Friday, January 27, 2012

Behaviour of FTP incase of mls command


General syntax of mls command is as follows:-
mls <RemoteFile>[…] <LocalFile>
Details can be found on the link: http://technet.microsoft.com/en-us/library/ff687677%28WS.10%29.aspx
Now when we give multiple remote files/folders to be listed, for each file/folder a separate ftp data connection is opened. So by firing a single command, one can see multiple ftp data connections created. 
 


Normally when a ftp command is fired, only one data connection is made. But in case of mls, multiple connections are created and terminated. So if you provide some command with some correct and some wrong paths, then it will list all the correct paths and provide error message in case of wrong paths.

One can get the pcap file containing such packets at the link provided below:-
https://docs.google.com/open?id=0B2XSUdG3GnDmY2M4ZmJhZDgtMGQwYi00NzdmLTg2MzktMTZjMDBjZDI5ZmZh

Posted by at No comments:
Labels:

Tuesday, January 24, 2012

Diagrammatic representation of PORT and PASV commands in FTP

Hi

Here is the diagrammatic representation of PORT and PASV commands in FTP. Diagram represents the various connections that are opened and port numbers used.



Posted by at No comments:
Labels: ,

Basics of FTP Protocol


Some short FTP details:-

FTP consists of 2 connections:-
1.    Control Connection on port 21(Standard, can be changed)
2.    Data Connection on port 20(Standard, can be changed)
Control connection is established once, data connection is established everytime data is transferred.

So, for Control connection, source and destination port remains same….

For every Data connection, port no. change. That port no. is negotiated on the control connection. 

So all the FTP commands doesn’t use the Data Connection…

Here is the list of FTP commands. Commands with (√ ) indicates that the command uses data connection and commands with (X) indicates that the command doesn’t use data connection.


 
FTP commands are of 4 types:-
A.   PORT commands (Also known as Active)
B.   PASV commands (Also known as Passive)
C.   EPRT commands (Also known as Extended PORT)
D. EPSV commands (Also known as Extended PASV)


PORT commands:-
        In this, Client tells to server on which client port the data connection will be made. So client sends the port no. with the command. In PORT commands, port 20 is used by server for Data transfer.


PASV commands:-
        Sometimes client might be behind the firewall, for such cases, server can’t directly connect to client and the port negotiated. So for that Passive mode is used. In Passive mode, any random port is used by server for Data connection.
        In this, Server sends the data connection port no. to client and then client connects to that portnumber for data connection.


EPRT and EPSV commands:-

        These are to support FTP in case of IPv6 and NATing. See RFC of FTP for more details.      


Now lets see what traffic flows in the ls command…


Kindly note:-
1.   FTP server IP is: 192.168.10.10
2.   Clients IP is: 192.168.10.11
Posted by at No comments:
Labels: ,

Thursday, January 12, 2012

Setting up passwordless ssh




One can create passwordless-ssh between two machines so that one can access the other one without needing to enter the password. To achieve this, you need to first install sshserver on your machine. You can try the following commands:-
user@ubuntu32:~/$ sudo apt-get install openssh-server

Once its installed, you need to generate public and private keys. For that use the following command:-
user@ubuntu32:~/$ ssh-keygen –t rsa

It will prompt you for filename and passphrase. Skip it or enter something if you want to use some passphrase. Similarly do this on the second machine as well.



Now you will have a public, private keypair (id_rsa, id_rsa.pub) for the user from whose account you generated the keys. They are present in /home/<username>/.ssh directory.



Now you need to copy the id_rsa.pub to authorized_keys present in /home/<username>/.ssh on server with which you want to setup passwordless ssh. You can enter the following command on the terminal:-
scp ~/.ssh/id_rsa.pub username@servername:.ssh/authorized_keys

 

Once its copied, now you can ssh to the server to which you copied the id_rsa.pub key without giving the password.

Kindly note here that scp will override the authorized_keys file on server to whom you want to setup passwordless ssh. So if you want to have more clients using passwordless ssh to same server, you need to first copy id_rsa.pub to that server, then append the file authorized_keys to contain id_rsa.pub too and then delete id_rsa.pub from that server.

Now you don’t need password to ssh to that server.



One thing to note here is that in “ssh username@machinename”, username is the name of the user on machine to which you are doing passwordless ssh and to whose .ssh directory you have added your public key.

Sometimes what happens is that even after following the above steps, you are unable to login to other machine without password. If you face this issue, then you can check for logs in /var/log/auth.log file to see the kind of error you are getting.
If you face the authentication error(Authentication refused: bad ownership or modes for directory), then you need to change the permissions of the directory as defined below:

chmod go-w ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Now you will be able to successfully login to the other machine without using the password.

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)