The File Transfer Protocol(FTP) is used for file transfer between different systems and for simple file handling. The FTP protocol is based on the TCP protocol and knows both the transfer of character- coded information and binary data. In both cases, the user must have a way to specify in what form the data is to be stored on the respective target system. The file transferis controlled from the local system, the access authorization for the target system ischecked for the connection establishment by means of user identification and password.
If a client wants to communicate with the server, the user establishes a connection to the interpreter in the server via the interpreter in the client. The client and server communicate via this control connection using a set of specified commands. There are several sets of commands for access control, data transfer commands, and FTP services.
To exchange user data, the server establishes a second connection to the client, and this connection is controlled by the data transfer process( DTP). The user data is transferred through this connection. When the connection is terminated, the server interpreter confirms the end of the data transfer to the client interpreter via the control connection.
The FTP protocol is one of the oldest protocols. The first version is from 1971, the current version is from 1985. Since the FTP protocol transmits the control data and user data without encryption, i.e. including the user name and password, it has weak points in data security and it is vulnerable to attacks.
Besides the FTP protocol, there are other protocols for unsecured and secured file transfer. There is the Simple File Transfer Protocol( SFTP), which originated in 1984. Like the Trivial File Transfer Protocol( TFTP), it has less functionality than the FTP protocol and is also unsecured. Alternatives for secure file transfer are Secure FTP, Secure Copy Protocol( SCP), FTP over SSL( FTPS) and the SSH File Transfer Protocol (SFTP).