File eXchange Protocol
From Wikipedia, the free encyclopedia
The five-layer TCP/IP model |
---|
5. Application layer |
DHCP · DNS · FTP · Gopher · HTTP · IMAP4 · IRC · NNTP · XMPP · POP3 · RTP · SIP · SMTP · SNMP · SSH · TELNET · RPC · RTCP · RTSP · TLS (and SSL) · SDP · SOAP · GTP · STUN · NTP · (more) |
4. Transport layer |
TCP · UDP · DCCP · SCTP · RSVP · ECN · (more) |
3. Network/internet layer |
IP (IPv4 · IPv6) · OSPF · IS-IS · BGP · IPsec · ARP · RARP · RIP · ICMP · ICMPv6 · IGMP · (more) |
2. Data link layer |
802.11 (WLAN) · 802.16 · Wi-Fi · WiMAX · ATM · DTM · Token ring · Ethernet · FDDI · Frame Relay · GPRS · EVDO · HSPA · HDLC · PPP · PPTP · L2TP · ISDN · ARCnet · LLTD · (more) |
1. Physical layer |
Ethernet physical layer · RS-232 · SONET/SDH · G.709 · Optical fiber · Coaxial cable · Twisted pair · (more) |
File eXchange Protocol (FXP) is a method of data transfer which uses the FTP protocol to transfer data from one remote server to another (inter-server) without routing this data through the client's connection. Conventional FTP involves a single server and a single client; all data transmission is done between these two. In the FXP session, a client maintains a standard FTP connection to two servers, and can direct either server to connect to the other to initiate a data transfer. The advantage of using FXP over FTP is evident when a high-bandwidth server demands resources from another high-bandwidth server, but only a low-bandwidth client, such as a network administrator working away from location, has the authority to access the resources on both servers.
Contents |
[edit] Risk
Enabling FXP support, however, can make a server vulnerable to an exploit known as FTP bounce. As a result of this, FTP server software often has FXP disabled by default.
[edit] FXP over SSL
Some FTP Servers such as glFTPd, RaidenFTPd, and wzdftpd support negotiation of a secure data channel between two servers using either of the FTP protocol extension commands; CPSV or SSCN. This normally works by the client issuing CPSV in lieu of the PASV command - or by sending SSCN prior to PASV transfers -, which instructs the server to create either a SSL or TLS connection. However, both methods - CPSV and SSCN - are susceptible to Man-in-the-Middle attacks, since the two FTP servers do not verify each other's SSL certificates.
[edit] Technical
Although FXP may be classed as its own "protocol", it is in fact merely an extension of FTP and is specified in RFC 959:
User-PI - Server A (Dest) User-PI - Server B (Source) ------------------ ------------------ C->A : Connect C->B : Connect C->A : PASV A->C : 227 Entering Passive Mode. A1,A2,A3,A4,a1,a2 C->B : PORT A1,A2,A3,A4,a1,a2 B->C : 200 Okay C->A : STOR C->B : RETR
B->A : Connect to HOST-A, PORT-a
[edit] References
This "protocol" is standardized as a subset of RFC 0959 by the IETF as:
- RFC 959 File Transfer Protocol (FTP). J. Postel, J. Reynolds. Oct-1985. This obsoleted the preceding RFC 765 and earlier FTP RFCs back to the original RFC 114.
[edit] See also
- File Transfer Protocol (FTP)
- Comparison of FTP client software
- List of FTP server software
- Trivial File Transfer Protocol (TFTP)
- SSH file transfer protocol (sftp), a protocol running over SSH
- FTPS (FTPS), FTP run over SSL
- Simple File Transfer Protocol (SFTP), the historic protocol RFC 913