Table of contents
1. Experimental purpose and requirements
2. Experimental content and methods
3. Experimental steps and process
1. Experimental purpose and requirements
Learn to install and use FTP server software and FTP client software, master the basic control methods of FTP transmission data, and be able to capture and analyze FTP protocol data packets.
lab environment:
- Windows operating system; Internet connection
- FTP server software Xlight
- FTP client software FlashFXP
- Packet capture software Wireshark.
2. Experimental content and methods
Install and use FTP server software and client software, master FTP transmission control methods, capture FTP protocol data packets and analyze the data packets
3. Experimental steps and process
1. Understand the FTP protocol
FTP (File Transfer Protocol, File Transfer Protocol) is one of the protocols in the TCP/IP protocol suite. The FTP protocol consists of two components, one is the FTP server and the other is the FTP client.
(1) The FTP server is used to store files, and users can use the FTP client to access resources located on the FTP server through the FTP protocol. When developing a website, the FTP protocol is usually used to transfer the web page or program to the web server. In addition, because the FTP transfer efficiency is very high, it is generally used when transferring large files on the network.
(2) It belongs to the application layer of the network transmission protocol. FTP is an 8-bit client-server protocol capable of manipulating any type of file without further processing, just like MIME or Unicode. However, FTP has extremely high latency, the time between the start of the request and the first receipt of the required data can be very long; and from time to time some lengthy login processes must be performed. In the TCP/IP protocol, the FTP standard command TCP port number is 21, and the Port mode data port is 20. The task of FTP is to transfer files from one computer to another, regardless of the operating system.
Figure 1 Schematic diagram of FTP
(3) Working principle of FTP:
Like many Internet applications, FTP service is also a client server system (C/S). The user connects to the FTP server program on the remote host through a client program that supports the FTP protocol. The user issues commands to the server program through the client program, and the server program executes the commands issued by the user and returns the execution results to the client.
Take file download as an example, when the FTP client program is started to download files from a remote computer, two programs are actually started: an FTP client program on the local machine, which requests the FTP server to copy and download files;
The other is to start the FTP server program on the remote computer, which responds to your request and transfers the specified file to your computer. At present, there are many FTP application software, such as Server-U, FileZilla, etc. on the server side, and CuteFtp, FlashFTP, etc. on the client side, which greatly facilitates the use of users.
2. Configure FTP on the server side
( 1 ) Installation of FTP server software Xlight
In this experiment, I chose Xlight as the FTP server software. Download the installation package from the official website and follow the instructions to install it.
Figure 2 FTP server software Xlight download
( 2 ) FTP server software Xlight running
Start and run Xlight as an administrator, and you can see the following interface:
Figure 3 Xlight server interface
( 3 ) FTP server software Xlight configuration
First of all, in order to configure the FTP server, you need to obtain the server’s LAN ip, and query it through the ipconfig command in the previous two experiments, the result is shown in Figure 4
Figure 4 LAN ip address
After obtaining the LAN ip of the server, a virtual FTP server can be established. Set the IP address to the local area network address of the machine, namely 172.31.225.33, and the port is 21 by default. Specifically as shown in Figure 5
Figure 5 Configure FTP server
After completing the server configuration, click "OK". As shown in Figure 6, you can see that the FTP server has been successfully added to the list.
Figure 6 FTP server list
At this point, we only need to click the "Enable" button to enable the server.
Figure 7 Enable FTP server
At this point, all the settings of the FTP server have been completed, and the next step is to complete the settings of the client.
3. Configure FTP on the client
( 1 ) Installation of FTP client software FlashFXP
In this experiment, I chose FlashFXP as the FTP client software. Download the installation package from the official website and follow the instructions to install it.
Figure 8 FlashFXP download
(2) Open the FTP client software FlashFXP
After the installation is complete, open FlashFXP, you can see the following interface:
Figure 9 FlashFXP interface
So far, our FTP client has been successfully configured, and then we will upload and download files.
4. Use FTP to upload and download files
Through the server side, we can set the accessible file path and permissions. We define the D drive of the remote server as the public path, and create the corresponding virtual path as Computer_Network. The permissions are set to readable and writable, and the permissions are applied recursively.
Figure 10 Create a virtual path
After completing the settings, save the result as shown in Figure 11
Figure 11 List of public paths
Then continue to create users on the server side, here we created a user named "szudyh", as shown in Figure 12
Figure 12 Create user
Next, a connection will be established on the client side, first select to establish a quick connection, and enter the corresponding address, port, user name and password:
Figure 13 Connect to FTP server
After completing the settings, click Connect, and the remote FTP server will be contacted. You can see that as shown in Figure 14, you have tried to log in, and finally logged in successfully.
Figure 14 Login process
After logging in, you can see the public path we set on the server side from the right. This will display the contents of all public paths.
Figure 15 The result displayed after successful login
Next, the upload and download test will be carried out. We will download first, select "Office.mp4" and drag it to the left and release the mouse. You can see the downloading, downloading time, and transmission from the red box in Figure 16. information such as speed.
Figure 16 Client download status
Similarly, we can also view the transfer records from the server side, as shown in Figure 17, which shows the transfer speed and the transferred size.
Figure 17 Server-side download status
After the download is complete, you can see a prompt as shown in Figure 18, showing the transmission time, size and average speed.
Figure 18 Server-side information after the download is complete
Next, the upload will be tested, select the file to be uploaded, drag it to the right and release the mouse, you can see some uploaded information in Figure 19.
Figure 19 Upload client status
So far, we have all completed the experiment of downloading and uploading.
5. Change user permissions and directory access control
( 1 ) Modify user permissions
From the FTP server, we set the user lifetime to 1:18 in Figure 20.
Figure 20 Modify user permissions
After this time, use the FlashFXP software to initiate a connection to the server again, as shown in Figure 21, it can be found that the connection is rejected by the server, and the connection fails.
Figure 21 Login denied after modifying user permissions
In this experiment, I chose FlashFXP as the FTP client software. Download the installation package from the official website and follow the instructions to install it.
( 2 ) Modify the user access directory
Modify the user access directory to the directory named "DongYunhao" under the D disk, and change the read and write permissions to readable but not writable, as shown in Figure 22.
Figure 22 Modify user access directory
After logging in again, you can see that the directory has been updated as shown in Figure 23
Figure 23 The updated directory
We uploaded a file to the server and found that it was rejected by the server, which means that the permissions we set have taken effect.
Figure 24 Deny writing
6. Analyze the FTP protocol
( 1 ) TCP three-way handshake to establish a connection request
Use Wireshark to trace the TCP flow. The data packet in Figure 25 below is a TCP three-way handshake to establish a connection request. It can be seen that FTP is based on TCP. The last data packet represents the information sent by the server to the client, where the status code 220 indicates that the service is ready.
Figure 25 TCP three-way handshake
( 2 ) Perform user authentication
Since FTP transmits data packets in plain text, you can see that the data packets shown in Figure 26 show that the user name of the login FTP server is szudyh, the password is *************, and the status code 230 indicates that the login is successful .
Figure 26 Login via tcp
It can be seen that the user name szudyh is first requested by the client to log in to the server, and then the server responds that a password is required. Next, the local client sends the user's password to the server, and the server returns a 230 status code after verification, which proves that the login is successful.
( 3 ) Obtain server information
After completing the login user verification, you need to obtain a series of information about the server, and capture the data packets through Wireshark as shown in Figure 27:
Figure 27 Get server information
In the figure above, the SYST command gets the operating system of the server, and the FEAT command gets the system status or help support. The server system is UNIX Type: L8.
Figure 28 Create a file path
Next, the file path will be established, as shown in Figure 28, the data packet PWD requests to print the working directory, and the server responds by returning the current working directory, and the path name has been established as "/". Next, the data packet CWD changes the working directory, and the response is that the file action has been completed.
( 4 ) Upload files
The data packets uploaded through FTP can be captured by Wireshark as shown in Figure 29
Figure 29 Upload file data package
First, the client sends the MLST command, and the parameter is 1.png file. Since it is an upload operation, the server returns that the file cannot be found. Then the server requests the file in the passive connection mode, and then the server responds and enters the passive mode. The IP address of the server transferring the file is 172.31.225.27, and the ID port is 63734 for data transmission. After the transmission is completed, the server responds with a transmission completion packet to the local client.
( 4 ) Download file
The data packets downloaded via FTP can be captured via Wireshark as shown in Figure 30
Figure 30 Download file data package
Figure 31 File information
First, the client sends the MLST command, the parameter is 1.png file, and the server collects and returns the file information as shown in Figure 31, such as size, creation time, format, etc. Next, the client requests the file in the passive connection mode, and the server responds and enters the passive mode. The IP address of the server transferring the file is 172.31.225.27, and the port is 63734. After the server opens the port and is ready, it notifies the client to download the data. After the data transfer is completed, the server returns information indicating that the file transfer is complete and closes the data connection.
( 5 ) Disconnect
After the transfer is complete, the connection to the server is released. The packets that can be captured by Wireshark are shown in Figure 32:
Figure 32 Disconnected packets
First, the client sends a "Request: QUIT" request to disconnect; the server returns 221 to complete the release of the connection. Then there is a four-way handshake, and the FTP connection is completely disconnected.