Transferring Files – CompTIA Security+ SY0-401: 1.4

There’s more than one way to send a file across the network. In this video, you’ll learn which file transfer technologies can be used to send in-the-clear and encrypted information.

<< Previous Video: Telnet and SSHNext: DNS >>

In an earlier video, we looked at using Telnet and SSH to be able to remotely connect to a console of a device. But sometimes we need to transfer files back and fourth to that device. And there’s a number of protocols and methods that we can use to do that.

One method for transferring files that’s been around for a very long time is one called FTP. That stands for File Transfer Protocol. It’s very common you’ll find an FTP service available on many different devices. And there are many FTP clients even built into most operating systems. One important consideration of FTP, however, is that this entire communication process is in the clear. In much the same way that Telnet allows you to communicate to a remote device console and have in-the-clear communication, FTP works the same way.

When I FTP to a device, I can see the user name and the password very clearly written in the packets going over the network. So if you want to maintain security of your systems, you will probably not be using FTP to transfer this information.

For more secure file transfer type, there’s a number of different options available to you. One of them is FTPS. This stands for FTP over SSL. You may see this also abbreviated as FTP-SSL. This stands for File Transfer Protocol Secure. There are other File Transfer Protocols that add security features to it. Another popular one is SFTP, which we’ll talk about in a moment. Now keep in mind that FTPS is not the same as SFTP. Both of these use completely different mechanisms to be able to communicate between the systems. So if you have a system that supports FTPS, you cannot connect to it with an SFTP client, and vice versa.

The FTPS is very commonly seen on web servers because there’s an SSL component already on that web server and ready to go. On servers that are running SSH, you also tend to see other types of secure file transfer mechanisms like SCP. That stands for Secure Copy. And it uses SSH as the underlying mechanism to be able to transfer files. SCP is a very bare-bones file copy process. It doesn’t really allow you to do much with the operating system file structure. It really is designed to transfer a file both to and from a device and that’s about it.

If you need more capabilities, then you’d probably want to use something like SFTP, which uses the same SSH functionality to be able to transfer this. This stands for SSH file transfer protocol, but it gives you a lot more functionality to be able to manipulate the file system. So you can resume transfers that may have been interrupted. You can modify directory listings or folders. You can remove files from the system, all using SFTP.

In fact, this screenshot here shows you an SFTP session. And you can see the local files. You can see the remote files. And you have a lot of functionality for being able to manage all of your file transfers both on the local machine and the remote device using the SFTP protocol.