From: Juan Alcaide (jalcaide@xxxxxxxxx)
Date: Mon May 14 2001 - 15:45:20 GMT-3
   
Inline
On Thu, 10 May 2001, lingwei cao wrote:
> Active FTP Operation
> The active mode of operation is less secure than the passive mode. This mode
> of operation complicates the construction of firewalls, because the firewall
> must anticipate the connection from the FTP server back to the client
> program. The steps of this mode of operation are discussed below and are
> shown in Figure 1.
> 7 The client opens a control channel (port 21) to the server and tells the
> server the port number to respond on. This port number is a randomly
> determined port greater than 1023.
> 7 The server receives this information and sends the client an
> acknowledgement "OK" (ack). The client and server exchange commands on this
> control connection.
> 7 When the user requests a directory listing or initiates the sending or
> receiving of a file, the client software sends a "PORT" command that
> includes a port number > 1023 that the client wishes the server to use for
> the data connection.
> 7 The server then opens a data connection from port 20 to the client's port
> number, as provided to it in the "PORT" command.
usually port 20 (port -1 command) but it doesn't need to be 20.
>
> Passive FTP Operation
> This mode of operation is assumed to be more secure because all the
> connections are being initiated from the client, so there is less chance
> that the connection will be compromised. The reason it is called passive is
> that the server performs a "passive open." The steps of this mode of
> operation are discussed below and are shown in Figure 2.
> 7 In passive FTP, the client opens a control connection on port 21 to the
> server, and then requests passive mode through the use of the "PASV"
> command.
> 7 The server agrees to this mode, and then selects a random port number
> (>1023). It supplies this port number to the client for data transfer.
> 7 The client receives this information and opens a data channel to the
> server assigned port.
> The server receives the data and sends an "OK" (ack).
>
> Is this helpful?
> ----- Original Message -----
> From: "Zeng Puyang" <zbridge98@yahoo.com>
> To: "ccielab" <ccielab@groupstudy.com>
> Sent: Wednesday, May 02, 2001 11:53 AM
> Subject: Ftp port question
>
>
> > hi, group:
> >
> > I am a little confused by the ftp ports, and hope you can help me to make
> this clear:
> >
> > A: ftp client            B: ftp server
> >
> >   Standard mode:
> >    A tcp >1023  ----->     B tcp 21
> >    A tcp 20     <-----     B tcp X (X>1023,choiced by B)
> >
> >   Passive mode:
> >    A tcp >1023  ----->     B tcp 21
> >      PASV       ----->
> >                 <-----       portY (Y>1023)
> >    A tcp 20     ----->     B tcp Y
> >
> > Is this correct?
> >
> > Thanks for your help
> >
> > Zeng
> > **Please read:http://www.groupstudy.com/list/posting.html
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:41 GMT-3