File transfer protocol (FTP) is a standard for transferring files from one computer to another. It is most commonly used to transfer software or files for web development, like WordPress themes or HTML/CSS templates.
Although not widely known, FTP has its own security features. One of these features is called anonymous access, which allows a user to log into an FTP server without needing to provide a legitimate email address or username.
The issue with anonymous access is that it allows a user to mess with other people’s files and folders. A good way to prevent this is by setting a password for the user account, but if this security feature is disabled, it can be exploited.
There are several ways to exploit anonymous access, including: Reading other people’s files, deleting other people’s files, and uploading your own files onto the server.
Message duplication might occur
Message duplication occurs when the destination server receives both the original message and a new message that contains the same content.
This can happen when part of a message is lost during transmission. If part of the file being transferred is missing, the receiver will still receive the rest of the file.
Since FTP is a protocol that transfers files, this can happen if the connection between the servers breaks temporarily, causing parts of the message to be lost. If this happens, then the server receiving the file will think that it is complete, even though some of the content might have been deleted during transmission.
Message duplication can also happen on purpose. Some servers have settings that allow for this feature to be turned on or off. Doing so can be useful in some situations, but it needs to be monitored closely to avoid problems.
Messages might be rejected
If the message is not rejected, then the receiver might use the wrong information. For example, if a receiver accepts a file that is not valid, then they might use a corrupt file or no file at all.
Receivers can also reject messages based on the message type. For example, if an FTP server receives a delete message for a file that has already been deleted, then it can reject the message.
If messages are being delayed or lost in transit, then this could also lead to receivers receiving messages out of order. If an hourly update sends the latest information about a project, and some of those updates are not received in full or at all, then the next update will look different. This could potentially cause problems down the road.
Messages might be resent
When a message is not fully delivered, the internet protocol requires that the sender re-send (or “re-transmit”) the message.
This is known as a transmission control protocol requirement. If the destination server did not receive the entire message, then it would not know whether or not to re-send what was missing.
This can be problematic because there is no way of knowing if the second attempt will succeed. There is also no way of knowing how many retransmissions it will take to successfully deliver the message. This can lead to wasted time and effort on both ends.
Because of this, transmissions are set up with a timer. If there is no response from the receiver after a certain amount of time, then the transmitter will abandon retransmission and move on to other things.
Fragmentation is bad and should be avoided
In the case of file transfer protocol (FTP) messages, fragmentation can lead to a situation called incomplete transmission.
When an FTP server receives a file transfer request, it processes the request and returns a response. The response includes a message containing the filename of the transferred file and its destination location.
If part of that response is not delivered to the destination, then the downloaded file will not have a proper name. It will simply be a large group of files instead of just one. This makes it difficult to use or edit the file.
Incomplete transmission can happen in two ways: unintentional fragmentation and intentional fragmentation. Both are bad and should be avoided. Unintentional fragmentation happens when there is poor network connectivity or poor server/client communication. Intentional fragmentation is when someone purposefully breaks up an FTP message into several parts in order to avoid detection by firewalls or security measures.
Duplication is good and should be attempted
In addition to the inherent difficulty in delivering a message, there is also the possibility of duplicate messages being sent.
If a server sends out a message, but then doesn’t receive an acknowledgement that the message was received, it will resend the original message.
This can happen repeatedly until either the original message is received and acknowledged or until the server runs out of resources.
Duplication is bad and should be prevented! In order to avoid this situation, servers have what is called a “buffer”. This buffer stores messages so that new messages can be processed. The length of time that a message stays in this buffer depends on the server and its configuration. Some servers have very short buffers while others have very long ones.
Messages should not be too large
A good rule of thumb is to send messages no larger than 100 kB. Many FTP clients have a default maximum message size, and most default settings are 100 kB. You can check your client’s default maximum message size by looking at its help page.
If you need to send a larger file, divide it into several smaller files no larger than 100 kB each. Then use an FTP transfer to put them together on the destination server.
There are two reasons why this should be done. The first is that some servers have limited file system space, and you do not want to exceed that limit. The second is that if part of the file fails to be received on the destination server, then the rest of the file can still be useful.
Both of these reasons highlight an important point: It is better to transfer smaller files than one large file. This is because if there is transmission failure, only a small amount of data is lost.
Messages should use high quality transport paths
Messages should use high quality transport paths. Messages should be sent over servers and pathways that have a good reputation for not failing.
If a server fails to deliver a message, it may be the best option to simply retry the transmission on a different server. If the server is down or has been compromised, this is especially important.
If a message cannot be delivered due to something outside of the transmission itself (like the receiving party not picking up the phone), it is best to either try again or try contacting someone else.
Having multiple routes and sources for messages can help reduce the chances of failure. Messages that are sent repeatedly until they are received can help ensure that all information is taken into account.
Transport paths with high bandwidth but low latency are preferred
When it comes to selecting a path, the FTP protocol has a peculiar mechanism – it selects a path based on its bandwidth and latency.
Bandwidth is the speed at which data can be transferred between the server and the client. Latency is the time it takes for a packet of data to be transferred from one point to another.
FTP clients prefer high-bandwidth connections with low latency as these give faster file transfers. When selecting paths, the FTP protocol also considers whether or not connections are secure. If one of the paths is not secure but the destination server is, then a non-secure connection will be selected instead.
If part of an FTP message is not delivered to the destination, then either the client or server will attempt to re-send it. If this fails, then either party will try another path.
