文件传输协议:修订间差异
删除的内容 添加的内容
Ohtashinichiro(留言 | 贡献) →外部链接: // Edit via Wikiplus |
Iamnotlin4(留言 | 贡献) 无编辑摘要 标签:2017版源代码编辑 |
||
(未显示11个用户的19个中间版本) | |||
第1行:
{{NoteTA
| G1 = IT
|1=zh-cn:客户端;zh-tw:用戶端;
}}
{{Redirect|FTP}}
第8行 ⟶ 第9行:
}}
{{网络协议}}
'''文件传输协议'''({{Lang-en|'''F'''ile '''T'''ransfer '''P'''rotocol}},縮寫
FTP是
== 历史 ==
== 概述 ==
第38行 ⟶ 第39行:
# 客户端通过本地的数据端口建立一个和服务器20号端口的连接,然后向服务器发送一个应答,告诉服务器它已经建立好了一个连接。
==
=== 浏览器 ===
大部分常见的[[网页浏览器]]都可以检索FTP服务器上托管的文件,尽管它们并不支持扩展协议,如[[FTPS]]。<ref name="matthews">{{cite book |last=Matthews |first=J. |year=2005 |title=Computer Networking: Internet Protocols in Action |url=https://archive.org/details/computernetworki0000matt |edition=1st |location=Danvers, MA |publisher=John Wiley & Sons Inc.}}</ref>当浏览器访问FTP格式的URL时,将以Web文件目录显示远程服务器上的可访问内容。使用类似{{link-en|FireFTP|FireFTP}}客户端可获得FTP扩展协议的完整支持。
Chrome和Firefox等主流浏览器都将计划弃用对FTP的支持,<ref>{{cite web|url=https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/|title=Chrome and Firefox Developers Aim to Remove Support for FTP|date=2018-11-26|access-date=2020-01-26|website=bleepingcomputer.com|first1=Lawrence|last1=Abrams|archive-date=2020-11-08|archive-url=https://web.archive.org/web/20201108115459/https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/|dead-url=no}}</ref>
====语法====
FTP URL 格式已在{{IETF RFC|1738}}指定,格式为:<code>ftp://[user[:password]@]host[:port]/url-path</code>(方括号内为可选参数)。
有关指定用户名和密码的更多详细信息,可以在浏览器的文档中找到(例如[[Firefox]]<ref>{{cite web |url=https://support.mozilla.org/en-US/kb/Accessing%20FTP%20servers#w_ftp-servers-that-require-a-username-and-password |title=Accessing FTP servers | How to | Firefox Help |publisher=Support.mozilla.com |date=2012-09-05 |accessdate=2013-01-16 |archive-date=2021-01-26 |archive-url=https://web.archive.org/web/20210126004632/https://support.mozilla.org/en-US/kb/Accessing%20FTP%20servers#w_ftp-servers-that-require-a-username-and-password |dead-url=no }}</ref>和[[Internet Explorer]]<ref>{{Cite web |url=https://support.microsoft.com/en-us/kb/135975 |title=How to Enter FTP Site Password in Internet Explorer |access-date=2020-04-20 |archive-url=https://web.archive.org/web/20150702005840/https://support.microsoft.com/en-us/kb/135975 |archive-date=2015-07-02 |dead-url= }} Written for IE versions 6 and earlier. Might work with newer versions.</ref>)。默认情况下,大多数Web浏览器使用被动(PASV)模式,该模式更容易遍历终端防火墙。
=== 下载管理器 ===
大部分常见的[[下载管理器]]都可以收取FTP服务器上托管的文件,其中一些还提供界面来检索FTP服务器上托管的文件。{{link-en|DownloadStudio|DownloadStudio}}和Internet Download Accelerator既能从FTP服务器下载文件,又能查看FTP服务器上的文件。<ref>{{cite web |url=http://www.conceiva.com/products/downloadstudio/features.asp |title=DownloadStudio - Internet Download Manager And Download Accelerator - Features |author= |publisher=Conceiva |date= |access-date=2021-10-19 |archive-date=2021-09-08 |archive-url=https://web.archive.org/web/20210908015938/http://www.conceiva.com/products/downloadstudio/features.asp |dead-url=no }}</ref><ref>{{cite web |url=https://www.westbyte.com/ida/index.phtml?page=features&tmp=1&lng=English |title=Internet Download Accelerator {{!}} Features |author= |publisher=WestByte |date= |access-date=2021-10-20 |archive-date=2021-09-04 |archive-url=https://web.archive.org/web/20210904171532/https://westbyte.com/ida/index.phtml?page=features&tmp=1&lng=English |dead-url=no }}</ref>
===其他===
[[LibreOffice]]支持打开FTP服务器上的文件,但从7.4版本起,这一功能被标记为过时,开发者打算在将来的版本中将其移除。<ref>{{Cite web |url=https://wiki.documentfoundation.org/ReleaseNotes/7.4 |title=LibreOffice 7.4: Release Notes |publisher=The Document Foundation's Wiki |accessdate=2022-09-10 |archive-date=2022-08-24 |archive-url=https://web.archive.org/web/20220824072927/https://wiki.documentfoundation.org/ReleaseNotes/7.4 |dead-url=no }}</ref>
== 安全性 ==
<span data-segmentid="152" class="cx-segment">FTP不是一项安全的协议,并且具有许多安全漏洞<ref name="nurdle">{{Cite web|title=Securing FTP using SSH|url=http://www.nurdletech.com/linux-notes/ftp/ssh.html|publisher=Nurdletech.com|access-date=2019-01-22|archive-date=2020-11-24|archive-url=https://web.archive.org/web/20201124230128/https://nurdletech.com/linux-notes/ftp/ssh.html|dead-url=no}}</ref>。</span><span data-segmentid="153" class="cx-segment">1999年5月</span><span data-segmentid="152" class="cx-segment">发布的</span><span data-segmentid="153" class="cx-segment">{{IETF RFC|2577}}</span>中<span data-segmentid="153" class="cx-segment">列出了以下几个主要的漏洞:</span>
* [[暴力破解]]
第55行 ⟶ 第63行:
* [[數據包分析器|数据包捕获]]
* <span data-segmentid="161" class="cx-segment">端口窃取(猜测下一个开放端口并篡夺合法连接)</span>
* <span data-segmentid="162" class="cx-segment">
* <span data-segmentid="164" class="cx-segment">[[用户|用户名]]枚举</span>
<span data-segmentid="166" class="cx-segment">通过FTP传输的流量不会被加密,所有传输通过明文进行的。任何能够在网络上执行数据包捕获( [[數據包分析器|嗅探]] )的人都可以读取用户名、密码、命令内容和数据<ref name="tcpip">{{Cite web|author=Kozierok|first=Charles M.|year=2005|title=The TCP/IP Guide v3.0|url=http://www.tcpipguide.com/free/t_FTPOverviewHistoryandStandards.htm|publisher=Tcpipguide.com|access-date=2019-01-22|archive-date=2021-01-11|archive-url=https://web.archive.org/web/20210111073429/http://www.tcpipguide.com/free/t_FTPOverviewHistoryandStandards.htm|dead-url=no}}</ref><ref name="nurdle2">{{Cite web|title=Securing FTP using SSH|url=http://www.nurdletech.com/linux-notes/ftp/ssh.html|publisher=Nurdletech.com|access-date=2019-01-22|archive-date=2020-11-24|archive-url=https://web.archive.org/web/20201124230128/https://nurdletech.com/linux-notes/ftp/ssh.html|dead-url=no}}</ref>。</span><span data-segmentid="168" class="cx-segment">此问题在加密机制(如[[傳輸層安全性協定|TLS]]或SSL)产生之前的许多Internet协议规范(如[[简单邮件传输协议|SMTP]] 、[[Telnet]] 、POP和IMAP)中较为普遍<ref name="clark">{{Cite book|title=Data Networks IP and the Internet|last=Clark|first=M.P.|publisher=John Wiley & Sons Ltd.|year=2003|edition=1st|location=West Sussex, England}}</ref>。</span>
<span data-segmentid="172" class="cx-segment">此问题的常见解决方案包括:</span>
第89行 ⟶ 第97行:
=== 简单文件传输协议 ===
'''简单文件传输协议'''(Simple File Transfer Protocol)由{{IETF RFC|913}}定义,其复杂程度介于TFTP和FTP之间。它从未在
== 参考文献 ==
=== 引用 ===
{{Reflist}}
=== 来源 ===
* RFC 0959文件传输协议。J.Postel, J.Reynolds. 1985.10(格式:文本,147316字节。http://www.ietf.org/rfc/rfc959.txt {{Wayback|url=http://www.ietf.org/rfc/rfc959.txt |date=20130326015352 }} )。最早的RFC 114和之后的RFC 765已被废除。▼
{{ReflistH}}
▲* 《RFC 0959文件传输协议
{{ReflistF}}
== 参见 ==
第110行 ⟶ 第122行:
== 外部链接 ==
{{normdaten}}
[[Category:FTP| ]]
[[Category:应用层协议]]
|