformationsharing.TheearlyrealizationoffiletransferontheInternetisnotaneasytask.WeknowthattheInternetisaverycomplexcomputerenvironment.TherearePCs,workstations,MACs,andmainframes.Accordingtostatistics,therearealreadycomputersconnectedtotheInternet.Tensofmillionsofcomputers,andthesecomputersmayrundifferentoperatingsystems,suchasserversrunningUnix,PCsrunningDos,Windows,andMacsrunningMacOS,andsoon.ThefileexchangeproblembetweenvariousoperatingsystemsrequiresEstablishaunifiedfiletransferprotocol,thisistheso-calledFTP.TherearedifferentFTPapplicationsbasedondifferentoperatingsystems,andalloftheseapplicationsfollowthesameprotocol,sothatuserscantransfertheirfilestoothersorobtainfilesfromotheruserenvironments.
LikemostInternetservices,FTPisalsoaclient/serversystem.TheuserconnectstotheFTPserverprogramontheremotehostthroughaclientprogramthatsupportstheFTPprotocol.Theuserissuesacommandtotheserverprogramthroughtheclientprogram,andtheserverprogramexecutesthecommandissuedbytheuserandreturnstheexecutionresulttotheclient.Forexample,ifauserissuesacommandaskingtheservertosendacopyofacertainfiletotheuser,theserverwillrespondtothiscommandandsendthespecifiedfiletotheuser'smachine.Theclientprogramreceivesthisfileonbehalfoftheuserandstoresitintheuserdirectory.
ServerConfiguration
Thefirststep,inthestartmenu,click"AdministrativeTools"→"InternetInformationServices(IIS)Manager"menuitem,open"InternetInformationServices(IIS)Manager"window.Expandthe"FTPSite"directoryintheleftpane,right-clickthe"DefaultFTPSite"option,andselectthe"Properties"command.
Step2,openthe"DefaultFTPSiteProperties"dialogbox,andsettheFTPsiteparametersinthe"FTPSite"tab.Amongthem,youcanchangetheFTPsitename,listeningIPaddressandTCPportnumberinthe"FTPsiteidentification"area,clickthedrop-downtrianglebuttonontherightsideofthe"IPaddress"editbox,andselecttheIPaddresstobeboundtothesite.IfyouwanttobuildmultipleFTPsitesonthesamephysicalserver,youneedtospecifyanIPaddressforeachsite,orusethesameIPaddressanddifferentportnumbers.Inthe"FTPsiteconnection"area,youcanlimitthenumberofcomputersconnectedtotheFTPsite.Generally,itismoreappropriatetosetitto"unrestricted"withinthelocalareanetwork.Theusercanalsoclickthe"CurrentSession"buttontoviewtheIPaddresscurrentlyconnectedtotheFTPsiteanddisconnectthemalicioususer.
Step3,switchtothe"SecurityAccount"tab,thistabisusedtosettheloginmethodsallowedbytheFTPserver.Anonymousloginisallowedbydefault.Ifyouuncheckthe"AllowAnonymousConnection"checkbox,theuserneedstoenteravalidusernameandpasswordwhenloggingintotheFTPsite.Inthisexample,selectthe"AllowAnonymousConnections"checkbox.
Step4,switchtothe"Message"tab,andentertextthatreflectstheattributesoftheFTPsiteinthe"Title"editbox(suchas"ServerConfigurationTechnicalServiceNetFTPMainSite"),thetitleWillbedisplayedbeforetheuserlogsin.ThenenteraparagraphoftextdescribingthedetailsoftheFTPsiteinthe"Welcome"editbox,whichwillbedisplayedaftertheuserhassuccessfullyloggedin.Inthesameway,entertheinformationdisplayedwhentheuserexitstheFTPsiteinthe"Exit"editbox.Inaddition,iftheFTPserverlimitsthemaximumnumberofconnections,youcanenteraspecificvalueinthe"MaximumNumberofConnections"editbox.WhenauserconnectstoanFTPsite,iftheFTPserverhasreachedthemaximumnumberofconnectionsallowed,theuserwillreceivea"maximumnumberofconnections"messageandtheuser'sconnectionwillbedisconnected.
Step5,switchtothe"HomeDirectory"tab.ThehomedirectoryistherootdirectoryoftheFTPsite.WhenauserconnectstotheFTPsite,onlythecontentsofthehomedirectoryanditssubdirectoriescanbeaccessed,andthecontentoutsidethemaindirectorycannotbeaccessedbytheuser.Thehomedirectorycanbeadirectoryonthelocalcomputer'sdiskorashareddirectoryonthenetwork.Clickthe"Browse"buttontoselectthefoldertobeusedasthemaindirectoryoftheFTPsiteinthelocalcomputerdisk,andclickthe"OK"buttoninturn.Checkoruncheckthe"Write"checkboxaccordingtoactualneedstodeterminewhethertheusercanwritedataintheFTPsite.
Step6,switchtothe"DirectorySecurity"tab,whichismainlyusedtoauthorizeordenyspecificIPaddressestoconnecttoFTPsites.Forexample,ifonlycomputerswithinacertainIPaddressrangeareallowedtoconnecttotheFTPsite,the"Rejectaccess"radioboxshouldbechecked.Thenclickthe"Add"buttonandselectthe"Agroupofcomputers"radiobuttoninthe"AuthorizedAccess"dialogboxthatopens.Thenenterthespecificnetworksegmentinthe"NetworkIdentification"editbox),andenterthesubnetmaskinthe"SubnetMask"editbox.Finallyclickthe"OK"button.
Step7,returntothe"DefaultFTPSiteProperties"dialogbox,andclickthe"OK"buttontomakethesettingseffective.NowtheusercanentertheFTPsiteaddressintheWebbrowserofanyclientcomputeronthenetworktoaccessthecontentoftheFTPsite.
Workingmode
Activemodeport
Inactivemode,theFTPclientfirstestablishesaconnectionwiththeTP21portoftheFTPserver,andsendscommandsthroughthischannel.TheclientsendsthePortcommandonthischannelwhenitneedstoreceivedata.ThePortcommandcontainswhatporttheclientusestoreceivedata.Whentransmittingdata,theserverconnectstothedesignatedportoftheclientthroughitsTCP20porttosenddata.TheFTPservermustestablishanewconnectionwiththeclienttotransmitdata.TheactiveFTPconnectionprocessisasfollows:
Commandconnection:client>1024port→server21port;
dataconnection:client>1024port←server20port.
Passivemodepasv
Inpassivemode,theestablishmentofacontrolchannelissimilartotheactivemode,butaftertheconnectionisestablished,itisnotaPortcommand,butaPasvcommand.AftertheFTPserverreceivesthePascommand,itrandomlyopensahigh-endport(portnumbergreaterthan1024)andinformstheclientoftherequesttotransmitdataonthisport.TheclientconnectstothisportontheFTPserver,andthentheFTPserverwilltransmitthroughthisportdata.Inthiscase,theFTPservernolongerneedstoestablishanewconnectionwiththeclient.ThepassiveFTPconnectionprocessisasfollows:
Commandconnection:client>port1024→port21oftheserver;
>Dataconnection:Client>Port1024→Server>Port1024.
AdvantagesandDisadvantagesofActiveandPassiveFTP
ActiveFTPisbeneficialtothemanagementoftheFTPserver,butnottothemanagementoftheclient.BecausetheFTPserveristryingtoestablishaconnectionwiththeclient'shighrandomport,andthisportislikelytobeblockedbytheclient'sfirewall.PassiveFTPisbeneficialtothemanagementoftheFTPclient,butnotgoodtothemanagementoftheserver.Becausetheclientneedstoestablishtwoconnectionswiththeserver,oneofwhichisconnectedtoahighrandomport,andthisportislikelytobeblockedbytheserver-sidefirewall.
FTPservertype
AuthorizedFTPserver
AuthorizedFTPserverallowsonlyauthorizedusersontheFPserversystemtouseit.BeforeusinganauthorizedFTPserver,youmustapplyforausernameandpasswordfromthesystemadministrator,andyoumustentertheusernameandpasswordwhenconnectingtothistypeofFTPserver.
AnonymousFTPserver
AnonymousFTPserverallowsanyusertologintotheFTPserverwithananonymousaccountFTPoranonymous,andaccessandtransferauthorizedfiles.SomeFTPserverstraditionallyrequireuserstousetheirE-maiaddressastheloginpassword,butthishasnotbecomeastandardpracticeformostservers.
FTPtransfermode
ASCⅢtransfermode
AssumingthatthefilebeingtransferredcontainssimpleASCIcodetext,FTPusuallyadjuststhefileautomaticallywhenthefileistransferredInordertostorethefileasanASCItextfileonanothercomputer.
Binarytransmissionmode
Inbinarytransmission,thebinarybitsequenceofthefileissaved,sothatthesourcefileandthetargetfilecorrespondbitbybittoensurethecorrecttransmissionofthebinaryfile.IfthebinaryfileistransmittedinASCImode,thesystemwillautomaticallytranslatethebinarydataintoASCIinformation.Thisnotonlyslowsdownthetransferspeed,butalsodamagesthedata,makingthefileunusable.Therefore,whenusingFTPtotransferfiles,itisusuallyrecommendedtousebinarytransfermode.
Softwareexamples
Server-U
Serv-UisawidelyusedFTPserversoftware,supporting3x/9x/ME/NT/AllWindowsseriessuchas2K/2000/xp.YoucansetupmultipleFTPservers,limitthepermissionsofthelogged-inuser,loginthehomedirectoryandthesizeofthespace,etc.Thefunctionsareverycomplete.Ithasverycompletesecurityfeatures,supportsSslFTPtransmission,supportsmultipleServ-UandFTPclientstoprotectyourdatasecuritythroughSSLencryptedconnections,etc.
Serv-UisoneofmanyFTPserversoftware.ByusingServ-U,userscansetanyPCasanFTPserver,sothatusersorotheruserscanusetheFTPprotocoltoconnecttotheFTPserverthroughanyPConthesamenetworktoperformfileorCopy,move,create,anddeletedirectories,etc.TheFTPprotocolmentionedhereisspecificallyusedtospecifythestandardsandrulesforfiletransferbetweencomputers.ItispreciselybecauseofaspecialprotocollikeFTPthatpeoplecanusedifferenttypesofoperationsthroughdifferenttypesofcomputers.Thesystemtransfersdifferenttypesoffilestoeachother.
FileZilla
isaclassicopensourceFTPsolution,includingFileZillaclientandFileZillaServer.Amongthem,thefunctionofFileZillaServerisnotinferiortothecommercialsoftwareFTPServ-U.Whetheritistransmissionspeedorsecurity,itisaverygoodone.
VsFTP
VSFTPisaGPL-basedFTPserversoftwareusedonUnix-likesystems.ItsfullnameisVerySecureFTP.Ascanbeseenfromthisname,theoriginalintentionofthecompilerisCodesecurity.
SecurityistheoriginalintentionofwritingVSFTP.Inadditiontothisinherentsecurityfeature,highspeedandhighstabilityarealsotwoimportantfeaturesofVSFTP.
Intermsofspeed,whendownloadingdatainASCIIcodemode,thespeedofVSFTPistwicethatofWu-FTP.IftheLinuxhostusesa2.4.*kernel,thedownloadspeedonGigabitEthernetcanbeUpto86MB/S.
Intermsofstability,VSFTPisevenbetter.VSFTPsupportsmorethan4000concurrentuserconnectionsonasinglemachine(non-cluster).AccordingtothedataofRedHat'sFtpserver,theVSFTPservercansupport15000.Concurrentusers.