Graphical representation of File Transfer Protocol (FTP)
Image 1
Image 1
Image 2
Image 3
Showing posts with label client. Show all posts
Showing posts with label client. Show all posts
FTP servlet an intro
An FTP servlet is an intermediate application that resides between the FTP server and the FTP client. It works as a proxy interposed within client/server communications and helps to unload some of the computing power of the FTP server and distribute it to the FTP servlet. It also provides a firewall and proxy friendly file transfer environment by wrapping FTP traffic over HTTP. FTP traffic can be wrapped over HTTPs using a SSL certificate to provide enhanced security.
Architecture
FTP clients can connect to the FTP servlet through the Internet. In most cases FTP is wrapped over an application layer protocol. Most commonly used are HTTP (for easy, unencrypted transfers) or HTTPs (for encrypted transfers). The use of HTTPs requires an SSL certificate to be present at the site of the FTP servlet. A number of simultaneous connections can be made to the FTP servlet. The number of connections is restricted to the computing power of the server. The number of end-users supported through the number of connections is usually more. As all connected end-users aren’t “active” until they make a request from the server. Consequently, the number of end-users simultaneously online on the FTP server can be greater than the number of active connections supported by the FTP server.
Security
FTP servlets protect direct access to an FTP server from the outside world. The FTP servlet can be housed on the DMZ. The internal network can house the FTP server. Direct access from the outside can’t be initiated with the internal FTP server. For additional security, port forwarding can also be used to enhance security between the DMZ and internal network.
Issues and drawbacks
FTP servlets can only work with advanced FTP clients that support the wrapping of FTP over HTTP or HTTPs. There are a number of commercially available clients/FTP servlets that work in such a way.
Architecture
FTP clients can connect to the FTP servlet through the Internet. In most cases FTP is wrapped over an application layer protocol. Most commonly used are HTTP (for easy, unencrypted transfers) or HTTPs (for encrypted transfers). The use of HTTPs requires an SSL certificate to be present at the site of the FTP servlet. A number of simultaneous connections can be made to the FTP servlet. The number of connections is restricted to the computing power of the server. The number of end-users supported through the number of connections is usually more. As all connected end-users aren’t “active” until they make a request from the server. Consequently, the number of end-users simultaneously online on the FTP server can be greater than the number of active connections supported by the FTP server.
Security
FTP servlets protect direct access to an FTP server from the outside world. The FTP servlet can be housed on the DMZ. The internal network can house the FTP server. Direct access from the outside can’t be initiated with the internal FTP server. For additional security, port forwarding can also be used to enhance security between the DMZ and internal network.
Issues and drawbacks
FTP servlets can only work with advanced FTP clients that support the wrapping of FTP over HTTP or HTTPs. There are a number of commercially available clients/FTP servlets that work in such a way.
File-sharing program
A file-sharing program is used to directly or indirectly transfer files from one computer to another computer over a network (e.g. the Internet). While the term may be used to describe client-server disk sharing (also known as shared file access or disk mounting), it is more commonly used to describe file sharing using the peer-to-peer (P2P) model.
Peer-to-peer file sharing typically operates using a network, such as Gnutella or BitTorrent. There are trade offs to using one network over another network. A variety of file-sharing programs are available on these different networks. It is common for commercial file sharing clients to contain abrasive advertising software or spyware.
Categories of clients
* Centralized Clients: OpenNap
o Benefits: Faster searching and downloading
o Negatives: Often more vulnerable to legal and DDOS attacks
* Decentralized clients: Gnutella
o Benefits: Usually more reliable and rarely shut down
o Negatives: Generally slower than centralized systems
* Decentralized tracker-based clients: BitTorrent
o Benefits: Very fast due to concentration of bittorrent networks on a single file, is principally used to offer new, large files for download, many tracker sites available
o Negatives: Not centrally searchable, tracker sites are often closed down from legal suits or fail, not truly anonymous
* Multi-network clients
o Benefits: allows connection to more than one network, almost always on the client side.
o Negatives: often playing catch-up to individual networks' changes and updates.
* Anonymous peer-to-peer: Freenet, GNUnet, MUTE, I2P
o Benefits: allows for the uncensored free flow of information and ideas
o Negatives: due to anonymity it allows for questionable or illegal material to be exchanged easier than other networks, often slower than regular p2p because of the overhead
* Private file-sharing networks
Peer-to-peer file sharing typically operates using a network, such as Gnutella or BitTorrent. There are trade offs to using one network over another network. A variety of file-sharing programs are available on these different networks. It is common for commercial file sharing clients to contain abrasive advertising software or spyware.
Categories of clients
* Centralized Clients: OpenNap
o Benefits: Faster searching and downloading
o Negatives: Often more vulnerable to legal and DDOS attacks
* Decentralized clients: Gnutella
o Benefits: Usually more reliable and rarely shut down
o Negatives: Generally slower than centralized systems
* Decentralized tracker-based clients: BitTorrent
o Benefits: Very fast due to concentration of bittorrent networks on a single file, is principally used to offer new, large files for download, many tracker sites available
o Negatives: Not centrally searchable, tracker sites are often closed down from legal suits or fail, not truly anonymous
* Multi-network clients
o Benefits: allows connection to more than one network, almost always on the client side.
o Negatives: often playing catch-up to individual networks' changes and updates.
* Anonymous peer-to-peer: Freenet, GNUnet, MUTE, I2P
o Benefits: allows for the uncensored free flow of information and ideas
o Negatives: due to anonymity it allows for questionable or illegal material to be exchanged easier than other networks, often slower than regular p2p because of the overhead
* Private file-sharing networks
The fourth P2P-Generation
Streams over P2P
Apart from the traditional file sharing there are services that send streams instead of files over a P2P network. Thus one can hear radio and watch television without any server involved -- the streaming media is distributed over a P2P network. It is important that instead of a treelike network structure, a swarming technology known from BitTorrent is used. Best examples are Peercast, Miro, Cybersky and demo TV.
General
* Broadcatching
* Podcast
Tree structure
* CoolStreaming
* Peercast
Swarm structure such as BitTorrent
* Djingle
* Icecast
* Joost
* MediaBlog
* PeerCast
* PPLive
* PPStream
* SopCast
* TVUPlayer
* Vuze
Apart from the traditional file sharing there are services that send streams instead of files over a P2P network. Thus one can hear radio and watch television without any server involved -- the streaming media is distributed over a P2P network. It is important that instead of a treelike network structure, a swarming technology known from BitTorrent is used. Best examples are Peercast, Miro, Cybersky and demo TV.
General
* Broadcatching
* Podcast
Tree structure
* CoolStreaming
* Peercast
Swarm structure such as BitTorrent
* Djingle
* Icecast
* Joost
* MediaBlog
* PeerCast
* PPLive
* PPStream
* SopCast
* TVUPlayer
* Vuze
Third P2P-Generation
indirect and encrypted
The third generation of peer-to-peer networks are those that have anonymity features built in. Examples of anonymous networks are ANts P2P, RShare, Freenet, I2P, GNUnet and Entropy.
A degree of anonymity is realized by routing traffic through other users' clients, which have the function of network nodes. This makes it harder for someone to identify who is downloading or who is offering files. Most of these programs also have strong encryption to resist traffic sniffing.
Friend-to-friend networks only allow already-known users (also known as "friends") to connect to the user's computer, then each node can forward requests and files anonymously between its own "friends'" nodes.
Third-generation networks have not reached mass usage for file sharing because most current implementations incur too much overhead in their anonymity features, making them slow or hard to use. However, in countries where very fast fiber-to-the-home Internet access is commonplace, such as Japan, a number of anonymous file-sharing clients have already reached high popularity.
An example might be: Petra gives a file to Oliver, then Oliver gives the file to Anna. Petra and Anna thus never become acquainted and thus are protected. Often used virtual IP addresses obfuscate the user's network location because Petra only knows the virtual IP of Anna. Although real IP's are always necessary to establish a connection between Petra and Oliver, nobody knows if Anna really requested and Petra really send the file or if they just forward it (As long as they won't tell anyone their virtual IP's!). Additionally all transfers are encrypted, so that even the network administrators cannot see what was sent to whom. Example software includes WASTE, JetiANts, Tor and I2P. These clients differ greatly in their goals and implementation. WASTE is designed only for small groups and may therefore be considered Darknet; ANts and I2P are public Peer-to-Peer systems, with anonymization provided exclusively by routing reach.
Ants network
* ANts P2P
* JetiANts
* Hornet
Mute network
* MUTE
* Kommute - KDE
I2P network
* I2P
* I2Phex - Gnutella over I2P
* iMule - eDonkey (Kademlia) over I2P
* Azureus - has I2P plugin
Retroshare-Network (F2F Instant Messenger)
* Retroshare Instant Messenger - Retroshare Chat Messenger for privacy of filesharing
other networks or clients
* Alliance
* Freenet
* GNUnet
* Nodezilla
* OFF System
* Perfect Dark
* Proxyshare
* RShare
* Share
* Tor
* WinNY
* Zultrax
The third generation of peer-to-peer networks are those that have anonymity features built in. Examples of anonymous networks are ANts P2P, RShare, Freenet, I2P, GNUnet and Entropy.
A degree of anonymity is realized by routing traffic through other users' clients, which have the function of network nodes. This makes it harder for someone to identify who is downloading or who is offering files. Most of these programs also have strong encryption to resist traffic sniffing.
Friend-to-friend networks only allow already-known users (also known as "friends") to connect to the user's computer, then each node can forward requests and files anonymously between its own "friends'" nodes.
Third-generation networks have not reached mass usage for file sharing because most current implementations incur too much overhead in their anonymity features, making them slow or hard to use. However, in countries where very fast fiber-to-the-home Internet access is commonplace, such as Japan, a number of anonymous file-sharing clients have already reached high popularity.
An example might be: Petra gives a file to Oliver, then Oliver gives the file to Anna. Petra and Anna thus never become acquainted and thus are protected. Often used virtual IP addresses obfuscate the user's network location because Petra only knows the virtual IP of Anna. Although real IP's are always necessary to establish a connection between Petra and Oliver, nobody knows if Anna really requested and Petra really send the file or if they just forward it (As long as they won't tell anyone their virtual IP's!). Additionally all transfers are encrypted, so that even the network administrators cannot see what was sent to whom. Example software includes WASTE, JetiANts, Tor and I2P. These clients differ greatly in their goals and implementation. WASTE is designed only for small groups and may therefore be considered Darknet; ANts and I2P are public Peer-to-Peer systems, with anonymization provided exclusively by routing reach.
Ants network
* ANts P2P
* JetiANts
* Hornet
Mute network
* MUTE
* Kommute - KDE
I2P network
* I2P
* I2Phex - Gnutella over I2P
* iMule - eDonkey (Kademlia) over I2P
* Azureus - has I2P plugin
Retroshare-Network (F2F Instant Messenger)
* Retroshare Instant Messenger - Retroshare Chat Messenger for privacy of filesharing
other networks or clients
* Alliance
* Freenet
* GNUnet
* Nodezilla
* OFF System
* Perfect Dark
* Proxyshare
* RShare
* Share
* Tor
* WinNY
* Zultrax
Second P2P-Generation
Decentralization
After Napster encountered legal troubles, Justin Frankel of Nullsoft set out to create a network without a central index server, and Gnutella was the result. Unfortunately, the Gnutella model of all nodes being equal quickly died from bottlenecks as the network grew from incoming Napster refugees. FastTrack solved this problem by having some nodes be 'more equal than others'.
By electing some higher-capacity nodes to be indexing nodes, with lower capacity nodes branching off from them, FastTrack allowed for a network that could scale to a much larger size. Gnutella quickly adopted this model, and most current peer-to-peer networks implement this design, as it allows for large and efficient networks without central servers.
Also included in the second generation are distributed hash tables (DHTs), which help solve the scalability problem by electing various nodes to index certain hashes (which are used to identify files), allowing for fast and efficient searching for any instances of a file on the network. This is not without drawbacks; perhaps most significantly, DHTs do not directly support keyword searching (as opposed to exact-match searching).
The best examples are Gnutella, Kazaa or eMule with Kademlia, whereby Kazaa has still a central server for logging in. eDonkey2000/Overnet, Gnutella, FastTrack and Ares Galaxy have summed up approx. 10.3 million users (as of April 2006, according to slyck.com). This number does not necessarily correspond to the actual number of persons who use these networks; it must be assumed that some use multiple clients for different networks.
Multi-Network-Clients
Further networks or clients
After Napster encountered legal troubles, Justin Frankel of Nullsoft set out to create a network without a central index server, and Gnutella was the result. Unfortunately, the Gnutella model of all nodes being equal quickly died from bottlenecks as the network grew from incoming Napster refugees. FastTrack solved this problem by having some nodes be 'more equal than others'.
By electing some higher-capacity nodes to be indexing nodes, with lower capacity nodes branching off from them, FastTrack allowed for a network that could scale to a much larger size. Gnutella quickly adopted this model, and most current peer-to-peer networks implement this design, as it allows for large and efficient networks without central servers.
Also included in the second generation are distributed hash tables (DHTs), which help solve the scalability problem by electing various nodes to index certain hashes (which are used to identify files), allowing for fast and efficient searching for any instances of a file on the network. This is not without drawbacks; perhaps most significantly, DHTs do not directly support keyword searching (as opposed to exact-match searching).
The best examples are Gnutella, Kazaa or eMule with Kademlia, whereby Kazaa has still a central server for logging in. eDonkey2000/Overnet, Gnutella, FastTrack and Ares Galaxy have summed up approx. 10.3 million users (as of April 2006, according to slyck.com). This number does not necessarily correspond to the actual number of persons who use these networks; it must be assumed that some use multiple clients for different networks.
Multi-Network-Clients
Further networks or clients
Web-based sharing
Webhosting is also used for file-sharing, since it makes it possible to exchange privately. In small communities popular files can be distributed very quickly and efficiently. Web hosters are independent of each other; therefore contents are not distributed further. Other terms for this are one-click hosting and web-based sharing.
File Sharing On The Social Graph
Recently, Facebook opened up its API to 3rd party developers that has allowed for a new type of file-sharing service to emerge. Box.net and FreeDrive.com are two examples of companies that have specific Facebook Applications that allow file sharing to be easily accomplished between friends.
Server-client-protocols
* Audiogalaxy - Service ended in the middle of 2002.
* Direct Connect
* Napster - Closed in its original form in July 2001, since changed to a fee-based service.
* Scour Exchange - The second exchange network after Napster. No longer exists.
* Soulseek - Still popular today despite being relatively old, with more than 120,000 users online at any time.
* TinyP2P - 15 lines Python - SOURCE code
* WinMX - The original Frontcode servers were switched off in September 2005, but alternate servers can be used by installing a Software Patch.
File Sharing On The Social Graph
Recently, Facebook opened up its API to 3rd party developers that has allowed for a new type of file-sharing service to emerge. Box.net and FreeDrive.com are two examples of companies that have specific Facebook Applications that allow file sharing to be easily accomplished between friends.
Server-client-protocols
* Audiogalaxy - Service ended in the middle of 2002.
* Direct Connect
* Napster - Closed in its original form in July 2001, since changed to a fee-based service.
* Scour Exchange - The second exchange network after Napster. No longer exists.
* Soulseek - Still popular today despite being relatively old, with more than 120,000 users online at any time.
* TinyP2P - 15 lines Python - SOURCE code
* WinMX - The original Frontcode servers were switched off in September 2005, but alternate servers can be used by installing a Software Patch.
File sharing
File sharing refers to the providing and receiving of digital files over a network, usually following the peer-to-peer (P2P) model, where the files are stored on and served by personal computers of the users. Most people who engage in file sharing on the Internet both provide (upload) files and receive files
P2P file sharing is distinct from file trading in that downloading files from a P2P network does not require uploading, although some networks either provide incentives for uploading such as credits or forcing the sharing of files being currently downloaded.
USENET was the first global file sharing network. Files are posted to alt.binary.* groups by users and copies are propagated to all hosts that carry that particular group. Unlike the later peer-to-peer file sharing networks, requests for a file relies on people asking others to post them, and users save them if they want those files.
First P2P-generation: Server-client
The first generation of peer-to-peer file sharing networks had a centralized server system. This system controls traffic amongst the users. The servers store directories of the shared files of the users and are updated when a user logs on. In the centralized peer-to-peer model, a user would send a search to the centralized server of what they were looking for. The server then sends back a list of peers that have the data and facilitates the connection and download. The Server-Client system is quick and efficient because the central directory is constantly being updated and all users had to be registered to use the program. However, there is only a single point of entry, which could result in a collapse of the network. In addition, it is possible to have out of date information or broken links if the server is not refreshed.
The first file-sharing programs marked themselves by inquiries to a server, either the data to the download held ready or in appropriate different Peers and so-called Nodes further-obtained, so that one could download there. Two examples were Napster (today using a pay system) and eDonkey2000 in the server version (today, likewise with Overnet and KAD - network decentralized). Another notable instance of peer to peer file sharing, which still has a free version, is Limewire.
P2P file sharing is distinct from file trading in that downloading files from a P2P network does not require uploading, although some networks either provide incentives for uploading such as credits or forcing the sharing of files being currently downloaded.
USENET was the first global file sharing network. Files are posted to alt.binary.* groups by users and copies are propagated to all hosts that carry that particular group. Unlike the later peer-to-peer file sharing networks, requests for a file relies on people asking others to post them, and users save them if they want those files.
First P2P-generation: Server-client
The first generation of peer-to-peer file sharing networks had a centralized server system. This system controls traffic amongst the users. The servers store directories of the shared files of the users and are updated when a user logs on. In the centralized peer-to-peer model, a user would send a search to the centralized server of what they were looking for. The server then sends back a list of peers that have the data and facilitates the connection and download. The Server-Client system is quick and efficient because the central directory is constantly being updated and all users had to be registered to use the program. However, there is only a single point of entry, which could result in a collapse of the network. In addition, it is possible to have out of date information or broken links if the server is not refreshed.
The first file-sharing programs marked themselves by inquiries to a server, either the data to the download held ready or in appropriate different Peers and so-called Nodes further-obtained, so that one could download there. Two examples were Napster (today using a pay system) and eDonkey2000 in the server version (today, likewise with Overnet and KAD - network decentralized). Another notable instance of peer to peer file sharing, which still has a free version, is Limewire.
FTP over SSH
FTP over SSH refers to the practice of tunneling a normal FTP session over an SSH connection.
Because FTP uses multiple TCP connections (unusual for a TCP/IP protocol that is still in use), it is particularly difficult to tunnel over SSH. With many SSH clients, attempting to set up a tunnel for the control channel (the initial client-to-server connection on port 21) will protect only that channel; when data is transferred, the FTP software at either end will set up new TCP connections (data channels) which will bypass the SSH connection, and thus have no confidentiality, integrity protection, etc.
If the FTP client is configured to use passive mode and to connect to a SOCKS server interface that many SSH clients can present for tunneling, it is possible to run all the FTP channels over the SSH connection.
Otherwise, it is necessary for the SSH client software to have specific knowledge of the FTP protocol, and monitor and rewrite FTP control channel messages and autonomously open new forwardings for FTP data channels. Version 3 of SSH Communications Security's software suite, and the GPL licensed FONC are two software packages that support this mode.
FTP over SSH is sometimes referred to as secure FTP; this should not be confused with other methods of securing FTP, such as with SSL/TLS (FTPS). Other methods of transferring files using SSH that are not related to FTP include SFTP and SCP; in each of these, the entire conversation (credentials and data) is always protected by the SSH protocol.
Because FTP uses multiple TCP connections (unusual for a TCP/IP protocol that is still in use), it is particularly difficult to tunnel over SSH. With many SSH clients, attempting to set up a tunnel for the control channel (the initial client-to-server connection on port 21) will protect only that channel; when data is transferred, the FTP software at either end will set up new TCP connections (data channels) which will bypass the SSH connection, and thus have no confidentiality, integrity protection, etc.
If the FTP client is configured to use passive mode and to connect to a SOCKS server interface that many SSH clients can present for tunneling, it is possible to run all the FTP channels over the SSH connection.
Otherwise, it is necessary for the SSH client software to have specific knowledge of the FTP protocol, and monitor and rewrite FTP control channel messages and autonomously open new forwardings for FTP data channels. Version 3 of SSH Communications Security's software suite, and the GPL licensed FONC are two software packages that support this mode.
FTP over SSH is sometimes referred to as secure FTP; this should not be confused with other methods of securing FTP, such as with SSL/TLS (FTPS). Other methods of transferring files using SSH that are not related to FTP include SFTP and SCP; in each of these, the entire conversation (credentials and data) is always protected by the SSH protocol.
Subscribe to:
Comments (Atom)