3.1 File Transfer Tools and FTP Basics

Questions and Answers

Which FTP command is used to change the working directory on the remote server?

DELE

PWD

RETR

CWD (correct)

In passive mode, the server uses which port for data transfer?

Any random port >1024 (correct)

Port 22

Port 21

Port 20

What is the purpose of the FTP command STOR?

Retrieve a file from the remote server

List the files in a remote directory

Store a file on the remote host (correct)

Change the working directory

Which FTP command would you use to abort a file transfer?

ABOR (B)

Which of the following commands is NOT used for file transfer operations?

LIST (A)

What does the FTP command RETR accomplish?

Retrieve a remote file (B)

Which command is used to terminate the FTP connection?

QUIT (A)

What does the command SIZE return?

Size of a file (A)

What occurs when a duplicate datagram is received by either side in TFTP?

A duplicate acknowledgment is generated. (A), Only the first acknowledgment is considered. (C)

What is the main issue known as Sorcerer's Apprentice Syndrome (SAS) in TFTP?

Both sides retransmitting packets on receiving duplicates (A)

In what scenario would the modification to the TFTP specification become necessary?

When duplicates of acknowledgments cause retransmission loops (B)

What modification did the TFTP specification introduce to handle SAS?

Ignore all duplicated acknowledgments after the first instance (B)

What is the primary trigger for resending a block in the modified TFTP protocol?

A timeout occurring (B)

Which layer of networking can cause loss of Ethernet frames leading to a timeout in TFTP?

Data link layer (D)

What is indicated by a timeout event during a TFTP transfer?

A failure to receive an acknowledgment in time (B)

What is the maximum size of each data block sent during a file transfer?

512 bytes (A)

What must happen before the next data packet can be sent?

Acknowledge the receipt of the last packet. (D)

What does a data packet of less than 512 bytes signal during a transfer?

The transfer has been terminated. (C)

What strategy ensures that the sender stays synchronized with the receiver?

Stop-Wait Protocol (A)

If a packet is lost in the network, what action does the intended recipient take?

Retransmit its last packet or acknowledgment. (D)

How many packets does the sender keep for retransmission under the given protocol?

One packet (B)

In the protocol discussed, which port is designated for TFTP transfer?

Port 69 (B)

What initiates the transfer process in the Trivial File Transfer Protocol?

A read request from the client. (B)

What does the Ack Block signify during the TFTP transfer process?

The server acknowledges receipt of a data block. (A)

What packet type must the server respond with after sending a data block?

Acknowledgment packet (A)

What is the purpose of the first packet sent in a TFTP file transfer?

It requests a file transfer and specifies file details. (C)

How is the end of a file indicated in a TFTP transfer?

By sending a block of less than 512 bytes. (B)

Which of the following correctly describes a TFTP DATA packet structure?

2 byte OP Code, 2 bytes, Up to 512 bytes. (C)

What type of file modes can be specified in a TFTP request?

Text or Binary (D)

What triggers the transfer in a TFTP write operation?

WRQ (Write Request) (B)

What action is taken if an error message is sent during a TFTP transfer?

The transfer is terminated. (B)

Which error code indicates that the requested file was not found?

ERROR CODE 1 (B)

In TFTP, which port is typically used by the server to receive write requests?

Port 69 (A)

What is the maximum size of a data block in a TFTP transfer?

512 bytes (D)

What happens when a data packet is lost during a TFTP file transfer?

The intended recipient times out and may resend the last packet. (D)

What occurs after sending Data Block 1 in a TFTP transfer?

Data Block 2 is sent after receiving Ack Block 1. (C)

What type of acknowledgement does TFTP use to confirm receipt of a block?

ACK with block number specified. (C)

In a TFTP process, what does 'Lost Ack (Timer operation)' refer to?

The timeout when an acknowledgment of a data block is not received. (B)

How many bytes make up the OP Code in a TFTP ACK packet?

2 bytes (C)

During a TFTP transfer, what is indicated by Ack Block n?

The completion of the last data block transfer. (C)

Which operation begins any file transfer in TFTP?

Request to read or write a file. (A)

What is the maximum size of each data block sent in TFTP?

512 Bytes (D)

What type of request is sent by the client to initiate a read operation in TFTP?

RRQ (Read Request) (A)

What action does the server take upon receiving an RRQ?

It starts sending data blocks starting with Data Block 1. (C)

What is the role of the timeout in TFTP communication?

To ensure lost packets are resent in case of no acknowledgment. (C)

Flashcards

Active Mode

A mode where the server connects back to the client on port 20 for data transfer.

Passive Mode

A mode where the client connects to a random port on the server for data transfer.

USER Command

FTP command to specify the user name during login.

PASS Command

FTP command to specify the user's password during login.

LIST Command

FTP command to list files in the current directory.

RETR Command

FTP command to retrieve or download a specified file.

STOR Command

FTP command to upload a specified file to the server.

QUIT Command

FTP command to close the current FTP connection.

TFTP

A protocol for transferring files over a network with simple commands.

Read Request Packet

A packet used to request a file transfer from the server to the client.

Write Request Packet

A packet used to request a file transfer from the client to the server.

Data Packet

Packet containing file data, includes block number and data bytes.

Acknowledgement Packet

Packet sent by the receiver to confirm receipt of a data packet.

Error Packet

Packet sent when there is an error during file transfer.

Block Number

Each block of the file is numbered consecutively starting at 1.

End of File Signal

A block of less than 512 bytes indicates the end of a file transfer.

Error Codes

Standard codes defining specific errors during TFTP operations.

TFTP Modes

Modes specify data transfer format; either Ascii or Binary.

Timer operation in TFTP

How timer functions to ensure reliable data transfer in TFTP.

Sorcerer's Apprentice Syndrome (SAS)

A bug in TFTP causing excessive duplicate transfers due to delayed packets.

Why does SAS occur?

SAS happens when both sides retransmit due to receiving duplicates.

How to fix SAS?

Modify TFTP to ignore duplicate acknowledgments after the first one.

Data Block Size in TFTP

Data blocks in TFTP transfers are typically 512 bytes each.

Timeout in TFTP

A mechanism to resend data if acknowledgment isn't received in time.

Data Block

Chunk of data transferred in TFTP, typically 512 bytes.

Ack Block

Acknowledgment block that confirms receipt of a data block in TFTP.

Write Request (WRQ)

Initiates transfer from client to server in TFTP.

Read Request (RRQ)

Initiates transfer from server to client in TFTP.

Lost Packet

When a data packet fails to reach its destination in TFTP.

Timeout

Period where the recipient waits for an acknowledgment before retrying in TFTP.

Resend

Action taken when a packet is not acknowledged within a time frame.

RFC 1350

The document that defines the TFTP protocol.

Port 69

The port used for TFTP operations like data transfer requests.

Fixed Length Blocks

Data is sent in consistent sizes, here, 512 bytes each.

Retransmit

To send a packet again if the previous one was lost.

Error Recovery

The process of restoring communication after a disruption during data transfer.

Stop-and-Wait Protocol

A method where the sender waits for an acknowledgment before sending the next packet.

Trivial File Transfer Protocol (TFTP)

A simple file transfer protocol designed for transferring files easily.

Study Notes

File Transfer Tools

• File Transfer Protocol (FTP) is a standard communication protocol used for transferring files over a network.
• FTP is based on a client-server architecture.
• FTP uses separate control and data connections.
• FTP users authenticate using a clear-text sign-in protocol (username and password).
• FTP allows anonymous connections if configured.
• Clients include command-line interfaces, graphical user interfaces (GUIs), and web browsers (ftp://).

Motivation

• Secure file transfer over the internet is necessary.
• Some legacy industrial devices only support FTP or TFTP.
• Secure firewall configuration is crucial.
• Secure management of remote devices is essential.

File Transfer Protocol (FTP)

• Uses TCP at the transport layer.
• The server listens on port 21.
• Uses separate control and data channels.
• The control channel remains open during the session for authentication and directory listing (port 21).
• The data channel supports file transfers and closes after each transfer (port 20 for Active mode, random port >1024 for Passive mode).
• Two operational modes: Active and Passive mode.

Examples of FTP Commands (Authentication)

• USER - specifies the username for login.
• PASS - specifies the user's password.

Examples of FTP Commands (Exploring files)

• LIST - lists files for a given specification.
• CWD - changes the current directory.

Examples of FTP Commands (Downloading/Uplaoding Files)

• TYPE - sets the file type (ASCII or binary).
• RETR - retrieves a file.
• STOR - uploads a file.

Examples of FTP Commands (Closing the Connection)

• QUIT - closes the FTP connection.

Examples of FTP Commands (Additional)

• ABOR - aborts a file transfer.
• CWD - changes the working directory.
• DELE - deletes a remote file.
• LIST - lists remote files.
• MDTM - returns the modification time of a file.
• MKD - makes a remote directory.
• NLST - names a list of remote directories.
• PASV - enters passive mode.
• PORT - opens a data port.
• PWD - prints the working directory.
• QUIT - terminates the connection.
• RETR - retrieves a remote file.
• RMD - removes a remote directory.
• RNFR - renames from
• RNTO - renames to
• SITE - site-specific commands
• SIZE - returns the size of a file
• STOR - stores a file on the remote host
• TYPE - sets transfer type

Active Mode (Simplified)

• Client chooses its port number for the data channel.
• The server initiates the data channel connection to the client's port.

Problem with Active Mode

• Firewalls block incoming connections to the client's port.
• The incoming port can be in range 1024 - 65,536.
• Active mode requires firewall setup to allow connections from the server to the client for data transfer.

Passive Mode

• Server chooses a port for the data channel and notifies the client.
• Client initiates the data channel connection to the server's port.

Trivial File Transfer Protocol (TFTP)

• RFC 1350.
• Simple protocol for file transfers within a Local Area Network (LAN).
• Used for transferring configuration and firmware images to networking devices.
• Only allows reading or writing a file for a client, without authentication.
• Uses UDP at the transport layer.
• Only 5 commands: RRQ (Read Request), WRQ (Write Request), DATA (Data Block), ACK (Acknowledgement), and ERROR.
• Error control with block numbers and acknowledged data transfer.

TFTP commands (RFC defines as packets)

• Read Request (OP Code 1) includes filename and mode (ASCII or binary)
• Write Request (OP Code 2) includes filename and mode (ASCII or binary)
• Data packets are numbered consecutively starting at 1, contain up to 512 bytes of data.
• Each data packet must be acknowledged by the receiver.
• Error messages (OP Code 5) can be sent.

Trivial File Transfer Protocol (TFTP) Overview

• Transfer starts with a request to read or write a file.
• The server opens a logical connection.
• Files sent in 512-byte data blocks.
• Each block acknowledged by receiver before next sent.
• Transfers terminate with data less than 512 bytes.
• Receiver may resend if data block lost, due to Time Out.
• Stop-and-wait protocol used.

TFTP Commands (Simplified)

• Requests (RRQ, WRQ)
• Data Blocks (DATA)
• Acknowledgements (ACK)
• Errors (ERROR)

Trivial File Transfer Protocol (TFTP) Issues

• Connectionless and unreliable UDP used (need for error control).
• Time outs & retransmission required.
• Packet loss in network may cause time-out & retransmission
• Block numbering (data packet integrity)

FTP Secure (FTPS)

• Secure FTP protocol that encrypts files exchanged using SSL (Secure Sockets Layer).
• Two types:
  • Explicit FTPS (port 21) encryption on data channel after authentication.
  • Implicit FTPS (port 990) encryption on command channels.
• Encrypts file transfer with strong algorithms (AES and triple DES).
• Authentication uses usernames/passwords &/or certificates.

Secure File Transfer Protocol (SFTP)

• Secure FTP protocol using SSH.
• Offers high protection for file transfers using TCP port 22.
• Uses strong encryption algorithms including AES, triple DES and others.
• Authentication methods include user names/passwords, SSH keys, and combinations.

Briefly contrasting SFTP and FTPS

• FTPS can be difficult connecting to secured firewalls since it uses multiple port numbers (control & data channels).
• SFTP is simpler, easier to configure firewalls since it uses a single port (port 22).
• SFTP uses SSH keys allowing shared authentication between trading partners

The choice - SFTP or FTPS

• IT department and/or partners may dictate which protocol is used.
• Authentication with certificates may be required by customers and partners
• Firewall configuration can be a deciding factor.
• Customers may only use one port which makes SFTP preferable.

Description

This quiz covers the essential concepts of File Transfer Protocol (FTP) including its architecture, authentication methods, and the importance of secure file transfer. Understand the significance of TCP connections and how FTP functions within various client setups. Test your knowledge on secure management practices and legacy system compatibility.