Internet Publishing - PPI

"Materials used in this course are the property of the author. These lessons may be used only by course participants for self-study purposes. Application for permission to use these materials for other educational purposes such as for teaching or as a basis for teaching should be directly submitted to the author."

Lesson 10: FTP Technology

This lesson deals with file servers based on FTP - File Transfer Protocol. This service is not described in the he textbook, and this lesson is therefore given in a more "textbook" format than the other lessons. Much of the material is taken from the book: Managing INTERNET Information Services, by Liu, Peek, Jones, Buus & Nye, published by: O'Reilly & Associates.

Contents:

10 FTP Service
10.1 Access to the archives
10.2 Security
10.3 FTP Server
10.3.1 The Server Program
10.3.2 The Archive
10.3.3 Rights - Access to Directories
10.4 FTP Client
10.4.1 Transfering
10.4.2 Saving or Displaying of Files
10.5 FTP Protocol
10.5.1 User Commands
10.5.2 Protocol Commands
10.6 Exercise
10.6.1 Downloading FTP Servers
10.6.2 Setting Up the Server
10.6.3 Simple HTML Test

10 FTP Service

Enquiries to FTP sites make up most of the traffic, by volume, on the Internet. Statistics from the US in 1994 show that 36 percent of all traffic on the Net was FTP traffic.

FTP is also one of the most widespread services, almost all machines connected to the Internet run either a client, a server or both.

FTP stands for File Transport Protocol and is also the protocol used by a file transfer service which transfers files between client and server. The service itself is often called FTP.

FTP transfers files in general, without regard to the files' contents. They can be text files, images, sound, program code - anything at all.

10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.1 Access to Archives

There are two types of access to files on a FTP server:

1. User FTP
   This is an access method where the user must have his own account on the machine running the FTP server. There is a password connected to the user's account which the user must enter in order to gain access to the archive. The users can download files which they have read access to and write files to the directories to which they have write access. Access rights for reading and writing work in the same manner as they would if the user was logged onto the server locally. However, as an FTP user, it is impossible to run general commands to the operating system - only the functions which the FTP service offers. These functions include listing of files and reading and writing of files as well as commands for moving around the directory tree.
2. Anonymous FTP
   This is an access method for open access to the archive. Here, everyone can log in using the userid anonymous or ftp. It is not necessary to give a password in order to gain access to the archive. However, it has become customary to enter one's e-mail address as the password. The person running the service can then check his log to find out who has used the archive and, if they wish, write to the users. Anonymous FTP is, therefore, the most interesting of these two types when dealing with open publishing.

10.1 Access to Archives 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.2 Security

User FTP can constitute a security risk. This may at first sound incomprehensible because a password is required. However, because a distant user gives a password means that users operating between the two machines can, in principle, trap the password since it is sent unencrypted through the network. With such a password, it would be possible to log in on the same machine using Telnet - and therewith have regular user access to the machine.

For Anonymous FTP, a special area is set up to which the users have access. This does not give them access to the entire directory tree on the machine.

FTP archives can contain all kinds of file types. This is one of the strengths of the FTP archive - but unfortunately, it is also one of its threats. This characteristic makes it very easy for anonymous users to upload "unlawful" files without having to identify themselves - and it would be a big undertaking to check all the files which are uploaded. These "illegal" files can be pirate copies of software, or data files with undesirable/illegal contents (i.e. pornography).

10 FTP Service 10.1 Access to Archives 10.2 Security 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.3 FTP Server

Most FTP servers run on UNIX machines, and the description provided here will try to reflect this, even though the exercises in this lesson are based on MS Windows servers.

The FTP server consists of two parts, the server program and the archive.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.3.1 Server Program

The server program normally has functions for

• checking user access: This consists of allowing anonymous logins without password if this is permitted, as well as confirming the password for defined users. See also indirect access which provides a way to define one's own FTP users.
• listing the files in a directory
• sending one or several files to the client
• receiving one or more files from the client

Some FTP servers have additional characteristics which make it possible to:

• use indirect access. This is an extra login with password after an anonymous login. The purpose for doing this is to offer access to different parts of the archive. The users defined here are special FTP-users (in contrast to the ordinary FTP-user access - where the users are the same users as the defined unix-users)
• compression or decompression of files before transfer. This can be used in several different ways. We use compression, of course, to reduce transfer time, and this especially relevant with regard to modem connections (which go slowly). But, servers can also compress files to save disk space. One last application undertakes decompression before sending the file to the client. This may seem illogical, but can be relevant when the client is working on a different platform (i.e., MS-DOS) than the server and when the server has use a compression method not installed in the client.
• to limit the number of simultaneous users in an orderly manner; that is, that new users receive a sensible message that there is too much traffic on the server at the moment.
• to make a controlled closing of the server. If it is needed to shut down the FTP-service, new users are turned away and current users are given a message asking them to sign off the service in a controlled manner, before closing the service.

A UNIX implementation which has these additional characteristics, and which is freely accessible, is Washington University's FTP Deamon, WU Archive FTP.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.3.2 The Archive

For UNIX systems there are some rules for how the directory structures for FTP servers should be built. This is applicable for especially for the programs which make up the commands and the password file for the server. UNIX has a user defined as ftp. With anonymous logins the FTP server uses the ftp user's log-on directory as the root directory for the FTP server. Under this directory there should now be the following directory structure:

bin

This directory should contain all programs that ftpd needs.

etc

This directory contains the password file passwd which ftpd uses to control access to files.

pub

The files which shall be made accessible to the outside world are placed in this directory. It is normal to set up the directory structure such that the files are divided into logical subdirectories, making it easy for the users to find needed files.

For MSWindows based FTP servers, it is usual to assign each user his own start (or root) directory.

Often, we find separate directories for distribution and for incoming files. See below.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.3.3 Rights - Access to Directories

Most FTP servers have the capability to differentiate between the rights each user has.

For directories used for distribution, for example, dist, users do not usually have write access. This is also true for pub directories. This is done to ensure that no one switches out the files intended for distribution.

If we wish to let the users add files, upload, they must be given write access to the appropriate directory, for example, incoming. It might be wise to close incoming for reading and even for listing of filenames. If this is not done, others will be able to voluntarily write over files in the directory. It is common for a user uploading files to such a directory, to send e-mail to the administrator of the FTP archive and ask that these files be made accessible. The administrator can then check the files and copy them over to the appropriate directory and therewith control the contents of the archive.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.5 FTP Protocol 10.6 Exercise

10.4 The FTP Client

There are many different FTP clients. Some are terminal oriented, with a given command set. Others are based upon a graphical interface. The clients are equipped, in different degrees, with capabilities to displaying the files which are transferred. Do we need to take this into account when installing and administering the FTP server? Actually, no, but it would be a good idea to be able to compare the suitability of a FTP archive against the transfer of files with the HTTP protocol which is used by WWW clients.

Steadily, more and more are using WWW clients which support both http and for the ftp protocol. This means two things:

1. More information will be placed out on the Internet for transfer by HTTP protocol.
2. HTTP is created especially with the thought of transferring files in HTML format, but can also be used for other formats as well.

So, if I am running a web-server, and I also want to offer a general file distribution service, what should I choose:

1. should I run a ftpd (FTP server) in addition to the web-server?
2. should I use HTTP (web-server) for sending everything?

In order to find the answer to this question, the following aspects must be looked at:

1. If I am planning to run a FTP server in addition, will I be able to service both pure FTP clients and clients which handle several protocols (i.e. Netscape).
2. By running a FTP server, I can use the security mechanisms which this server offers, with regard to setting access rights, compression, etc.
3. If I wish to receive files for follow-up publishing, the FTP is the best alternative. (Uploading files in HTTP is is possible, but not very developed.)

Graphical clients will in larger or smaller degrees utilize the capabilities offered by the FTP protocol, when these run a standard selection of the FTP protocols's capabilities, for example menus. Users very familiar with FTP (and UNIX) probably will prefer a terminal based interface, while MS Windows users will prefer a graphical client.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.4.1 Transfering

Transferring files to or from the client can occur in two ways:

1. Transfer of text files. In this mode 7-bit ASCII code is transferred. This form is actually only suited for transferring English files, those with just ASCII characters.
2. Transfer of binary files: In this mode all 8 bits per byte will be transferred. We, then, can transfer all kinds of file formats.

On terminal based clients, there are commands for switching between these two modes. In the graphical interface, there exists (hopefully) a menu selection or radio button to choose the transfer form. The standard value for a server not otherwise notified, is to use the 7-bit transfer method. (Just the same, clients can send the command for binary transfer as default.)

Additionally, it is possible to choose to transfer several files at once, mget and mput in the terminal based interface for FTP. For graphical clients this is done by marking several files, and thereafter choosing the transfer function. This function varies for client to client. Some have a button with an arrow showing direction for transfer, others use "drag and drop" techniques between windows.

FTP is based upon TCP, and that means that there is a mechanism to ensure that the files' contents do not contain errors.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.4.2 Saving or Displaying Files

A standard terminal based FTP client will save received files in its own file system.

Some clients can be set up to start viewers (display programs) which displays certain file formats. Associations must be set up between the file types and viewers? Example: If a filename ends with .txt or .text, we may assume that this is a textfile. If possible the ftp-client could be set up to start a textviewer to display this file for the user.

Some programs are combined viewers and transfer clients. Netscape is an example. Netscape will display the contents of a transferred file if the file has a format recognized by Netscape. These can be, for example text files or html files. HTTP uses the MIME standard to announce the file type, FTP does not - it has to use the file name.

If files are transferred which the transferring program can not display, a natural choice (or suggestion) will be save to file for the client. Alternatively, the technique with associations, which calls the appropriate viewers, can be employed.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.6 Exercise

10.5 FTP Protocol

It may be useful to know a little more about the FTP protocol when planning to run a FTP server because the log from the server is printed out with the commands and any responses which are used by this protocol. It may be wise to differentiate between:

1. User commands: These are commands which we normally find in a terminal based (often UNIX) FTP client. Corresponding user functions can be found in menus or other selection objects in graphical interfaces.
2. Protocol commands: These are commands which are standardized (RFC959) in the protocol between client and server - the commands to which all implementations must conform.

The figure shows these relationships:

A FTP server can service many clients simultaneously. The FTP server receives requests from the clients at TCP port number 21. After such a request, a program is set up which communicates with the client over an available TCP port. In this way, the FTP server is again ready to service new requests at port 21.

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 FTP Client 10.5 FTP Protocol 10.6 Exercise

10.5.1 User Commands

Common user commands include file system operations. The example below applies to the FTP client on UNIX System V/386 Release 3.2:

ftp>?
Commands may be abbreviated.  Commands are:
!               debug           mget            quit            site
$               dir             mkdir           quote           size
account         disconnect      mls             recv            status
append          form            mode            reget           struct
ascii           get             modtime         remotehelp      sunique
bell            glob            mput            remotestatus    system
binary          hash            newer           rename          tenex
bye             help            nlist           reset           trace
case            idle            nmap            restart         type
cd              image           ntrans          rhelp           umask
cdup            lcd             open            rmdir           user
chmod           ls              prompt          rstatus         verbose
close           macdef          proxy           runique         ?
cr              mdelete         put             send
delete          mdir            pwd             sendport
ftp>

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise

10.5.2 Protocol Commands

The FTP commands we will look at here are not the user commands above, but the commands which apply for the TCP connection in the protocol at port 21 between client and server, see the figure above. The commands and replies here are defined with ASCII characters and end with CR, LF. The clients will generate one or more protocol commands from the user commands in order to fulfill the user's wishes.

FTP commands consist of 3 or 4 ASCII characters (Uppercase) with the following arguments and CR, LF ending. Here are the most common FTP commands:

USER <SP> <username> <CRLF>

Sends the username to the server

PASS <SP> <password> <CRLF>

Sends the password to the server

ACCT <SP> <account-inform.> <CRLF>

Telnet string which identifies the user's account

CWD <SP> <pathname> <CRLF>

Change Working Directory

CDUP <CRLF>

Change to parent directory

SMNT <SP> <pathname> <CRLF>

Structure Mount - Mounting of a new file system

QUIT <CRLF>

Log out from the server

REIN <CRLF>

Re-initialize

PORT <SP> < i1,i2,i3,i4,p1,p2 > <CRLF>

Transfer the clients TCP and IP address: IP-address= i1.i2.i3.i4 TCP-port=256 x p1 + p2

PASV <CRLF>

Passive: commands the server to listen to the data port and wait for a transfer

TYPE <SP> <type-code> <CRLF>

States the file type: ASCII, EBCDIC, Image, Local type

STRU <SP> <structure-code> <CRLF>

States the structure: file, record, page

MODE <SP> <mode-code> <CRLF>

States the transfer modus: Stream, Block, Compressed

RETR <SP> <pathname> <CRLF>

Retrieve a file from the server to the client

STOR <SP> <pathname> <CRLF>

Store a file from the client to the server

STOU <CRLF>

Store Unique: save to a file not originally found in the directory

APPE <SP> <pathname> <CRLF>

Append: Add to a file which exists from before

ALLO <SP> <decimal-integer>[<SP> R <SP> <decimal-int>] <CRLF>

Allocate: set aside space

REST <SP> <marker> <CRLF>

Restart: start file transfer again

RNFR <SP> <pathname> <CRLF>

Rename from filename???

RNTO <SP> <pathname> <CRLF>

Rename to a new filename

ABOR <CRLF>

Abort the last FTP command and any transfers underway

DELE <SP> <pathname> <CRLF>

Delete: Remove a file on the server

RMD <SP> <pathname> <CRLF>

Remove Directory

MKD <SP> <pathname> <CRLF>

Make Directory

PWD <CRLF>

Print Working Directory

LIST [<SP> <pathname>] <CRLF>

List files or directories

NLST [<SP> <pathname>] <CRLF>

Named List: lists filenames

SITE <SP> <string> <CRLF>

The server can send information about itself

SYST <CRLF>

Command to ask the server to state its operating system

STAT [<SP> <pathname>] <CRLF>

Send Status

HELP [<SP> <string>] <CRLF>

The server is asked to send help information

NOOP <CRLF>

No Operation - The server generates an OK answer

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol

10.6 Exercise

In this exercise, you will download a FTP server which can run on your local machine.

10.6.1 Downloading FTP Servers

I have used WinFTP which is a server under MS Windows. Download this server, or find another if you are running another operating system.

• Description of WinFTP Windows 3.x version
• Direct downloading for Windows 3.x.
• Description of Windows95/32-bits version
• Direct downloading of 32-bits version
• (The files are also on my practice machine)

Unpack the server in its own directory. Read the information about the file ctl3v2.dll in the README.TEXT file and copy this if necessary.

10.6.2 Setting Up the Server

Create a start directory for your FTP-archive. Set up your FTP-server with the ability for anonymous FTP with read and list access in this directory.

Set up a log file for the FTP server.

Try out the server with your FTP client. (You could run the server and the client on the same machine. This seems unnecessary with regard to transferring files, but the reason here is to learn the principles behind FTP, of course!)

Try the following situations:

1. Log in as user=anonymous. To start with - do not limit the user to the login catalog, that is, give the user access to the entire disk. This is a particularly courageous set-up, especially if the user is allowed read and delete access.
2. Now - limit anonymous to the login directory and its subdirectories
3. Create a FTP user with password. Try to get this to work.

10.6.3 Simple HTML Test

Place some files in the login directory to anonymous, for example:

• a text (file of the type .txt)
• a document (file of the type .doc)
• a HTML file (type .htm)

Create a simple html file with the name TRYFTP.HTM for use in a web client, for example Netscape, where you create a simple text and links to these three files where you, in the URL, use the FTP protocol to download them. You must have both HTTPD and FTPD running simultaneously when trying TRYFTP.HTM.

What should be turned in: TRYFTP.HTM. Due date: 27. May 1997

10 FTP Service 10.1 Access to Archives 10.2 Security 10.3 FTP Server 10.4 The FTP Client 10.5 FTP Protocol 10.6 Exercise