Re: Ftp port question

From: lingwei cao (caolw@xxxxxxxxxxxx)
Date: Thu May 10 2001 - 04:07:28 GMT-3

• Next message: Zeng Puyang: "Re: Ftp port question"
• Previous message: Khalid Nafie: "RE: cisco router supports SVC frame relay switching?"
• Maybe in reply to: Zeng Puyang: "Ftp port question"
• Next in thread: Zeng Puyang: "Re: Ftp port question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Active FTP Operation
The active mode of operation is less secure than the passive mode. This mode
of operation complicates the construction of firewalls, because the firewall
must anticipate the connection from the FTP server back to the client
program. The steps of this mode of operation are discussed below and are
shown in Figure 1.
7 The client opens a control channel (port 21) to the server and tells the
server the port number to respond on. This port number is a randomly
determined port greater than 1023.
7 The server receives this information and sends the client an
acknowledgement "OK" (ack). The client and server exchange commands on this
control connection.
7 When the user requests a directory listing or initiates the sending or
receiving of a file, the client software sends a "PORT" command that
includes a port number > 1023 that the client wishes the server to use for
the data connection.
7 The server then opens a data connection from port 20 to the client's port
number, as provided to it in the "PORT" command.

Passive FTP Operation
This mode of operation is assumed to be more secure because all the
connections are being initiated from the client, so there is less chance
that the connection will be compromised. The reason it is called passive is
that the server performs a "passive open." The steps of this mode of
operation are discussed below and are shown in Figure 2.
7 In passive FTP, the client opens a control connection on port 21 to the
server, and then requests passive mode through the use of the "PASV"
command.
7 The server agrees to this mode, and then selects a random port number
(>1023). It supplies this port number to the client for data transfer.
7 The client receives this information and opens a data channel to the
server assigned port.
The server receives the data and sends an "OK" (ack).

Is this helpful?
----- Original Message -----
From: "Zeng Puyang" <zbridge98@yahoo.com>
To: "ccielab" <ccielab@groupstudy.com>
Sent: Wednesday, May 02, 2001 11:53 AM
Subject: Ftp port question

> hi, group:
>
> I am a little confused by the ftp ports, and hope you can help me to make
this clear:
>
> A: ftp client B: ftp server
>
> Standard mode:
> A tcp >1023 -----> B tcp 21
> A tcp 20 <----- B tcp X (X>1023,choiced by B)
>
> Passive mode:
> A tcp >1023 -----> B tcp 21
> PASV ----->
> <----- portY (Y>1023)
> A tcp 20 -----> B tcp Y
>
> Is this correct?
>
> Thanks for your help
>
> Zeng
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: Zeng Puyang: "Re: Ftp port question"
• Previous message: Khalid Nafie: "RE: cisco router supports SVC frame relay switching?"
• Maybe in reply to: Zeng Puyang: "Ftp port question"
• Next in thread: Zeng Puyang: "Re: Ftp port question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:38 GMT-3