FTP

File Transfer Protocol

By
Phanindra

Contents
1. Introduction

2. Features

3. Architecture

a. Client/Server Architecture
b. Data connections
i. Active Connection
ii. Passive Connection
c. Types of Data transfer

4
5
5
6
6

4. Configuring FTP Servers

a. Enterprise FTP Server
i. Installing IIS and FTP services
ii. Creating an FTP site with User Isolation
iii. Creating an FTP site with Anonymous Access
iv. Changing Access permissions on FTP site
b. Home FTP server

7
7
7
8
10
13
14

5. Configuring and FTP clients

a. Default Clients
b. 3rd party Clients

16
16
18

6. FTP session
a. FTP session Demonstration
b. FTP commands

19
19
20

7. Limitations of FTP

21

8. Other FTP like Protocols

21

9. Appendix I - FTP Service Result Codes

22

Introduction
FTP stands for "File Transfer Protocol."It is a protocol for transferring files from one
computer to another over a network connection (internet or Intranet).
FTP is a commonly used protocol for exchanging files over any TCP/IP network
(Internet or intranet). Any company or individual programmer is able to create FTP
server or client software of ones own as the protocol is an open standard. There are
many existing FTP client and server programs available. But I would be focusing
upon two widely used FTP Programs later in this Document viz WS_FTP and CUTE
FTP.
The base specification of FTP is RFC 959 and is dated October 1985. FTP was one of
the first efforts to create a standard means of exchanging files over a TCP/IP network,
so the FTP has been around since the 1970's. Lately, FTP was designed with as much
flexibility, so it could be used over any computer platform, and has the capability of
exchanging files with a broad variety of machines.

Features
As we have discusses earlier, File Transfer Protocol enables file sharing between
hosts. For this to happen, FTP uses TCP to create a virtual connection to control the
information and then creates a separate TCP connection for data transfers. The control
connection uses an image of the TELNET protocol to exchange commands and
messages between hosts.
The Key Features of FTP are mentioned below:
1. Allows file sharing between any two computers that are connected (through
internet/intranet).
2. Encourages indirect (via programs) usage of remote computers. FTP, though
usable directly by a user at a terminal, is designed mainly for use by programs.
3. Shields a user from variations in file storage systems among hosts
4. Transfers data reliably and efficiently.

Architecture
Before getting into the architecture, lets focus on how the FTP session gets
established. One computer requests a file from another computer. The second
computer fullfills the request made by the first computer. The requests can be like
uploading the file, downloading a file, moving, copying or deleting a file. This
information must give you a vague idea of how the FTP works. Now lets take a look
at the architecure of FTP in detail.

The Client/Server Architecture

FTP has a Client/Server architechture. In an FTP session there are two computers
involved: a server and a client. The FTP server, which runs the FTP server software,
and listens to the network for connection requests from other computers. The client
computer, runs the FTP client software, initiates a connection to the server. Once the
connection is established, the client can perform uploading files to the server,
download files from the server, rename or delete files on the server and so on. Any
computer platform supports the FTP protocol which allows any computer connected
to a TCP/IP based network to manipulate files on another computer on that network
regardless of which operating systems are involved (if the computers permits FTP
access).
As discussed in the previous paragraph we can conclude that it is always the client
that initiates an FTP session with the FTP server. If there is no proper understanding
of the FTP architecture, there is a very possibility that you might come across a
situation where an FTP server initiates an FTP session with another FTP server. Take a
look at the diagram below:
1
System A

System B
2
System C

Figure
In this figure, as you can see, there are three systems involved.
1. System A which is the client for system B is initiating a session.
2. System B which is a server for system A, is a client for system C and is initiating
a session.
With this Illustration, it is clear mentions that one system can take up the role of a
client and server at the same time. The role of a system can change depending on
which computer has initiated the session.
4

Data Connections
In an FTP session, there exist two connections between the client and the server. They
are Control connection and Data connection. The Control connection takes the
responsibility of establishing and maintaining the FTP session where as Data
connection is to provide a smooth path for the data to be transmitted in the session
where control connection takes care of problems that occur due to firewalls, routers,
proxies which want to restrict or delegate TCP connections.
FTP does not mandate a particular port number or a direction that a data connection
uses. The easiest solution would be to mandate all data connections originate from
the client machine and terminate at port 20 on the server machine. Instead, for
maximum flexibility, the protocol allows the client to choose one of two methods:
1. Active data connection and
2. Passive data connection
Active data connection
This is the default way of transmission in an FTP session. In this kind of a session, the
client requests the server to originate a data connection and terminate at an IP address
and port number of the client's choosing. The below diagram illustrates in more detail
about this connection.

Server
Port 20
Data

Client
Port 21
Cmd

Port 1026
Cmd

Port 1027
Data

1
2
3
4
Figure
1. Client request to open an FTP session on port 1027 from port 1026.
2. Server Acknowledgment.
3. Server connecting to port 1027 of the client (as per the request).
4. Client is starting up an FTP session with the server.
Passive data connection
This is the alternate way for the clients to establish an FTP session with the FTP
server in order to avoid problems with the routers and firewalls. In this kind of a
session, the client requests the server to assign an IP address and port number on the
server side and the client will originate a connection to the server address.
5

Server
Port 20
Data
1

Client
Port 21
Cmd

Port 1026
Cmd

Port 1027
Data

Port 1027

2
3
4
Figure
1.
2.
3.
4.

Client requests the server for an FTP session

Server Acknowledges
Server opens a new port for the client to start the session
Client starts an FTP session at the port requested

Types of data transfers

The protocol has built-in support for two types of data transfers. They are ASCII and
Binary.
ASCII transfers are useful when the server machine and client machine have different
standards for text. For example, MS-DOS and Microsoft Windows use a carriage
return and linefeed sequence to denote an end-of-line, but UNIX systems use just a
linefeed. When ASCII transfers are specified, this enables a client to always be able
to translate the data into its own native text format.
Binary transfers can be used for any type of raw data that requires no translation.
Client programs use binary transfers unless it knows that the file to be transferred is a
text file.
The burden of deciding what transfer type to use is left to the client. Clients often
simply choose to transfer everything in binary, and perform any necessary translation
after the file is downloaded. Additionally, binary transfer is a more efficient way to
send over the network so that, both client and server need not perform the translation
of the data.

Configuring FTP server

The FTP service can be used at Enterprise level or at Domestic level. Usually, at the
enterprise level, the FTP service is installed on a server operating system like
windows 2003 or windows 2000 Server Edition in which IIS service is installed and
6

enabled. The IIS snap-in or Internet Information Service Manager are used to
configure the FTP service.

Enterprise FTP server

Before making the required files accessible over the Internet through FTP, there needs
to be certain services installed on the system (from where the files will be accessed).
The following are the services that need to be installed on the system before making
the system an FTP server
1. IIS (Internet Information Service)
2. FTP service
Now let us take a look at how to install these services on the system

Install IIS and the FTP Services

As FTP depends on Internet Information Services (IIS), IIS and the FTP Service must
be installed on the computer. The following are the steps to install IIS and FTP
Services on a Windows 2003 system:
1. Click Start, point to Control Panel, and then click Add or Remove Programs.
2. Click Add/Remove Windows Components.
3. In the Components list, click Application Server, click Internet Information
Services (IIS) (but do not select or clear the check box), and then click Details.
4. Click to select the following check boxes (if they are not already selected):
a. Common Files
b. File Transfer Protocol Service
c. Internet Information Services Manager
5. Click to select the check boxes next to any other IIS-related service or
subcomponent that you want to install, and then click OK.
6. Click next to proceed
7. When you are prompted, insert the Windows Server 2000/2003 CD-ROM into
the computer's CD-ROM or DVD-ROM drive or provide a path to the location of the
files, and then click OK.
8. Click Finish.
Now that we have installed the components, which are required to run the FTP server,
let us see how to create and configure an FTP site.

Creating an FTP Site with user Isolation:

When an FTP Site is configured with User isolation, only the active directory users
have the right to access their Home directory only in the FTP site. Here is how we can
configure the FTP site with user Isolation:
1. In IIS Manager, click the local computer, right-click the FTP Sites folder,
point to New, and click FTP Site.
2. In the Welcome to the FTP Site Creation Wizard, click next.

3. In FTP Site Description, type a description for the FTP site, and then click
next.

4. In IP Address and Port Settings, type an IP address for the FTP site and port
number, which is defaulted to 21 (can be changed), and then click next.

5. In FTP User Isolation, click Isolate users using Active Directory, and then
click Next.
8

6. In the User name text box, type the user name, using the Domain\User
format, or browse to the user name. In the Password text box, type the
password of the user. In the Enter the default Active Directory domain text
box, type or browse to the default domain name

(This user name is used to access Active Directory and read the home directory properties.)

7. Click Next. You are prompted to re-enter the password for the user entered
in the previous steps

8. Enable the Read and Write permissions as appropriate, and then click Next,
and click Finish
9

Configure The FTP Site with anonymous access

Unlike Isolated users, Anonymous access allows any user to access the FTP site.
Minimum details of the site user (like email address) can collected while the user is
opening the site. Here are the steps to configure the FTP site with anonymous access:
1. In IIS Manager, click the local computer, right-click the FTP Sites folder,
point to New, and click FTP Site.
2. In the Welcome to the FTP Site Creation Wizard, click next.

3. In FTP Site Description, type a description for the FTP site, and then click
next.

10

4. In IP Address and Port Settings, type an IP address for the FTP site and port
number which is defaulted to 21 (can be changed), and then click Next

5. In FTP User Isolation, click any of the first two options for anonymous
access as per the requirement. If the option Do not isolate users is selected
then the FTP users can access the home directories of the other FTP users with
is not the case with the other option Isolate Users and then click Next.

11

6. In the FTP Site Home Directory, Choose the Path of the directory that you
want to load into the site

7. Enable the Read and Write permissions as appropriate, and then click Next, and
click Finish

Changing the access permissions of the FTP Site

To Configure the FTP Service to allow only anonymous connections, follow these
steps:
1. Open the IIS snap-in, expand <Server_name> , expand FTP Sites, rightclick Default FTP Site, and click Properties.
2. Click the Security Accounts tab and select the Allow Anonymous
Connections check box (if it is not already selected), and then click to select
the Allow only anonymous connections check box.

12

3. Click the Home Directory tab and select the Read and Log visits check
boxes (if they are not already selected), and then click to clear the Write
check box so that the anonymous users do not have any other access except
for Read

4. Click OK and Quit IIS snap-in.

The above-mentioned procedure is in an enterprise environment for Anonymous
access of the FTP server. Some enterprises prefer to have a login before they can
actually get into their network through FTP for which they need to create users. Now
let us take a look at how to make a PC an FTP server:

Home FTP server

A home FTP server is useful to anyone who wants to save and retrieve files on their
computer from anywhere. If you have a personal FTP server then you can reach your
computer from any place.

13

Prerequisites
The prerequisites to make a PC an FTP server are:
1. A Windows PC
2. An always-on broadband (DSL or cable) Internet connection, preferably with a
static IP
3. An FTP Server Application software.
Yes, to make a PC an FTP server we dont need to have a Server operating system (to
install IIS and FTP services and configuring FTP sites on it). The preferable option
would be to choose and download software from a variety of FTP Server Application
Softwares that are available in the Internet that best suites your requirement. No
matter which software you install the procedure for configuring the software would
remain the same however there will be some differences in the steps involved. So, it
would be a better idea for me to explain the procedure rather than explaining the steps
for each one.

Procedure for configuring an FTP site

The following describe how to configure the FTP Server Software:
Step 1: Download and install an FTP Server Application
There are a lot of FTP server applications that have a simple to use interfaces. The
latest versions of these applications add more security through SSL support. Some of
the FTP server applications provide personal versions that allow two FTP logins,
which is completely free.
There are several levels of pricing and editions, and you can download a which ever is
suitable for your requirement
Step 2: Complete setup and create a user logins (the procedure differs from various
applications
Step 3: Grant proper rights to drives that make up the FTP space
Step 4: Be sure you have outside access to your new FTP server
If you have many devices in the home network that use the same broadband then it is
necessary to create an entry for packets requesting through port 21 to your home
computer, which is configured as FTP server.
Step 5: Test the site
The last thing to be done is to test your FTP server by firing up a FTP client (e.g. IE in
your FTP server) and try connecting to your own server.
14

FTP Clients
FTP clients are the applications, which enable the user to communicate with the FTP
server. With out an FTP client, it is not possible to connect to the FTP server. There
are a lot of FTP client software available in the Internet that have various flavors and
features. At the same time Windows also has some in-build FTP clients. First we will
take a look at the in-build FTP clients in windows and later on we will discuss about
the 3rd party FTP clients that available on the Internet.

Built-in FTP clients in Windows

There are two applications in windows that can be configured to gain FTP access.
They are
1. Internet Explorer
2. FTP.exe (accessible through MS-DOS)
Now lets us see how to configure these applications and how to use these applications
for FTP access.

Internet Explorer
As we all know that this application is used for browsing the web sites (http:// sites
through port 80), we can also make some changes and get this application working for
FTP sites as well. This application provides a GUI interface to the FTP server where
in you would be able to see the folder icons.
15

Configuring IE to allow FTP browsing:

1.
2.
3.
4.
5.

Open Internet Explorer

On the Tools menu, click Internet Options
Click the Advanced tab
Under Browsing, click to clear the Enable folder view for FTP sites check box
Click to select the Use Passive FTP (for firewall and DSL modem
compatibility) check box
6. Click OK.
Note: IE behaves as a Standard mode FTP client if you select the Enable folder view
for FTP sites check box, even if you also select the Use Passive FTP check box. If you
clear the Enable folder view for FTP sites check box and then select the Use Passive
FTP check box, Internet Explorer behaves as a Passive mode FTP client.

Accessing FTP sites through Internet Explorer

To access an FTP site through Internet Explorer, you need to know either the domain
name or the IP address of the FTP site that you want to access. Then in the URL line
of the IE key in
ftp://<domain-name> or ftp://<IPaddress>
After typing in the URL the browser would show you the folder view of the files and
folders in the FTP storage site. Here the user would be able to copy, rename, modify
or delete the files (as per the user permissions).

FTP.exe
This is an executable file that gets installed by default in all windows client and server
operating systems. Through this executable file, we get the CUI interface of the FTP
site, where we need to use all the FTP commands to perform operations in the FTP
session (which are mentioned in the next section).
To run this executable file, it can be opened from the folder %systemroot%/system32
where you can file this file ftp.exe. It can also be run from the command line by
simply typing in ftp.
Once the ftp window opens you can see the CUI interface with an FTP prompt as
shown below

16

With this we have just opened the FTP client application. Now we need to connect to
one of the FTP servers. To create a connection to an FTP server we need to use the
Open command as follows
Ftp> open <ipaddress/domain name of the FTP server> <enter>
This command would create a connection. Here on, we can start off with the FTP
commands and do the necessary manipulations of fetching or uploading or deleting or
modifying the files.

3rd party FTP Client applications

FTP client applications do the same job as the default FTP applications. The
difference is that these 3rd party client applications are much more sophisticated, easy
to use and rely upon when compared to default applications. For example IE is mainly
used to browse web sites and everybody is not comfortable using the FTP.exe as it is a
command line interface. So, it is a better idea to opt for a 3rd party Client application,
which is user friendly and support more features for the protocol.
There are a lot of 3rd party Client applications available on the Internet. You can
download any 3rd party application that suites your requirement and your comfort
level. Let me name some popular 3rd party applications.
1.
2.
3.
4.

FTP explorer
Smart FTP
WS_FTP:
http://www.ipswitch.com/Products/WS_FTP/
Cute FTP:
http://www.cuteftp.com/cuteftp/

Once you have chosen an FTP client, the profile or configuration values for your
client will need to be set. The steps to reach these settings vary depending on the FTP
client you decide to use and some FTP clients may use different terminology. So, it is
recommended to go through the users guide of that particular Client application
before you begin the configuration.
17

In the FTP client, we need to setup the following values:

1. Host address / server name: ftp.yourdomain.com
2. Username: this is the primary username for you account
3. Password: this is the primary username's password

FTP session
Till now we have discussed about installing and configuring FTP sites. Now in this
section I would like to focus on how to start off with an FTP session from a basic FTP
client MS-DOS (that every body is familiar with). If you are using a 3rd party GUI
FTP client, at the background the client would be using the same commands that the
user would be using in classic FTP clients like MS-DOS or a Unix Shell.
The protocol is interactive, because clients and servers actually have a conversation
where they authenticate themselves and negotiate file transfers. In addition, the
protocol specifies that the client and server do not exchange data on the conversation
channel. Instead, clients and servers negotiate how to send data files on separate
connections, with one connection for each data transfer. Note that a directory listing
is considered a file transfer.

FTP session Demonstration

When using FTP, users use FTP client programs rather than directly communicating
with the FTP server. Here's an example using an ftp program, which is usually
installed in windows as FTP.exe in system32 folder (and at /usr/bin/ftp on UNIX
systems). The items the user types are in big letters.
ftp> open ftp.example.com
18

Connected to ftp.example.com (172.16.0.1).

220 Hello, this is the Acme Mail Service.
Name (ftp.example.com): uname
331 Password required to access user account uname.
Password: password
230 Logged in.
ftp> cd /home/bills
250 "/home/Bills" is new working directory.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for <path>.
-rw-r--r-- 1 ftpuser ftpusers 14886 Dec 3 15:22 file1.TXT
-rw-r--r-- 1 ftpuser ftpusers 317000 Dec 4 17:40 file2.TXT
226 Listing completed.
ftp> get file2.TXT
local: file2.TXT remote: file2.TXT
200 PORT command successful.
150 Opening ASCII mode data connection for file2.TXT.
226 Transfer completed.
317000 bytes received in 0.0262 secs (1.2e+04 Kbytes/sec)
ftp> quit
221 Goodbye.
In the above example the client is requesting an FTP session with the FTP site
ftp.example.com. Then the user would give his login credentials i.e. the username
and password. If the user has the right to open an FTP session, the user will be
allowed to login otherwise the session would end leaving an Access Denied message.
After providing the login credentials the session would begin and the user can
download/upload files from/to the FTP server by using the FTP commands.

FTP Commands
FTP allows users to browse the file much like you would with a regular MS-DOS
prompt. An FTP session contains is a sequence of one or more transactions. Each
command is considered as a transaction between the client and the server. Below are
the commands that can be used to communicate with the FTP server:
! - Runs the specified command on the local computer
? - Displays descriptions for ftp commands
Append - Appends a local file to a file on the remote computer
ASCII - Sets the file transfer type to ASCII, the default
Bell - Toggles a bell to ring after each file transfer command is completed (default =
OFF)
Binary - Sets the file transfer type to binary
Bye - Ends the FTP session and exits ftp
Cod - Changes the working directory on the remote computer
Close - Ends the FTP session and returns to the command interpreter
Debug - Toggles debugging (default = OFF)
19

Delete - Deletes a single file on a remote computer

Dir - Displays a list of a remote directory's files and subdirectories
Disconnect - Disconnects from the remote computer, retaining the ftp prompt
Get - Copies a single remote file to the local computer
Glob - Toggles filename globbing (wildcard characters) (default = ON)
Hash - Toggles hash-sign (#) printing for each data block transferred (default = OFF)
Help - Displays descriptions for ftp commands
Led - Changes the working directory on the local computer
Literal - Sends arguments, verbatim, to the remote FTP server
ls - Displays an abbreviated list of a remote directory's files and subdirectories
Mdelete - Deletes one or more files on a remote computer
Mdir - Displays a list of a remote directory's files and subdirectories
Mget - Copies one or more remote files to the local computer
Mkdir - Creates a remote directory
Mls - Displays an abbreviated list of a remote directory's files and subdirectories
Mput - Copies one or more local files to the remote computer
Open - Connects to the specified FTP server
Prompt - Toggles prompting (default = ON)
Put - Copies a single local file to the remote computer
Pwd - Displays the current directory on the remote computer (literally, "print working
directory")
Quit - Ends the FTP session with the remote computer and exits ftp (same as "bye")
Quote - Sends arguments, verbatim, to the remote FTP server (same as "literal")
Recv - Copies a remote file to the local computer
Remotehelp - Displays help for remote commands
Rename - Renames remote files
Rmdir - Deletes a remote directory
Send - Copies a local file to the remote computer (same as "put")
Status - Displays the current status of FTP connections
Trace - Toggles packet tracing (default = OFF)
Type - Sets or displays the file transfer type (default = ASCII)
User - Specifies a user to the remote computer
Verbose - Toggles verbose mode (default = ON)
The server replies are specially formatted to contain a 3-digit result code first,
followed by a space character, followed by descriptive text. The recommendation
would be to rely upon the numeric result code, because most of the times, the
descriptive text keeps varying. Take a look at Appendix-I for the result codes and the
descriptive text.

Limitations of FTP:
1. Passwords and file contents are sent in clear text, which can be intercepted by
easily. There are protocol enhancements that override this disability.
2. More than one TCPIP connection is used to transfer data.
3. In active mode where the Client opens a port for data communication, it is
difficult for the firewall to filter traffic on the client side, resulting less number
20

of chances for a successful data communication. This problem is usually

resolved by using passive mode.
4. When using an FTP connection, the FTP server sends data to an arbitrary port
of a third computer, which can be possible a treath to the FTP server.
5.

FTP is a high latency protocol.

6.

No integrity check on the receiver side. It becomes mandatory to manage this

externally by usinig MD5 sums or cyclic redundancy checking.

7.

No error detection. FTP relies on the underlying TCP layer for error control,

Other FTP-like protocols

Like FTP there are other protocols that function almost the same way as FTP does.
Some of the protocols that I can recollect of are as follows:
FTPS
SCP
SFTP
SH-FTP
TFTP

- FTP run over SSL (secure socket layer)

- a protocol running over SSH
- Simple File Transfer Protocol
- a protocol running over SSH
- Trivial File Transfer Protocol

Appendix I
FTP server result codes
100 Series
110
120
125
150
200
202
211
212
213
214
215
220
221
225
226
or file abort).
227
230
231
232
250

: The requested action is being initiated; expect another reply before proceeding with
a new command.
: Restart marker reply. In this case, the text is exact and not left to the particular
implementation.
: Service ready in nnn minutes.
: Data connection already open; transfer starting.
: File status okay; about to open data connection.
: Command okay.
: Command not implemented, superfluous at this site.
: System status, or system help reply.
: Directory status.
: File status.
: Help message. On how to use the server or the meaning of a particular non-standard
command. This reply is useful only to the human user.
: NAME system type. Where NAME is an official system name from the list in the
Assigned Numbers document.
: Service ready for new user.
: Service closing control connection.
: Data connection open; no transfer in progress.
: Closing data connection. Requested file action successful (for example, file transfer
: Entering Passive Mode (h1,h2,h3,h4,p1,p2).
: User logged in, proceed. Logged out as appropriate.
: User logged out; service terminated.
: Logout command noted, will complete when transfer done.
: Requested file action okay, completed.

21

257
331
332
350
421
425
426
450
451
452
500
501
502
503
504
530
532
550
551
552
553

: "PATHNAME" created.
: User name okay, need password.
: Need account for login.
: Requested file action pending further information
: Service not available, closing control connection. This may be a reply to any
command if the service knows it must shut down.
: Can't open data connection.
: Connection closed; transfer aborted.
: Requested file action not taken.
: Requested action aborted. Local error in processing.
: Requested action not taken. Insufficient storage space in system.File unavailable
(e.g., file busy).
: Syntax error, command unrecognized. This may include errors such as command
line too long.
: Syntax error in parameters or arguments.
: Command not implemented.
: Bad sequence of commands.
: Command not implemented for that parameter.
: Not logged in.
: Need account for storing files.
: Requested action not taken. File unavailable
: Requested action aborted. Page type unknown.
: Requested file action aborted. Exceeded storage allocation (for current directory or
dataset).
:Requested action not taken. File name not allowed.

22