1 / 30

FTP - File Transfer Protocol TFTP – Trivial FTP CISC 856 – Fall 2008

FTP - File Transfer Protocol TFTP – Trivial FTP CISC 856 – Fall 2008. Shriram Ganesh University of Delaware (some/most slides courtesy of Brian Lucas, Umakanth Puppala, William Boyer Vikram Rajan, Michael Haggerty, and Prof Amer). ganesh@cis.udel.edu. Overview.

diata
Télécharger la présentation

FTP - File Transfer Protocol TFTP – Trivial FTP CISC 856 – Fall 2008

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FTP - File Transfer ProtocolTFTP – Trivial FTPCISC 856 – Fall 2008 Shriram Ganesh University of Delaware (some/most slides courtesy of Brian Lucas, Umakanth Puppala, William Boyer Vikram Rajan, Michael Haggerty, and Prof Amer) ganesh@cis.udel.edu

  2. Overview • File Transfer Protocol (RFC 959) • Why FTP? • FTP’s connections • FTP in action • FTP commands/responses • Trivial File Transfer Protocol (RFC 1350) • TFTP and TFTP’s message formats • FTP and TFTP compared

  3. A Bit of History - FTP Direct (e.g. telnet) Network Use Indirect (e.g. FTP) RFC 114 – April 1971 before TCP and IP existed - Used NCP to do FTP on ARPANET RFC 354 – July 1972 - Overall Communication Model RFC 542 – August 1973 - Remarkably similar to today’s FTP - Still based on NCP RFC 765 – June 1980 - FTP over TCP/IP

  4. Why do we need a FTP service? • Purpose: To Transfer files between two computers • Goals of FTP Service • Promote sharing of files (programs and/or data) • Encourage indirect/implicit use of remote computers • Shield users from variations in file storage among hosts • Transfer data reliably and efficiently

  5. Problems of file transfer • At first, file transfer may seem simple • Heterogeneous systems use different: • Operating Systems • Character Sets • Naming Conventions • Directory Structures • File Structures and Formats • FTP needs to address and resolve these problems

  6. FTP’s 2 Connections * Persistent command and reply connection Non-persistent data connection Server is listening on port 21 for connection requests * Insulates users from “raw” FTP commands *Server uses port 20 for data connections * Routes “raw” FTP commands * Receives server’s replies 2 client User Interface server User Protocol Interpreter Server Protocol Interpreter Control Connection 21 User Data Transfer Function Data Connection Server Data Transfer Function 20

  7. FTP’s 2 Connections - Establishment ftp> open strauss.udel.edu Connected to strauss.udel.edu 220 strauss FTP server ready. client 331 Password req for ganesh. Password: User Interface 230 User ganesh logged in. ftp> USER ganesh PASS mypass server User Protocol Interpreter Server Protocol Interpreter Control Connection User Data Transfer Function Server Data Transfer Function Data Connection

  8. FTP’s 2 Connections – Data Transfer client ls client.txt -rw-r--r-- lucasb client.txt User Interface 128.4.40.17(19×256)+137 128.4.40.17:5001 226 Closing Data Connection 128.4.40.17 19,137 PORT 128,4,40,17,19,137 LIST client.txt 200 Port Command Sucessful 150 Data Connection will be open shortly server User Protocol Interpreter User Protocol Interpreter Server Protocol Interpreter Server Protocol Interpreter Control Connection Passive open on Port 5001 User Data Transfer Function Server Data Transfer Function Data Connection Establish Data Connection

  9. FTP’s 2 Connections – Connection Closing bye client User Interface 221 Service Closing QUIT server User Protocol Interpreter Server Protocol Interpreter Control Connection User Data Transfer Function Server Data Transfer Function Data Connection

  10. FTP Connection Server Client ftp> open server SYN Eph 21 SYN|ACK ACK 220 Service Ready ACK ftp> USER ganesh ACK 331 User OK,password? ACK ftp> PASS mypass ACK 230 User login OK ACK

  11. FTP – Data transfer (get command) Server Client PORT 128,4,40,17,19,137 Eph ACK 21 200 Command Successful LIST client.txt ACK ACK SYN 20 5001 SYN-ACK ACK 150 Data Connection will be open shortly ACK NAME LIST FIN Eph 21 FIN-ACK Control connection Data Connection ACK 5001 20 226 Closing Data Connection ACK

  12. FTP – Data transfer (put command) Server Client PORT 128,4,40,17,19,137 Eph ACK 21 200 Command Successful LIST client.txt ACK ACK SYN 20 5001 SYN-ACK ACK 150 Data Connection will be open shortly ACK Client.txt FIN FIN-ACK Eph 21 Control connection Data Connection 5001 20 ACK 226 Closing Data Connection ACK

  13. FTP Client Commands (issued by user interface) *Server sends list of matching files to client, Client protocol interpreter asks the user for operation on each matching file.

  14. A-PDU FTP Commands

  15. FTP Response Format

  16. Example FTP Responses • 120 Service will be ready shortly • 200 Command OK • 230 User login OK • 331 User name OK; password is needed • 421 Service not available • 530 User not logged in • 552 Requested action aborted; exceeded storage allocation

  17. Summary of FTP Connections • FTP has 2 connections • Control (persistent connection) • Server issues a passive open on well-known 21 • Client uses an ephemeral port to issue active open • Server ultimately closes control connection • Data (ephemeral connection) • Client issues passive open on an ephemeral port • Client sends this port to server via PORT command • Server receives the port number and issues active open using its well-known 20 to the received ephemeral port

  18. Data Connection • PORT does not always work…why? • Instead, use PASV command • Client sends PASV command to server • Server chooses ephemeral port: passive open • Server responds with IP, Port in reply (227) • Client issues active open to server’s port • Ultimately, the data sender closes connection

  19. FTP Passive Data Transfer client ls client.txt -rw-r--r-- lucasb client.txt User Interface 226 Closing Data Connection 227 Entering Passive Mode (128,4,40,42,20,5) LIST client.txt PASV 150 Data Connection will be open shortly server User Protocol Interpreter User Protocol Interpreter Server Protocol Interpreter Server Protocol Interpreter Control Connection Passive open on Port 5125 User Data Transfer Function Server Data Transfer Function Data Connection Establish Data Connection

  20. Used only to read and write files from/to a remote server Cannot list directories Useful for bootstrapping diskless systems Trivial FTP (TFTP)

  21. TFTP Message Formats Diagrams from McGraw-Hill

  22. TFTP Connection Establishment Passiveopen Client Server 69 a. Passive open by server Activeopen Server Client 69 50032 b. Active open by client 69 Server Client 50032 62000 c. Rest of communication Diagram from McGraw-Hill

  23. TFTP Data Transfer Diagram from McGraw-Hill

  24. TFTP Connection - Timers Server Client RRQ “fullOS” Eph Read Request First Block of 512 Bytes Sent 69 DATA 1 Eph ACK 1 DATA 2 Block 2 Lost Timeout DATA 2 ACK 2 DATA 3 Block 3 Damaged Timeout DATA 3 ACK 3 Timer running DATA 4 ACK 4 ACK 4 Lost Timeout ACK 4

  25. TFTP Connection (Cont’d) Server Client DATA 5 ACK 5 is Slow Timeout ACK 5 DATA 5 Discard Duplicate DATA 6 ACK 5 Resend Data 6 DATA 6 ACK 6 DATA 7 ACK 6 Data is Sent Twice, Known as The Sorcerer's Apprentice Bug DATA 7 ACK 7 Block 8 is the Last Block (383 Bytes) DATA 8 ACK 7 DATA 8 ACK 8 ACK 8

  26. FTP vs. TFTP

  27. Security IssuesFTP Bounce Attack Control messages Attacker 10.0.18.30 10.0.18.35 Victim LIST PORT 10.0.18.35:5000 Login Data Connection sthuy FTP Server

  28. FTP Bounce Attack (cont’d) • According to FTP protocol, client is *supposed* to specify its own IP address and port number. • Port Scan Attack – Attacker gathers information on ports of target machine

  29. FTP Bounce Attack (cont’d) Attacker: 10.0.18.30 FTP login account: sthuy Target: 10.0.18.35

  30. File Exchange Protocol (FXP) • Method of data transfer which uses the FTP protocol’s PASV mode. • Transfer data from one remote server to another (inter-server) without routing this data through the client's connection. • Enabling this can make a server vulnerable to the FTP bounce attack.

More Related