Menu
Is free
check in
the main  /  the Internet / FTP protocol. Sample Network File Services: FTP and NFS FTP serves

FTP protocol. Sample Network File Services: FTP and NFS FTP serves

FTP (eng. File Transfer Protocol - File Transfer Protocol) - Standard Protocol for Transferring File TCP Networks (for example, Internet). FTP is often used to download network pages and other documents from a private development device to open hosting servers.

The protocol is built on the client-server architecture and uses different network connections for transmitting commands and data between the client and the server. FTP users can pass authentication by passing the login and password in the open text, or if it is permitted on the server, they can connect anonymously. You can use the SSH protocol for safe transmission hiding (encrypting) login and password, as well as encrypting content.

A rather bright feature of the FTP protocol is that it uses the multiple (at least dual) connection. In this case, one channel is the manager through which the server commands receive and its answers are returned (usually through TCP port 21), and through the rest there is a data transfer, one channel for each transmission. Therefore, within the framework of the FTP session, you can simultaneously transmit several files at the same time, and in both directions. For each data channel, the TCP port is opened, the number of which is selected by either the server or by the client, depending on the transmission mode.

The FTP protocol has a binary transmission mode, which reduces the overhead of traffic and reduces the data exchange time when transmitted big files. The protocol of HTTP necessarily requires coding of binary information into a text form, for example, using the BASE64 algorithm.

Starting work through the FTP protocol, the client is included in the session, and all operations are carried out within this session (in other words, the server remembers the current state). The HTTP protocol will not "remember" anything - its task is to give data and forget, so the memorization of the state when using HTTP is carried out by external with respect to the protocol methods.

FTP operates at the OSI application level and is used to transfer files using TCP / IP. To do this, a FTP server, waiting for incoming queries, should be launched. Computer client can contact the server by port 21. This compound (control flow) remains open during the session. The second connection (data flow) can be opened as a server from port 20 to the port of the corresponding client (active mode), or by the client from any port to the port of the corresponding server (passive mode), which is necessary to transfer the data file. The control stream is used to work with the session - for example, the exchange between the client and the server commands and passwords using a Telnet-like protocol. For example, "RETR file name" will send the specified file from the server to the client. Due to this two-port structure, FTP is considered an external-eye protocol, unlike in-band HTTP.

Data connection and transmission

The protocol is defined in RFC 959. The server responds over a stream of control of three-digit ASCII state-codes with an optional text message. For example, "200" (or "200 OK") means that the last team has been successfully completed. The numbers represent the response code, and the text is clarification or request. Current data stream transmission can be interrupted using an interrupt message sent over the control stream.

FTP can operate in active or passive mode, from whose selection method depends on the connection of the connection. In active mode, the client creates a managing TCP connection to the server and sends its IP address and arbitrary client port number, after which it is waiting until the server starts the TCP connection with this address and port number. In the event that the client is behind the firewall and cannot accept an incoming TCP connection, passive mode can be used. In this mode, the client uses the control stream to send the PASV command server, and then receives its IP address and port number from the server, which is then used by the client to open the data flow from an arbitrary client port to the address and port. Both modes were updated in September 1998 to support IPv6. At this time, further changes in the passive regime were carried out, updating it to an extended passive regime.

When transferring data over the network, four data representations can be used:

    ASCII - Used for text. Data, if necessary, before the transmission is converted from a symbolic view on a host-sender in an "octalite ASCII", and (again, if necessary) into the character representation of the host. As a result, this mode is not suitable for files containing not only the usual text.

    Image mode (usually referred to as binary) - the sender device sends each byte file per byte, and the recipient saves the byte flow upon receipt. Support for this mode was recommended for all FTP implementations.

    EBCDIC - Used to transfer ordinary text between hosts in EBCDIC encoding. Otherwise, this mode is similar to the ASCII mode.

    Local mode - allows two computers with identical installations to send data in its own format without conversion in ASCII.

For text files, various control formats and configuration of the recording structure are provided. These features were designed to work with files containing Telnet or ASA formatting.

Data transfer can be carried out in any of the three modes:

    Power Mode - Data is sent as a continuous stream, freeing the FTP from performing any processing. Instead, all processing is performed by TCP. The end indicator is not needed, except for dividing data on the record.

    Block mode - FTP breaks data into multiple blocks (header unit, byte number, data field) and then transmits them TCP.

    Compression Mode - Data is compressed by a single algorithm (usually, encoding series lengths).

Authentication

FTP authentication uses the usual username / password diagram to provide access. The username is sent to the User command server, and the password is the Pass command. If the information provided by the client is accepted by the server, the server will send an invitation to the client and the session begins. Users can if the server supports this feature, log in to the system without providing credentials, but the server can provide only limited access for such sessions.

AnonymousFTP.

Host, providing an FTP service, can provide anonymous access to FTP. Users usually enter the system as "Anonymous" as a username. Although usually users are asked to send their email address instead of password, no verification is actually done. Many FTP hosts that provide software updates support anonymous access.

NAT.- Pt.

Especially for the operation of the FTP protocol through the firewalls, the NAT extension was made, called NAT-PT (RFC2766), which allows you to translate incoming connections from the server to the client through NAT. In the process of such a connection, NAT replaces the transmitted data from the client, specifying the server to the server and the port with which the server will be able to connect, and then broadcasts the connection from the server from this address to the client to its address. Despite all measures and innovations adopted to support the FTP protocol, in practice, the NAT-PT function is usually disconnected in all routers and routers in order to provide additional safety from viral threats.

NAT. And bypassing firewalls

FTP usually transmits data if the server is connected to the client, after the client sent the port command. This creates a problem for both NAT and firewalls that do not allow connections from the Internet to internal hosts. For NAT, an additional problem is that the representation of IP addresses and the port number in the Port command refers to the IP address and port of the internal host, instead of a public IP address and NAT port. There are two approaches to this problem. The first is that the FTP client and the FTP server use the PASV command, which causes a data connection set from the client to the server. The second approach is a change for the NAT of the PORT command values \u200b\u200busing a gateway at the applied level.

Web browsers support

Most of the usual web browsers can retrieve files located on FTP servers, although they may not support protocol extensions like FTPS. When the FTP address is specified, and not the HTTP address, the available content on the remote server seems similar to the other web content. A fully functional FTP client can be launched in Firefox as FireFTP extension.

Safety

FTP was not developed as protected (especially according to the current standards) protocol and has numerous vulnerabilities in defense. In May 1999, the authors of RFC 2577 brought vulnerabilities to the next list of problems:

    Hidden Attacks (Bounce Attacks)

    SPOOF ATTACKS)

    Broast Force Attacks (Brute Force Attacks)

    Package interception, Sniffing (Packet Capture, Sniffing)

    User name protection

    Capture ports (Port Stealing)

FTP cannot encrypt its traffic, all transmissions - open text, so user names, passwords, commands and data can be read by anyone, able to intercept the packet over the network. This problem is characteristic of many Internet protocol specifications (including SMTP, Telnet, POP, IMAP) developed before creating such encryption mechanisms such as TLS and SSL. The usual solution to this problem is to use "Safe", TLS-protected versions of vulnerable protocols (FTPs for FTP, Telnets for Telnet, etc.) or another, more protected protocol, like SFTP / SCP provided with most implementing Secure Shell Protocol .

SafeFTP.

There are several methods of secure file transfer, in one or another time called "Safe FTP": FTPS, SFPS, FTP via SSH.

Explicit FTPs - Expansion of the FTP Standard, allowing clients to require that the FTP session is encrypted. This is implemented by sending the "AUTH TLS" command. The server has the ability to allow or reject connections that do not request TLS. This protocol extension is defined in the RFC 4217 specification. The implicit FTPS is an outdated standard for FTP requiring the use of SSL or TLS connections. This standard was supposed to use other ports other than the usual FTP.

SFTP, or "SSH File Transfer Protocol", is not associated with FTP, except that it also transmits files and has a similar set of commands for users. SFTP, or Safe FTP, is a program that uses SSH (Secure Shell) to transfer files. Unlike standard FTP, it encrypts both commands, and data, preventing passwords and confidential information from open transmission via the network. According to the functionality of SFTP, it looks like an FTP, but since it uses another protocol, the standard FTP clients cannot contact the SFTP server and vice versa.

FTP. throughSsh. (notSFTP.)

FTP via SSH (not SFTP) refers to the practice of tunneling the usual FTP session via an SSH connection. Since FTP uses several TCP connections, the tunneling via SSH is particularly difficult. When a lot of SSH clients are trying to install a tunnel for the control channel (the initial "client-server" connection by port 21), only this channel will be protected; When data transfer, the FTP software at any end will set new TCP connections (data channels), which will cost an SSH connection and thus lose the holistic protection.

Otherwise, for client software SSH need to have certain FTP knowledge to track and rewrite FTP control flow messages and offline opening of new redirects for FTP data stream.

FTP via SSH is sometimes referred to as safe FTP; But it is not worth confusing it with other methods, such as SSL / TLS (FTPS). Other methods of file transfer using SSH and not related to FTP - SFTP and SCP; Each of them and accounting and file data are always protected by the SSH protocol.

FXP (eng. File Exchange Protocol - file sharing protocol) - a way to transfer files between two FTP servers directly without downloading them to your computer. At the FXP session, the client opens two FTP connections to two different servers, asking the file on the first server, pointing to the port IP address of the second server in the PORT command.

The undoubted advantage of supporting the FXP standard is that on end users who want to copy files from one FTP server to another, no longer affects the bandwidth of their own Internet connection. No need to download a file to then download it to another FTP server. Thus, the file transfer time will depend only on the connection speed between two remote FTP servers, which, in most cases, is obviously more "user".

FXP began to be used by attackers for attacks to other servers: In the PORT command, the IP address and port of the attacked service on the victim's computer, and the RETR / STOR commands are circulated to this port on the face of the FTP server, and not an attacking machine, which made it possible to arrange large-scale DDoS-attacks using immediately many FTP servers, or bypass the security system of the victim's computer, if it is only assumed to check the IP client and the FTP server used for an attack is in a trusted network or on the gateway. As a result, almost all servers check the correspondence of the IP address specified in the PORT command, the IP address of the FTP client and defaults to use third-party IP addresses there. Thus, the use of FXP is not possible when working with public FTP servers.

Main teams

    Abor - interrupt file transfer

    CDUP - change the directory to the superior.

    CWD - Change directory.

    DELE - Delete File (Delename).

    EpsV - enter the extended passive mode. Used instead of PASV.

    Help - Displays a list of commands received by the server.

    List - Returns a list of directory files. The list is transmitted through data connection.

    MDTM - Returns the file modification time.

    MKD - Create directory.

    NLST - Returns a list of directory files to more brief formatthan List. The list is transmitted through data connection.

    Noop - Empty Operation

    PASV - Enter passive mode. The server will return the address and port to which you need to connect to pick up data. The transfer will begin when the following commands are introduced: RETR, LIST, etc.

    Port - Enter the active mode. For example, Port 12.34,45,56,78,89. In contrast to the passive mode for data transfer, the server itself connects to the client.

    PWD - Returns the current directory.

    Quit - turn off

    Rein - Reinitialize Connection

    Retr - download file. Before Retr, there must be a PASV or PORT command.

    RMD - Delete directory

    RNFR and RNTO - rename the file. RNFR - What to rename, RNTO is what.

    Size - Returns the file size

    Stor - download the file. Before Stor must be a PASV or PORT command.

    SYST - Returns the type of system (UNIX, WIN, ...)

    Type - Set the file type (binary, text)

    User - username for login to the server

As we have already learned, the Internet is global computer networkwhich includes millions of servers and client computers consisting of various communication channels and working due to certain technologies. Thanks to all of the listed, it became possible to transfer information from one computer to another, but what information, more precisely, what type, format? How will this information be presented on a user's computer? What rules and scenarios work with this information will be used? Replies to these questions give descriptions of services (services) that work in the Internet.

Services (Services) are types of services that are provided by the Internet servers.

There were various types of services in the history of the Internet, one of which is currently no longer used, others gradually lose their popularity, while others are experiencing their flourishing.

We list those from services that did not lose their relevance at the moment:

  • WORLD WIDE WEB. - World Wide Web - the search and viewing service of hypertext documents, including graphics, sound and video.
  • E-mail - Email - Electronic Message Transmission Service.
  • Usenet, News. - Teleconference, newsgroups - a type of network newspaper or bulletin board.
  • FTP. - File transfer service.
  • ICQ. - Service for real-time communication using the keyboard.
  • Telnet - Service remote access to computers.
  • Gopher. - Access service to information using hierarchical directories.
Among these services, you can select services for communication, that is, to communicate, transmit information (E-Mail, ICQ), as well as services, the purpose of which is storing information and ensure access to this user information.

Among the latest services, the WWW service is covered in terms of the volume of stored information, since this service is most convenient for users' work and is most progressive in technical terms. The FTP service is in second place, since any interfaces and conveniences are not developed for the user, the information is still stored in files, access to which this service provides. GOPHER and TELNET services can currently be considered "dying", since the new information is almost not received by the servers of these services and the number of such servers and their audience is practically no increase.

World Wide Web - World Wide Web

WORLD WIDE WEB (WWW) is hypertext, or rather, a hypermedia information system for finding Internet resources and access to them.

Hypertext is an information structure that allows you to set the semantic links between the text elements on the computer screen so that you can easily transition from one item to another.

In practice, in hypertext, some words are isolated by increasing or staining in another color. The selection of the word speaks of the availability of this word with some document, in which the topic associated with a highlighted word is considered in more detail.

Hypermedia is what happens if in defining a hypertext to replace the word "text" to "any kind of information": sound, graphics, video.

Such hypermedia references are possible because along with text information You can bind any other binary information, for example, encoded sound or graphics, so if the program displays the map of the world and if the user selects on this map using the mouse any continent, the program can immediately give about it graphic, sound and text information .

WWW system is built on a special data transfer protocol called HTTP Hypertetext Transfer Protocol (HyperText Transfer Protocol) is read (read "Eich-Ti-Pi".

All contents of the WWW system consists of www pages.

WWW-page - Hypermedia documents WORLD WIDE WEB. Created using HTML hypertext markup language (HyperText Markup Language).

One WWW page is generally typically a set of hypermedia documents located on a single server interturbed by mutual references and related in meaning (for example, containing information about one educational institution or one museum). Each document page, in turn, can contain several on-screen pages of text and illustrations. Each WWW page has its own title page (eng. Homepage) - a hypermedia document containing links to the main part of the page. Addresses "Titlers" are distributed to the Internet as page addresses.

A set of Web pages related to the links and intended to achieve a single goal is called Web site .

Email.

Email appeared about 30 years ago. Today it is the most massive means of sharing information on the Internet. The ability to receive and send email can be useful not only to communicate with friends from other cities and countries, but also in a business career. For example, with employment, you can quickly send your resume with the help of e-mail to various firms. In addition, on many sites where you need to register (on-line games, online stores, etc.) It is often necessary to specify your e-mail. In a word, E-mail is a very useful and convenient thing.

Email (Electronic Mail, English Mail - Mail, Sokr. E-mail) serves to transmit text messages within the Internet, as well as between other networks of email.

With the help of E-mail, you can send messages to get them in your electronic mailbox, respond to reports of correspondents, send copies of letters to several recipients at once, to forward the received email to another address, use logical names instead of addresses, create multiple mailbox subsections for different types of correspondence, include various audio and graphic files in the letters - and binary files - programs.

To use the e-mail, the computer must be connected to the telephone network via the modem.

The computer connected to the network is considered a potential sender and package recipient. Each Internet Node, sending a message to another node, breaks it on the fixed-length packets, usually size 1500 bytes. Each package is supplied with the address of the recipient and the address of the sender. Packages prepared in this way are sent through communication channels to other nodes.

Upon receipt of any package, the node analyzes the address of the recipient and, if it coincides with its own address, the package is accepted, otherwise sent on. The obtained packets relating to the same message accumulate. Once all the packages of one message are obtained, they are connected and delivered to the recipient. Package copies are saved on nodes - sender, until the response responded from the recipient's successful message. This ensures reliability.

To deliver the letter, the addressee needs to know only its address and coordinates of the nearest mailbox. On the path to the addressee, the letter passes several post offices (nodes).

The process of phased definition of the path of the letter is called routing (routing).

When using email, each subscriber is assigned a unique postal address whose format is:

@ .

For example: [Email Protected] where earth. - Username, space.com. - computer name, @ - The dividing symbol "this commercial", which is often called the "dog".

Email does not require the simultaneous presence of both subscribers at different ends of the line. Messages arriving by e-mail are stored in a special "mail" computer in the disk memory selected for the recipient (its "mailbox"), where it can unload them and read using a special customer program. To send a message, you need to know the email address of the subscriber. With a high-quality communication, an electronic letter comes to any point in the world within a few minutes.

There are a large number of programs to work with e-mail, allowing you to automate the process of sending letters. Messages are created by B. offline mode. Without connecting to the mail server, it allows you to save time on the network, and sending and receiving messages occurs at the request of the user, at the moment when it considers it necessary. The program itself will send and receive letters.

Postal programs for personal computers Use different protocols for receiving and sending mail.

When sending mail, the program is associated with the outgoing mail server, or an SMTP server, by protocol SMTP (Simple Mail TRANSFER PROTOCOL) .

When receiving mail, the program is associated with the incoming mail server, or the POP3 server by the protocol POP3 (Post Office Protocol 3) . It can be both different computers and the same. Server names provides provider users.

More modern protocol Imap allows, in particular, selectively copy the applicable letters with mail Server on computer. To use this protocol, it is necessary that it is supported by both the provider and the postal program.

Message Delivery Scheme.

Advantages of E-mail in comparison with regular mail:

  • Operational
  • Reliability
  • Cheapness

Disadvantages of e-mail in comparison with ordinary mail:

  • Getting unclaimed email (spam).
  • Danger of infection with a virus.

FTP file transfer service.

As you know, all information is stored in files. The file may have a different volume and contain absolutely any information. That is why B. internet Over the past 15-20 years accumulated great amount A variety of files, access to archives with the help of FTP files.

FTP file transfer service moves copies of files from one Internet node to another in accordance with FTP (File Transfer Protocol - "File Transfer Protocol").

It does not matter where these nodes are located and as interconnected.

Computers on which there are files for general use are called FTP servers.

FTP itself and FTP access tools appeared much earlier web browsers and HTML languages. And it is not surprising, since the transfer of binary data from the computer to the computer has always been the most important task of the Internet.

Internet has more than 10 terabytes free files and programs. Any user can use the services of the FTP service and using anonymous access to copy the files you are interested in.

In addition to programs in FTP archives, you can find Internet standards, press releases, books on various branches of knowledge (and especially on computer issues) and much more.

For the user with the FTP service, there are many FTP client programs, such as Cuteftp, Far, Windows Commander. As a rule, these programs are also file managersthat is, allow you to view as information on local disksand just on deleted and perform the functions of copying information from the remote disk to the local disk.

Access to files on file archive servers is possible as a protocol Http. and on the protocol FTP. . Protocol FTP. Allows not only to upload files from remote file archives to local computerBut, on the contrary, to transfer files from a local computer to a remote Web server, for example, in the process of publishing a Web site.

For example, to download from a file archive server ftp.cuteftp.com Companies GlobalScape File cute4232.exe. You must specify the URL of this file. When specifying the URL, the FTP protocol is written as follows: fTP: //.

As a result, the universal URL resource pointer takes the form:
ftp://ftp.cuteftp.com/pub/cuteftp/cute4232.exe.
and consists of three parts:
fTP: // - access protocol;
ftp.cuteftp.com Domain name of the file archive server;
pUB / CUTEFTP / CUTE4232.EXE - path to the file and file name.

Usenet Teleconferenceries System.

A very similar to the email service is a USENET teleconference service.

News is one of the oldest in the history of the Internet of communications between groups of people who are interested in one specific issue. News Usenet (from English User "S Network, a network of users) Invented three American students in 1979. Usenet served at the time to disseminate information and programming news. The data were sorted to fifteen rubrics, subsequently received the name" Newsgroup "," conference "or" Teleconference ".

USENET teleconference services organizes collective discussions in various areas called teleconferences. NNTP Protocol (NETWORK News Transfer Protocol) is used to work this service - Network News Transmission Protocol

Teleconferences allow you to discuss any topic, and everyone can freely express their opinion, observing a certain etiquette.

If an ordinary email can be compared with a private corresponding between two correspondents, then the news is more like a newspaper publication. The news distribution process looks like this: a person who wants to publish a message sends a letter of a special format to the news server (special computer). This message is processed and begins to distribute between all other servers signed on this topic (news group), or, as they are also called teleconferences. The news server finds its nearest neighbor and transmits it to the accumulated news. The one, in turn, transmits them to the next neighbor, and the process continues, as a result of which one day the letter once after a few hours turns out to be multiplied and split literally throughout the world. Each person signed to a specific conference, as a result, will familiarize themselves with your message.

Today usenet has more than ten thousand discussion groups (Newsgroups) or teleconferences, each of which is devoted to a certain topic and is a means of exchanging views.

Teleconference are divided into several groups:

  • nEWS. - issues relating to the teleconferencing system;
  • comp - computers and software;
  • rec. - entertainment, hobbies and art;
  • sCI - research activities and applications;
  • sOC. - social issues;
  • talk - Debate on various controversial issues;
  • mISC - all the rest.

There is a large selection of teleconferencing readers that form the discussion material in an ordered form and provide correspondents.

ICQ.

One of the most popular Internet services is ICQ (I Seek You - I'm looking for you).

ICQ is a way to communicate in a network that allows you to talk with any ICQ registered in the system and currently connected to the Internet.

Currently, more than 150 million users are registered in the ICQ system, each user has a unique identification number. The program notifies the presence of the subscribers at this time on the Internet from a pre-drawn list and makes it possible to initialize contact with them.

In order to become a subscriber of the ICQ system, it is delivered to download the ICQ client program from the file server (for example, www.freeware.ru) and during its installation on a computer register.

ICQ capabilities:

  • sending emails and SMS messages;
  • text messaging (Chat);
  • voice communication;
  • search by interests, by number, by e-mail;
  • internet telephony (calls from the computer to the computer, from the computer to the phone, from the phone to the computer)
and much more.

Remote access to computers.

The deleted Telnet access service allows you to enter another computing system running on the Internet using the Telnet protocol.

This program consists of two components: the client program that runs on the client computer, and the server program that runs on the computer-server.

Client program functions:

  • establishing a connection to the server;
  • reception from the input subscriber, transform them to standard format and sending to the server;
  • reception from the query results server in standard format and reformatting them in the view, convenient to the client.

Server Functions:

  • waiting for a query in standard form;
  • maintenance of this request;
  • sending results to the client program.

Telnet is a simple and therefore a universal communication tool.

On the Internet, the same network node can simultaneously work on several protocols. Therefore, major network nodes now have a complete set of servers, and they can be contacted almost according to any of the existing protocols.

Questions.
  1. What is the service?
  2. List the main services of the Internet.
  3. What service is the leading place in the Internet?
  4. What basic services provides users with WWW service?
  5. What is a hyperlink?
  6. What is hypertext?
  7. What protocol built WWW service built?
  8. Why do I need email?
  9. What is routing?
  10. How is the mailing address formed?
  11. Where are the messages come by mail?
  12. What postal protocols are used when receiving and sending letters?
  13. What is the FTP file transfer service?
  14. What computers are called FTP servers?
  15. What protocol is accessed by files on file archive servers?
  16. What services does teleconference service provide?
  17. What protocol is used to work Usenet?
  18. What features is the ICQ service?
  19. What is the remote access service?

The test you offer contains eleven questions, each of which is given three answers. Questions are displayed in a separate window. Answering the question, set the mouse cursor on the selected answer (it will be displayed in white) and click on it. According to the results of the test, the number of correct answers will be displayed, repeated response attempts and evaluation.

To start the test, click on the button.

Installing the FTP server.

The FTP server is part of IIS. To install it, you open the control panel -\u003e Programs -\u003e Enable or disable Windows components. Reveal the IIS service section and put the ticks opposite the following components: FTP service and IIS Management Console.

Setting the FTP server.

Open the Control Panel -\u003e System and Security -\u003e Administration -\u003e Computer Management (you can quickly: Start Menu -\u003e Right click on Computer -\u003e In the Select Management item). In the window that opens, we disclose the service group and application and open the IIS Services Manager. In the Connection window, select the Site folder, then you click on the Add FTP site link in the right window.


In the FTP site creation wizard, specify its name and location (default C: \\ inetpub \\ ftproot).


Next, specify the binding and SSL parameters. Section Binding Leave unchanged. The option "Run FTP Site automatically" turn off (FTP I need only from time to time). In the SSL section, exhibit the option "Without SSL".


In the next window, we leave everything without change and click ready.


The site is created. Now you can proceed to additional parameters for thin setting (For example, limit the maximum number of simultaneous connections). Select the site you just created on the right in the actions panel, click on additional parameters.


The next step is to configure Windows Firewall. Open the Control Panel -\u003e System and Security -\u003e Windows Firewall -\u003e Advanced Parameters. In the "Rules for Incoming Connections" section, we find and activate the "FTP server (incoming traffic)" and "FTP Server Passive (FTP Passive Traffic-IN)". The latter rule allows you to connect the FTP client in passive mode.



In the "Rules for Outboard Connection" section, we find and activate FTP Server (FTP Traffic-Out).


If an additional firewall is installed in the system (Comodo, Outpost, etc.), then it also needs to open port 21 (TCP) for incoming connections and port 20 (TCP) for outgoing.

If the Internet connection is carried out using the router, and you want to make your server available to Internet users, then you need to configure port forwarding on the router. On my DLink DI-804HV it is performed in the Virtual Server section.


192.168.10.4 - IP address of the FTP server in local network.

Setting up user rights.

If you leave everything as it is, any user will be able to connect to the FTP server (anonymous access) with read-only rights (you can download, but you cannot write and change files). Suppose that we need to make access for trusted users who would have the right to write and change the files.

Open the Control Panel -\u003e System and Security -\u003e Administration -\u003e Computer Management (Start -\u003e Right Click on Computer -\u003e In the Select Management item). Next, reveal the Local Users and Groups group ( this setting Available only in business and maximum editors). Right click on the group folder, select Create a group in the menu.


Enter the name of the group - FTP users, description (you can not enter) and click the Create button.


Now you need to create a user. We make the right click on the users folder and select a new user in the menu.


We enter the username (for example, ftp_user_1), password (at least 6 characters), set the ticks opposite the options for the "Prohibit password change by the user" and the "password validity period is not limited."


The user is created. Now you need to assign a previously created group of FTP users. To do this, open the properties of the user and go to the tab "Membership in groups". By default, a new user is assigned a group of users, we remove it. Click the Add button -\u003e Advanced button -\u003e Search. A list of user groups opens. Select the FTP user group and click OK. As a result, we get:


Click OK and go to the next step.

At the FTP site creation stage, we need to select a working directory (C: \\ inetpub \\ ftproot). Now for the FTP Users group, you must configure access rights to this directory. We open C: \\ inetpub in the explorer, open the properties of the FTProot folder, go to the Security tab and click the Edit button. In the window that opens, click the Add button and select the FTP Users group (as when creating a user). We set the level of rights - "full access" and click OK.


Final stage. Open the IIS Service Manager and allocate our FTP server (Test FTP). In the FTP-site control panel, select "FTP Authorization Rules". Add the resolution rule. In the window that opens, select the "Specified Roles or User Groups" option. Below in the text box, we prescribe the name of our group in the text field (FTP users), then put the checkboxes in the permissions section opposite reading and writing and click OK.


This is completed on this.

At the beginning we did not choose the option automatic launch Servers, so do not forget to run it manually (right click on site title -\u003e FTP-site management -\u003e Start).

How to connect?

Option using Windows Explorer.
Open your computer (Vista, Win 7) or my computer (XP).
For anonymous access, simply enter the address of the server to the address bar (FTP: //192.168.10.4).
To enter the username and password enter the Add Address: FTP: // [User Name]: [Password] @ [FTP Server Address]. For example FTP: // FTP_USER_1: [Email Protected] - To connect from the local network. To connect from the Internet, the local address is replaced with an external or domain name.

The FTP service is designed to exchange files and built using the "client-server" technology. The client and server interaction is carried out using the FTP (File Transfer Protocol - File Transfer Protocol, RFC 959.).

The client sends requests to the server, accepts and transmits files.

The server processes the client requests, transmits and receives files.

Fig. 1.3. Customer interaction and server on the FTP protocol.

The FTP client is a user interface that implements the FTP file transfer protocol. This program allows the user to transmit files between two computers associated with the local (LAN) or Global (WAN) network. In this case, computer platforms can be of various types.

1. Managing connection - connection to send commands to the server and receive answers from it. To organize such a connection, the Telnet protocol is used. Telnet connection is set to one step - sending a request and waiting for an answer, the receipt of which indicates the possibility of transmitting FTP commands. The control channel exists throughout the entire FTP session and closes after the completion of the information exchange.

2. Data connection- connection to transfer files. The transfer of files after the installed Telnet connection is carried out through a logic connection organized by the TCP protocol that checks the availability of ports assigned to FTP. Data channel is formed and eliminated as needed.

FTP Protocol provides two possible communication modes for file sharing:

Active mode;

Passive mode.

Active mode

Customer and Server Action:

1. The client establishes a connection and sends a request from a non-standard port N (N\u003e 1024) to 21 port server;

2. The server sends an answer to the client n port;

3. The server establishes communication to transmit data by port 20 to the client port N + 1.

Fig. 1.4. An example of establishing a link to exchange files in active mode.


Fig. 1.5. Connection diagram via FTP protocol in active mode.

Passive mode

Customer and Server Action:

1. The client establishes a connection and sends a request (reports that it is necessary to work in passive mode) to 21 server port from a non-standard port N (n\u003e 1024);

2. The server assigns a non-standard P port for the data channel (P\u003e 1024) and sends a call to the n port n, which reports the port number P;

3. The client establishes a link to transmit data by port n + 1 to the port of the P. Server port.

Fig. 1.6. An example of establishing a link to exchange files in passive mode.

The FTP operation at the user level when transferring files contains several steps:



1.IDecentification (input of the name-identifier and password);

2. Catalog;

3. Determination of the exchange mode:

Transfer files in text form;

Transfer files in binary form;

4. Perform exchange commands;

5. Completion of work.

The FTP protocol defines the request-response way to interact between the client program and the server program.

WWW service.

World Wide Web or just Web is a network of information resources.

The WWW service is a multitude of independent, but interrelated servers and is intended for sharing text, graphic, audio and video information. Working with the Web, the user is consistently connected to the Web servers and receives information.

WWW is built according to the client-server scheme.

A browser acts as a client, which is also an HTML interpreter. As an interpreter, the browser, depending on the commands (tags), performs various functions: Placing text on the screen, sharing information with the server as the resulting HTML-text is analyzed, etc.

The HTTP server processes the client requests to receive files, program execution, etc.

Fig. 1.7. Client and server interaction on HTTP protocol.

The following mechanisms are used to work with Web resources:

HTML (Hypertext Markup Language) - the language of hypertext marking documents (RFC-HTML4-971218 "HYPERTEXT Markup Language - HTML 4.0");

URL (Universal Resource Locator) is a unified resource pointer - a way to address resources on the network. Each resource has a unique to the Web address, called the unified (universal) resource identifier (URI - Universal Resource Identifier);

HTTP (Hypertext Transfer Protocol) - Hypertext information exchange protocol (RFC 2616 (HyperText Transfer Protocol - HTTP / 1.1 R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners LEE JUNE 1999) ";

CGI (COMMON GATEWAY INTERFACE) - universal gateway interface. Created to interact an HTTP server with other programs installed on the server (for example, DBMS).

The TCP protocol for HTTP is the TCP protocol, and the HTTP server (WEB server) is in the client side standby standby for the port 80 TCP port, and the HTTP client ( browser Web.) It is the initiator of the connection.

Classification of modems.

In terms of application:

For switched phone channels;

For allocated (rented) telephone channels;

For physical connecting / subscriber lines (XDSL modems

For digital Systems transmissions;

For cellular systems links;

For batch radio;

For satellite communication channels;

For local radio networks;

For television, cable networks.

Email (e-mail)

Email is network servicewhich enables users to send and receive emails. Usually the message is sent as text, the addressee gets it on its computer after some time a period of time and reads when it is convenient.
Email universal. Many networks around the world, even built on completely other principles and protocols than the Internet, can exchange emails with it, thereby getting access to other resources.
The postal service is based on two application protocols: SMTP and RORZ. On the first, sending correspondence from the computer to the server, and on the second, the reception of the messages received. There is a wide variety of client mail programs. These include the Outlook Express program, which is part of the Windows operating system as standard.
The email consists of a header containing the service information and the contents of the letter. Almost all read / sending programs are hiding a full title from the user, leaving only some fields for viewing. This is usually the address and name of the sender, theme, date. The list of header fields to display is set when configuring the program, and the user can replenish it or reduce depending on its desire. The title follows the body of the letter. It is in it that the information wanted to inform the sender to the addressee.
Message itself is usually text file Enough arbitrary shape. When transmitting non-intestine data (executable program, graphic information), the transcoding of messages that is executed software.
To send a letter, you need to know the address. All internet e-mail addresses look equally. For example, [Email Protected] The address consists of two parts separated by the @ symbol. On the left is the username (mailbox name), on the right - the domain name (machine name). When considering the name of the domain to the right to left and partitions to the points on separate words It turns out a set describing its position on the network.
The right word (in our case RU) is called a domain top level And most often (but not always) indicates the country code in which the addressee is located. The top-level domain may indicate the name of the network in which the addressee is located. Bratsk - region (may be the name of the city), ISEA - Firm, IS - Firm Division. Addresses and mailboxes usually get from the network administrator. For the Internet, the right part of the address is important. The domain name is a unique name assigned to a specific computer in the Internet. The advantages of email are:



§ Easy use (the most difficult here is the connection to the Internet for the first time);

§ High speed transfer rate;

§ low cost (fee is taken only for the connection);

§ Email messages are easy to store (as files);

§ Email is almost universal (transmission through any network texts, graphic images).

The disadvantages of email include weak state protection (the possibility of third-party access).
Email reliability strongly depends on which mail programs are used how far the sender and addressee of the letter are used, and especially in one network, or in different.

Teleconference (usenet).

Teleconference - Secondary Priority Internet Service providing deferred services.
The teleconference service consists of a plurality of thematic teleconferencing - newsgroups (newsgroup) supported by news servers. The news server is a computer that can contain thousands of news groups of a wide variety of topics.
A news group is a set of messages on a specific topic. The news is divided according to hierarchically organized thematic groups, and the name of each group consists of sublevel names. There are both global hierarchies and hierarchies, local for any organization, country or network. A set of groups received by the teleconferencing server is determined by its administrator and their presence on other servers with which this server is exchanged by news.
Access to newsgroups is carried out through the subscription procedure, which is to specify the coordinates of the news server and select the news of the newsgroups. It should be noted that each news server has a certain set of conferences, and if the subject of interest is not found on it, you can try to use another server. This procedure, as well as work with newsgroups, is carried out using software supporting these functions, for example, a widespread Microsoft application - Outlook Express application.
In the discussion of the topic of teleconference, many people can participate, regardless of where they are physically. Usually, although it is not a rule, there are special people in conferences, the so-called moderators are followed. Their obligations include maintaining the order in the conference in line with the rules established in it and its subjects.
Along with the described form of teleconference services, www teleconferences, also called forums, were widespread. The difference is that they work through the Web interface, and are not centrally posted on news servers, but on Web sites.
You can learn more about UseNet and rules for its use on a large number of websites on the Internet. In addition to them, each group usually has their own rules that are periodically published in the NEWS group itself (coordinator of the NEWS group). Depending on the degree of control of the NEWS-group, it can be divided into three types:

· Modistered: The message in the group places the moderator of this group (it considers each message and decides whether it should be placed there);

· Non-generated: Any user can be placed in the group;

· Postmoderized: This type is a compromise of the previous two (a message to a group can place any user, but the moderator has the right to delete it if it decides that the message is incorrect).

The distribution area of \u200b\u200beach NEWS group may be limited by any region, network community, etc.
The main reception of the use of newsgroups is to ask a question by contacting the whole world, and get a response or advice from those who have already understood with this issue. It is important to ensure that the content of the issue corresponds to the topic of this teleconference. Many qualified specialists of the world regularly view teleconferencing messages passing in groups relating to their fields of activity. Such a view is called monitoring information.
When sending messages to teleconference, it is customary to specify its email address for feedback.

Mailing lists (MailLists) are simple, but at the same time a very useful Internet service. This is almost the only service that does not have its own protocol and client program and operating exclusively through email.
The idea of \u200b\u200bthe mailing list is that there is a certain email address, which is actually a common address of many people - subscribers of this mailing list. You send a letter to this address, and your message will receive all people signed on this mailing list.
Such a service on the tasks he is intended to solve is similar to Usenet's network news, but has significant differences.
First, messages distributed by e-mailwill always be read by the subscriber, waiting for it in the mailbox, while articles in network news are erased after a certain time and become unavailable.
Secondly, mailing lists are more manageable and confidential: the list administrator fully controls the subscriber set and can monitor the contents of the messages. Each mailing list is conducted by any organization, and it has complete control over the list.
Thirdly, to work with the distribution list, it is enough to access email, and subscribers may have people who do not have access to UseNet news or any groups of these news.
Fourth, this method of transmitting messages can simply be faster, since the messages are sent directly to subscribers, and not by a chain between Usenet servers.
However, comparing sending lists and Usenet news, it should be noted that the UseNet groups often can also be accessible through mailing lists, and other methods through the WWW interface. This means that you can use the way of work that is more convenient for you.
Situations when mailing lists are applied as an adequate means of solving standing tasks are quite characteristic.
First, organizations often create distribution lists to notify their customers, users of their products or just interested parties on the release of new products, commercial offers, various news of the company.
The second situation when the installation of the mailing list is required - when some question is discussed, too specific and interested in too few people in order to start a separate group in the USENET news.
Thirdly, mailing lists often become virtual working groups - people working on one problem, but living at different points planet.
Depending on the number of subscribers, the mailing list is serviced on the server by programs of various difficulties that can provide complete functionality.
Mailing lists are also characterized by some disadvantages and difficulties. If you are signed on a few busy lists, then in one day you may find that your mailbox is scored by letters from mailing lists, and personal letters are lost in their sets that interest you in the first place. In order not to have such a situation, it is useful to use a program that executes the letter from the mailing lists on individual folders at the time of receipt (usually such letters can be recognized by their postal headers).
Another difficulty is that it is sometimes difficult to cancel a subscription that no longer represents for you interest.

Remote Access (Telnet)

Applications that allow you to enter the remote terminal are very popular in the Internet. Telnet is one of the oldest information technologies Internet related to direct circulation services. Under Telnet understand the triad consisting of the user's telnet interface, telnet process and telnet protocol. This triade provides a description and implementation of the network terminal to access the remote computer resources.
Telnet is constructed as an application protocol over TCP transport protocol. The basis of Telnet has three fundamental ideas:

· The concept of the NVT network virtual terminal (Network Virtual Terminal).

· Principle of contractual options (matching interaction parameters).

· Communication symmetry "Terminal Process".

Assigning a Telnet-Protocol to give a general description of bidirectional eight-bit interaction, the main purpose of which is to ensure standard method interaction of the terminal device and the terminal-oriented process. In this case, the protocol can also be used to organize the interaction "Terminal Terminal" (communication) and "Process Process" (distributed calculations).
Remote Terminal Applications use the client-server standard.
1. The Telnet client communicates with the user behind the terminal and with TCP / IP protocols. Usually, all that the user enters from the keyboard is sent by TCP connections, and all that comes by connection hits the terminal.
2. Only one TCP connection is installed. Since there are times when the Telnet client must communicate with the Telnet server (and vice versa), there must be methods to separate the commands that are sent by connection, from user data.
When installing a Telnet connection, a program running with a real terminal device and the maintenance process of this program is used to exchange information the specification of representing the rules for the functioning of the NVT terminal device. NVT Specification is a standard description of the most widely used features of real physical terminal devices, which allows you to convert to the standard form to display and enter information.
Telnet allows you to connect to a remote computer and work with it, as if you use the local system.
In practice, your capabilities are limited by the level of access that asked the remote system administrator for you. In any case, you must have your ID ID (UserID or UserName) and login password. In TCP / IP networks, there are two applications that allow the terminal approach.
Telnet - standard applicationwhich is present in almost every TCP / IP implementation. It can be used for communication between hosts running various operating systems.
The RLOGIN program was designed to work only between UNIX systems, but subsequently this program has been transferred to other operating systems.

FTP file transfer service

Receiving and transferring files make up a significant percentage of other Internet services.
FTP (File Transfer Protocol) - File Transfer Protocol, but when considering FTP as an Internet service, it is not necessary to see the protocol, namely the file access service in file archives. The FTP service has its own servers in the global network, which store data archives. The volume of information in FTP archives is very significant. Almost any archive is built as directories hierarchy. Many archives duplicate information from other archives (mirrors).
The FTP protocol works simultaneously with two TCP connections between the server and the client. By one connection, data is transmitted, and the second connection is used as a control. The FTP protocol also provides a tool to the identification of an applied client. However, there are FTP servers with anonymous access for everyone.
Advantages of using FTP:

a. The ability to transmit files via the Internet (using this protocol you can download any files to your computer: MP3, Zip archives, text and programs).

b. The ability to remotely manage the computer files.

c. Convenience in working with files.

Special programs are needed to work with FTP, which provide this protocol. There are several types of FTP programs.
1. The FTP server is a special program running on a computer and operating on it in the background. It makes from the usual computer FTP server from which you can download files or download. It tracks all requests coming from other computers, processes them and gives an answer. When installing the FTP server, the directory is available for other client programs. All files and directories have their own attributes that restrict access to them. remote computers. For example, you can make it so that one file is read only for reading, the other for execution only, the third only for recording, the fourth is completely open for other machines and so on. The same with directories.
2. FTP client is a special program that works with FTP servers. It is designed to serve servers and receiving information. In fact, it is also arranged as a server, it is only managed with a local machine or automatically or by a person. You can not manage the client via the network. FTP clients can provide users convenient interface.
Another type of FTP clients is the download managers programs (GO! ZILLA, REGET). They allow users to conveniently download files from Web servers. The peculiarity of these programs is that they can integrate with the browser and automatically intercept the files that you download from pages. FTP downloaders allow you to exercise in the event of a break break, they usually have a beautiful interface and convenient control. They can be downloaded on schedule.
Because of the large number of FTP servers, it is very difficult to determine which of them is the desired file. ARCHIE protocol is usually used as an interactive file search tool.
Archie - auxiliary servicewhich makes it easier to work with FT servers by organizing file search on these servers. Archie servers "remember" lists of all files on many FTP servers around the world and on request can search for the desired file by name or by part of the name. The user specifies the search template, indicates search characteristics. In response, he receives a list of server names and locations on them files that satisfy the query.

Interactive communication

Interactive service is a service focused on meeting the information needs of users by providing information products in the dialog. In 1998, the developers of the Israeli company Mirabilis created special ICQ software and transferred the challenges of subscribers to the Internet. The program received the name of the Internet pager.
To use this service, you must register on its central server (http://www.icq.com) and get a personal UIN identification number (Universal Internrt Number). This number can be reported to partners in contacts. Knowing a partner number, you can send him a message to a proposal to establish a connection through the central service server.
Servers supporting ICQ are often combined in Internet paging networks. The service allows you to negotiate real time, transmit graphs, carry out voice and video communication, share files. (QIP, Miranda).
The IRC service system is a multiplayer, intended for chatting a multichannel network, with which users can talk in real time, regardless of their location. IRC nodes are synchronized with each other, so, connecting to the nearest server, you connect to the entire IRC network. When you connect to the IRC server, using the IRC client program, the user sees a list of available channels, in each of which (or immediately in several) it can "log in." The channel in the IRC is a specific group of users having a name (usually the name begins to symbol #). Messages sent to the channel (addressed to the group) receive all users of this group.
Each channel has its name and, as a rule, a specific topic for discussion. After the "login" in the channel, the user can see that the remaining channel participants write, and may also take part. The topic discussed on the channel usually follows from its name.
The IRC has no restrictions on the number of people who can be simultaneously on the channel, and there are no restrictions on the number of channels that can be formed on the IRC.
The IRC server is a program running on the server at the Internet provider (usually) and performing two main tasks: providing users with the ability to connect to an IRC network and relaying messages to users on other IRC-Seropes in this network.
The IRC client is a user program that allows it to connect to the IRC server and communicate on the channels and in private with other users. There are several popular client programs for working with servers and networks that support the IRC service.
Despite the fact that IRC has enough many years, in the commercial activities of modern companies, this standard is practically not applicable. Its main purpose is to discuss the widest range of issues between users of the Internet.
At one time, the chat rooms, which were based on the IRC standard, got quite widespread. However, today the chats conducted on individual websites are becoming increasingly popular and the HTML languages \u200b\u200bor in the Java language. This allows Internet users to participate in them without installing additional software, using only a standard browser: the number of potential participants becomes maximum.
On the other hand, the ability to install the chat system on the corporate website of the company, allows you to widely use this service for commercial purposes, for example, for discussion with consumers of certain issues of enterprise, discussion of products, service systems, etc. Special group of services The Internet is services using the Internet as an environment of information transfer.