File Transfer Protocol has been around since 1971. It's popular, but it has some important caveats to be aware of.
- [Instructor] One of the oldest services or protocols for transferring data between networked computers is FTP, or File Transfer Protocol. FTP became popular because it's fairly easy to set up, even easier to use, and it's widely supported. But it has almost no security. FTP was very popular on the early internet among businesses who needed to share files with others and especially for software distribution sites, legitimate and otherwise. Organizations like Walnut Creek CDROM were popular distributors of freeware and shareware in the 90s driven in large part by how easy it was for users to connect to their servers and download software with just a basic FTP client and usually no username or password.
Because it has little to no security to contend with, FTP is fine for this kind of software distribution, and sometimes it's used for distribution of driver files from computer or hardware manufacturers. Many Linux distros also offer installation images via FTP, and a lot of governmental organizations like NASA use FTP to allow downloads of public and scientific data. Organizations might choose to host their files on FTP to make automated retrieval of data easier than scraping a website. Some companies use FTP as a dropbox for customers or clients to send them information too.
You can think of FTP as a sort of lowest common denominator for file transfer between organizations. It works, and that's about it. It should never be used for sensitive files unless they're encrypted. And with the rise of other file services like Box, Dropbox, Google Drive, Amazon Cloud Drive, and more enterprise-focused solutions like Aspera, the use case for FTP is diminishing. There will always be edge cases and legacy cases where FTP is an okay choice. But if you're planning to implement FTP, be sure to consider the security implications of doing so.
FTP works on a client/server model. So in order for communication to happen, one system needs to be running an FTP server application or daemon. The server software listens on TCP port 21 by default and provides access to data on the server when clients connect to it using FTP client software. An FTP client can both send and receive information depending on the settings and controls specified on the server. Most FTP servers you'll come across these days only offer download capability and will reject any data uploaded to them.
FTP servers can operate in either active or passive mode. Passive mode is the most common because it tends to work better through firewalls with NAT, or Network Address Translation, which is extremely common on home and organization networks. Passive mode works by having the client request data from the server using an unprivileged port on the firewall to allow data to flow in from the server, the same way a client computer requests data from a web server. Active mode, on the other hand, pushes data from the server to the client. So if there's a firewall in between, it just sees this as an unauthorized connection attempt and blocks it.
There are also a few different types of transfer that the FTP protocol defines. There are ASCII, binary, and a few other less common types, EBCDIC text and custom protocols. ASCII mode transfers data as ASCII characters, text characters in a particular encoding regardless of what the source file is. As you can imagine, this only works correctly when the source data is ASCII text which may have been common at one point but that's no longer the case. Binary mode transfers streams of bits, so it doesn't care what the files being transferred contain.
Binary mode is the default for most FTP installations these days because there's not really any benefit to transferring in another mode. But if you're getting weirdly corrupted downloads, that's something to check. Make sure you're using binary mode, not ASCII. FTP servers enforce username and password security or they can be left open for anonymous use. And some more advanced FTP server software can enforce storage limits or quotas in a multi-user scenario to prevent one user from uploading too many large files and consuming all the shared space. But unless you configure some kind of additional security, your username, password, and the data are sent in clear text.
We'll take a look at security later on. But first, let's set up an FTP server.
- Configuring an FTP server
- Securing an FTP server
- Managing users and access
- Troubleshooting FTP problems
- Working with Samba and CIFS/SMB
- Adding a group file share
- Connecting to a share on a Windows domain
- Working with NFS
- Mounting an NFS share at boot