Thread: How does Passive FTP work?
View Single Post
  #1 (permalink)  
Old 2005-08-13
BarryStiefel BarryStiefel is offline
Administrator
  
Join Date: 2005-08-11
Location: San Francisco, CA
Posts: 582
Rep Power: 10
BarryStiefel has disabled reputation
Default How does Passive FTP work?
How does Passive FTP work?



Regular FTP works like this:
  • Client connects to FTP Server on Port 21 (the "control" connection)
  • Client initiates a command that requires data (e.g. ls, file xfer)
  • Server opens a TCP session from itself (source port 20) to the Client

Where the client and server are only impeded by packet filters, this works fine. When FTPing through an application proxy, it is usually required that the client initiate the connection to the FTP server, not the other way around. This is also arguably more secure.

Aside from firewalls, some FTP applications (like web browsers) are designed to only use Passive mode FTP because they may use application proxies.

Passive Mode FTP works like this:
  • Client connects to FTP Server on Port 21 (the "control" connection).
  • Client tells FTP Server it wants to perform transfers in PASV mode and issues a PASV command to the remote side.
  • Server sends back the port it is listening on as part of the response.
  • Client initiates a command that requires data to the port specified in the response to the PASV request (e.g. ls, file xfer).

To summarize: the only real difference between regular and passive FTP is who opens the data connection.

Can I see an example of this?



Note: The following came from a usenet post by Brian Wheeler of Raptor Systems. You will need to use two telnet commands to simulate passive FTP,one for the control channel and one for the data channel. 1. In one window, set up the control channel and issue the PASV command to make the server listen on a random port.>>> telnet ftp.company.com 21 Trying 1.2.3.4... Connected to ftp.company.com. Escape character is '^]'. 220 ftp FTP server ready.>>> USER anonymous 331 Guest login ok, send your complete e-mail address as password.>>> PASS shorty@marian.creighton.edu 230 Guest login ok, access restrictions apply.>>> PASV 227 Passive mode entered (1,2,3,4,128,1)2. In a second window, set up the data channel (the port number to use is encoded in the "227 Passive mode entered" response). Take the last two numbers ("128" and "1" in the above example), multiply the first by 256 and add the second (128 * 256 + 1 = 32768 + 1 = 32769).>>> telnet ftp.company.com 32769 Trying 1.2.3.4... Connected to ftp.company.com. Escape character is '^]'.3. Go back to the first window and issue your data transfer command. ... PASS shorty@marian.creighton.edu 230 Guest login ok, access restrictions apply. PASV 227 Passive mode entered (1,2,3,4,128,1)>>> LIST 150 Opening ASCII mode data connection for file list. 226 Transfer complete.4. The second window will receive the data for the command (a list of files in the above example). RETR commands work similarly, as do STOR commands (except that you provide instead of receive the data for a STOR). telnet ftp.company.com 32769 Trying 1.2.3.4... Connected to ftp.company.com. Escape character is '^]'. dr-xr-xr-x 2 root sys 512 Jun 25 20:30 . dr-xr-xr-x 2 root sys 512 Jun 25 20:30 .. dr-x--x--x 2 root sys 512 Jun 25 20:30 bin dr-x--x--x 2 root sys 512 Jun 25 20:30 dev dr-x--x--x 2 root sys 512 Jun 25 20:30 etc dr-xr-xr-x 2 root sys 512 Jun 25 20:30 pub dr-x--x--x 2 root sys 512 Jun 25 20:30 usr Connection closed by foreign host. 5. Close the control channel. ... PASV 227 Passive mode entered (1,2,3,4,128,1) LIST 150 Opening ASCII mode data connection for file list. 226 Transfer complete.>>> QUIT 221 Goodbye. Connection closed by foreign host.Note: The FTP Protocol is defined by RFC 959.



-- PhoneBoy - 11 Jan 2004

FAQForm FAQs.Class: MiscellaneousFAQs FAQs.OS: FAQs.Version:
Reply With Quote