What Does FTP Stand For?
The FTP, or file transfer protocol, is a type of common network protocol. Protocol is a set of rules that computers use when they communicate with each other, specifically when computers communicate with each other using a network. The protocol controls and facilitates the connection between computers. Thus, the FTP is a type of protocol that helps to control and facilitate connections between computers.
Specifically, FTP is an acronym for File Transfer Protocol. It is a type of Internet protocol that is built on a client server system. A client server system is a structure that separates computer tasks and workload between different service providers, also known as servers, and different service requesters, known as clients.
These clients and servers then often use a computer network using different computers to communicate with each other. Although a client and a server may share the same system, they usually do not share the same computer. The host that runs the majority of the server systems that the client uses is called a server machine.
The server shares its resources with the client, the client does not share any resources with the server. Rather, the client requests certain resources from the server, and the server approves these requests. Thus, the File Transfer Protocol is a type of protocol for this system.
The History behind the FTP
The specifics for the File Transfer Protocol were published back in the early 1970s. On April 16, 1971 the original design for the File Transfer Protocol was published under a different name, the RFC 114. This was later replaced in June of 1980 by the RFC 765.
This new model was also replaced in October of 1985, by the RFC 959. This RFC 959 is the current specification for the File Transfer Protocol. Although the RFC 959 is the current specifications, there have been slight changes that were proposed throughout the years.
In 1997, the RFC 2228 attempted to improve the security of the RFC 959 by using security extensions. In 1998, the RFC 2428 attempted to improve the support system of the RFC 959 by adding support for the IPv6. The RFC 2428 also defined a new type of passive mode that the RFC 959 did not.
FTP Security
One of the major criticisms of the initial FTP was that its security was substandard. There were several flaws in the system including:
- Bounce attacks - An attacker uses the PORT command on the FTP protocol, and requests access to ports using a client’s machine. This allows the attacker to access machines that he or she would not be able to access directly.
- Spoof attacks - An attacker pretends to be another individual using false data. For example, if two individuals named Lisa and Joe were having a conversation, the attacker tricks Lisa into thinking that the attacker is Joe, and does the same trick for Joe. The attacker then gains access to the messages in both directions, and can inject his or her own packets of information into the protocol.
- Brute force attacks - The attacker uses the search space of possible keys to break through encrypted data.
- Port stealing
- Poor protection of the username
Encryption and FTP
Unfortunately, the File Transfer Protocol does not have any encryption tools. However, certain solutions for this problem have been proposed. For example, clients and servers can use the SSH File Transfer Protocol, or the FTP over SSL protocol which adds encryption to FTP protocol. Several proposed standards have improved the security of the File Transfer Protocol.