Chapter 12 - Miscellaneous IP Services - FTP

Traditionally, FTP uses port 1)____________ for control connections and port 2)____________ for data connections

1) 21 2) 20

What are the two variant modes of FTPS?

1) explicit 2) implicit

When creating FTP data connections, the client can use two different modes/way of doing it. What are they?

1. active mode 2. passive mode

If in a FTP session, there are two connections (Control + Data), how many TCP connections are there between the server and client?

2 TCP connections (1 for Control + 1 for Data)

FTP servers listens for new control connections on its well-known port ______________

21

What layer 4 port does TFTP run on?

A transfer request is always initiated targeting port 69, but the data transfer ports are chosen independently by the sender and receiver during the transfer initialization. The ports are chosen at random according to the parameters of the networking stack, typically from the range of ephemeral ports

In what scenario does active mode works well and in which does it not work well?

Active mode works well if both the ftp client and server are inside the same network with not NAT function and firewall. However, if the ftp client and server are on different networks with NAT and/or firewall between them, active mode connection will typically fail. This is because most firewalls do not allow outside hosts to initiate TCP connections to hosts inside the inner network without a specific firewall rule allowing connection. For NATs, an additional complication is that the representation of the IP addresses and port number in the PORT command refer to the internal host's IP address and port, rather than the public IP address and port of the NAT.

A FTP user issues a command to list out the directory contents and the contents are displayed on the terminal, please describe in detail the FTP and TCP connections involved in this process. FTP is in active mode.

After the ftp user has issued the command has been processed by the server, there will now be be the start of establish a new data connection between the client and server. This data connection is required for the server to pass back the directory listing to be displayed on the terminal back to the client. First the client will specify the ip address + port number for the server to connect for the daata connection, using the FTP PORT command. The server will then start the TCP 3 way handshake and establish the data connection. After the data connection has been established, the directory listing will be passed to the client and client will be able to see the display on the terminal

How can you configure ftp username and password on the router so that you do not have to include them in the ftp url portion of the copy command?

By using global configuration commands, ip ftp username ____________________ ip ftp password ____________________

What does the acronym Cisco IOS stand for?

Cisco Internetwork Operating System (IOS)

What are the two types of connections used by FTP and what are they used for?

Control Connection: Used to exchange FTP Commands Data Connection: Used for sending and receiving data, both for file transfers and for output to display to a user

What does the following command do? copy tftp flash

Copies a file (most likely IOS image) from a TFTP server of a specific ip address

Many commands use a keyword that indirectly refers to a formal filename in IOS. What file does the command below refer to? show flash

Default flash IFS (usually flash0:)

What does the following command do? more flash0:/wotemp/fred

Display the contents on the file "fred" in directory, "/wotemp", in the first flash memory slot in the router.

What type of ftp hosts usually allow anonymous logins?

FTP hosts whose purpose is to provide software updates

What is another name for FTP Secure?

FTP over TLS

What type of data does FTPS encrypt?

FTPS encrypts both the control and data connections with TLS, including the exchange of usernames and passwords.

True or False? FTPS and SFTP refers to the same thing.

False

True or False? In FTP, the usernames and password flows are encrypted.

False All control messages + data transfer flow as clear text in FTP

True or False? TFTP provides strong authentication using username and password.

False. TFTP does not support even simple clear-text authentication. In effect, if a TFTP server is running, it should accept requests from any TFTP client.

What does FTP stand for?

File Transfer Protocol

Why do Cisco Routers usually use flash memory?

Flash memory is rewritable, permanent storage, which is ideal for storing files that need to be retained when the router loses power

_______________ defines how IOS stores files (including the IOS file)

IO file system (IFS)

What does the IOS do in terms of file systems for each physical memory device in the router?

IOS will create a simple IOS file system and give that device a name.

How does active mode work?

In active mode, the client starts listening for incoming data connections from the server on port M. It sends the FTP command PORT M to inform the server on which port it is listening. The server then initiates a data channel to the client from its port 20, the FTP server data port.

How does the FTPS implicit mode works?

In the implicit mode, process begins with a required TLS connection, with not need for an FTP AUTH command, using the well-known ports 990 (Control) + 989 (Data)

What is the default physical memory location for the startup-config file?

NVRAM

What command does the ftp client send to the ftp server to go into passive mode?

PASV

How does ftp passive mode solve the problem active mode faces?

Passive mode helps solve the firewall restrictions by having the FTP client initiate the FTP data connection to the server.

What does the acronym SFTP stand up?

SSH File Transfer Protocol

Where are flash memory cards located on Cisco routers?

Some routers have flash memory on the motherboard. Others have flash memory slots that allow easy removal and replacement of the flash card, but with the intent that the card remain in the device most of the time. Many devices also have USB slots that support USB flash drives

FTP operates over Layer 4 protocol, ____________

TCP

FTP uses the well known ports __________ and __________

TCP port 21 TCP port 20

How does the IOS image upgrade process happen?

The IOS image upgrade process occurs by copying new IOS files into the router and then booting the router with that new IOS

After a client creates a TCP connection via the server's well known port, what is the next action taken?

The user authenticates to the FTP server

Why does Cisco use flash memory instead of hard disk drives?

There are no moving parts in flash memory, so there is a smaller chance of failure as compared with disk drives.

True or False? A client can connect to the ftp server anonymously if it's configured on the server.

True

What transport layer protocol does Trivial File Transfer Protocol (TFTP) use?

UDP

Who chooses which FTP mode to use?

User at the FTP client can choose which mode to use, passive or active

How can one check the integrity of an IOS file that is to be installed on the cisco device is not corrupted.

Using hashes (MD5 hash) One can generate a MD5 hash of the IOS file on the network device and compare the hash to the original hash provided on the cisco website.

What are the two modes FTP can operate in?

active passive

FTP is based on _____________ architecture.

client-server

When a client first to a FTP server, the client first creates the FTP ____________ connection.

control

What command can you use to copy files from a ftp server?

copy ftp flash

FTP modes determines how the ________ connection is established.

data

If a ftp user wants to download a file, this requires a ______________ connection

data

Flip to see the FTP URL syntax

ftp://[user[:password]@]host[:port]/url-path (the bracketed parts are optional)

What command can you use on Cisco IOS to display the contents of a file?

more file-name

Many commands use a keyword that indirectly refers to a formal filename in IOS. What file does the command below refer to? show startup-config

nvram-startup-config

What tcp port does ftp server usually use for data connections in active mode?

port 20

What tcp port does ftp server usually use for data connections in passive mode?

random port

Who initiates the FTP data connection in active mode?

server Server is the first one to send the TCP SYN packet.

What commands can you use to see the contents of the default flash file system (flash0)?

show flash dir flash0:

Many commands use a keyword that indirectly refers to a formal filename in IOS. What file does the command below refer to? show running-config

system:running-config

What are the user credentials supplied for anonymous FTP access?

username: anonymous password:

What command can you use on a cisco router to generate a md5 hash of a file?

verify md5 file-name

What command can you use on a cisco router to generate a md5 hash of a file and compare it to the original hash value?

verify md5 file-name original-hash-value