FTP protocol overview

The official FTP standard is defined in RFC 959 [Postel and Reynolds 1985].  If you would like complete coverage of the FTP protocol you should refer to this RFC.  This site is in no way complete nor should it be used as an implementation guide alone.

FTP uses two TCP connections to transfer files. 

1. The control connection
   The control connection is made by the server listening to the default port for FTP which is 21.  This port can differ, but the default is 21.   The FTP server waits for a connection from the FTP client.  The client does an active open from any port to port 21.  The control connection once established, remains open for the duration of the communication between client and server.  The control connection is used to specify what to do.
   
2. The data connection
   Once the control connection is used to specify that it would like to transfer a file, a data connection is established to actually transfer the file.  The data connection is used for sending files, receiving files, and getting a list of files in the current directory.

FTP requests

All FTP requests are 3 or 4 digit ASCII commands.  Each command can have 0, 1, or more optional arguments.  The most popular FTP commands are as follows:

USER: Used to specify which username would like to log onto the server
PASS: Used to specify the password to log onto the server
LIST <path>: Used to list files and directories at the specified path
QUIT: Log off the server
RETR <filename>: Used to download a file from the server
STOR <filename>: Used to upload a file to the server
SYST: Server returns the system type
ABORT: Aborts a previous FTP command and any data transfer

For a complete list of FTP commands with descriptions, go [here]

FTP replies

All FTP replies start with 3 digit status code in ASCII. An optional message can follow this 3 digit status code.

The first (left most) digit in the error code has special meaning.
1**: Used for positive preliminary replies.
2**: Used for positive completion replies.
3**: Used for positive intermediate replies.  Which means everything was OK, but another command is expected.
4**: Transient negative completion reply.
5**: Permanent negative completion reply.

The second (middle) digit in the error codes also have special meaning.
*0*: Syntax error
*1*: Information
*2*: Connection related
*3*: Authentication related
*4*: Unspecified
*5*: Filesystem status

The third (right most) digit in the error code, is just used to be more specific.

Most FTP replies are 1 line replies, and can be read up to the first CR LF.  However, some may be multi-line replies and you should therefore check to see if the 4th digit is a hyphen.  If the 4th digit is a hypen, then you should keep reading lines until the 4th digit is not a hypen.  All lines in a multiline reply will start with the same 3 digit status code.  The final line in a multi line reply will not have a hyphen.

For a complete list of error codes click here

Using telnet to communicate with FTP

As with many other ASCII protocols, you can communicate with an FTP server via telnet alone.
To do this in windows, simply go to start menu | Run | command.com
In the prompt type:
> telnet myservername.com 21
* 220 Microsoft FTP service
> USER brian
* 331 Password required for user brian
> PASS mypassword
* 230 User brian logged in.
> SYST
* 215 Windows_NT

You won't be able to easily test your data connection this way, but you can test out many of the FTP commands and see the replies that they give.


Debugging FTP

As with every other protocol, when implementing or learning FTP, it is a good idea to use ethereal.  You can download ethereal at http://www.ethereal.com. If you are using ethereal 0.10.9 or above, you will not need to download winPCAP.

Next page