Transferring files using Telnet - ftp

Is it possible to transfer files between two machines using Telnet protocol. From wikipedia,I understand that FTP & Telnet are similar. But on logging in using Telnet its very similar to logging into guest machine.
Please advise.

You cannot transfer a raw binary file over telnet because there are some codes that are reserved and will be escaped before transmission. Your local telnet terminal would also interpret other codes as cursor control sequences and go wild.
So no cat stuff.zip and extracting it locally from the log file or screen cut/paste.
However, you could encode a file into something safe using uuencode or base64, capture that on the local side, and decode it using the appropriate tool to get the original binary back.
But in short, just use FTP in "binary" plus "passive" mode. That's safest and what it's designed for.
That said, you should be using SSH instead of Telnet and then you can use SCP to transfer files.

Related

AS400 FTP to windows server

I want to write a CLLE Program to transfer Files from the IFS to a Webserver.
The Webserver is registered in the Hosttable from the Iseries.
(commandline: CFGTCP -> Option 10 -> Scroll to the Webserver IP)
Current CLLE Program: (only the ftp-access)
PGM
OVRDBF FILE(INPUT) TOFILE(CMDDTAR7_2/US9FIP) OVRSCOPE(*JOB)
OVRDBF FILE(OUTPUT) TOFILE(CMDDTAR7_2/US9FOP) +
OVRSCOPE(*JOB)
FTP RMTSYS('10.1.2.99')
ENDPGM
After i call my Program i get some results in a PF-File.
The Results are in German but i translated shortly for you.
The Connection is unavalable to 10.1.2.99 on Port 21. Try it again later.
[...]
My Question at the end.
Do you have some solutions for me to transfer xml files to my Webserver from the iseries?
You're writing about a web server and you want to transfer files by ftp. Perhaps you're mixing up protocols here. I'll concentrate to resolve your apparent ftp connection problem.
Seems that the destination host 10.1.2.99 doesn't accept connections on Port 21.
Please make sure, there's no firewall or other stuff blocking your request to the destination host. Moreover, on the host 10.1.2.99 try telnet 10.1.2.99 ftp or ftp 10.1.2.99 in a command window, depending on OS and installed components.
Before automating, just test manually if you can successfully connect and log in via standard command line: ftp 10.1.2.99.
Transferring data by FTP is just fine in a local LAN. Beware that any data including username and password will be transferred in clear text and thus can be possibly read by others as the intended hosts.
Following up to your comment: Actually there are many possibilities to copy files. If you're running a recent version of IBM i, I'd opt for using scp. It's encrypted and thus safe for running outside of local LANs. Great to automate by utilizing Key-Authentication instead of passwords. And many web hosting companies offer scp/sftp access.

Netcat FTP active mode file transfer not working

Im trying to download a file from a FTP server using active mode.However,it looks like my connection just"expire" or something each time.First,I open a port on my computer using netcat,ex:
nc -vv -l -p 62077
this will listen on port 62077 on my computer.Then,I open another netcat windows,log in to the FTP link using port 21,and once im in the directory where the file I want is in,I do
PORT (my IP separated by , ),(242,125(wich equals to port 62077)\r\n
However,after I enter this command,nothing happen for about 10-15 seconds,and the netcat just quit without saying anything.Nothing happen either on the netcat window that is listening on port 62077.It does that everytime,I dont know what I am doing wrong.I did the same thing with Filezilla(in active mode) and examinated the commands with wireshark,I do the exact same command as Filezilla,however filezilla will be able to retrieve the file while netcat wont.I want to retrieve it with netcat and I dont know what im doing wrong.I am using Windows 10.
thank you!
After you have established your listening nc socket, and after you have sent the USER, PASS, and PORT commands, you then need to trigger the file transfer to that listening socket using e.g.:
RETR /path/to/file/to/download
on the control connection. (Unless you actually are already doing this, but didn't mention it in the post?)
Also, just to note: you mention using something like this:
PORT 1,2,3,4,(242,125)\r\n
Right? Those parentheses might also be an issue. Instead, you might try:
PORT 1,2,3,4,242,125\r\n
without any parentheses.
Now, depending on the IP address you sent (hopefully not a private network address), the data transfer may still not happen, due to firewalls/routers/NAT on the client side of things. Given that your Filezilla download of the same file works, I suspect that those firewall/router/NAT issues may not apply.
Hope this helps!

Run and show Batch file commands on telnet

Not only for the host running. Bat, but to run and display the output text to the client (Telnet)
This is possible?
I have tried and tested everything and could not.
If it is not really possible, which file should I edit to edit the text output from telnet and what language is it?
from what little I understood, you just want to send the output of a file to another computer using telnet. if so try file | telnet. or... cough ...
you could use netcat, if it was one time and you were carful it shouldn't pose a huge threat.
nc -lp12123 on the server, and connect with nc server 12123 -efile.bat on the client.
if neither of these suit then please post more info.

transfermode types in sftp

Is there any difference between ftp and sftp tranfser types in terms of transfer modes (binary, ASCII)? In sftp transfer do we still have binary and ASCII transfer option or it has its default mode whether we choose or not.
SFTP works on top of ssh and does not have equivalent for FTP transfer mode. In other words, SFTP transfer is always binary, byte to byte exact.
You should not confuse SFTP with FTPS though. FTPS is much like old FTP, but over SSL, and is supported by some servers. Because it is still old FTP wrapped in SSL, it does support notion of transfer mode (ascii or binary). However, FTPS servers are very rare in the wild, and I think it is very difficult to actually encounter one.

uploading code to dev or production server using ftp or using telnet, are they both not safe?

i still see people using ftp or telnet for work instead of sftp and ssh. is it true that using ftp or telnet can let people see the password quite easily? Who can actually see it?
Update: for example, if i am not using Wireless... which i heard can be breakable if it is WEP when 1GB traffic is sent or received ... so if not using Wireless, and I am using either DSL, Cable Internet like Comcast, or AT&T's U-verse's fiber optics, then who can read it? Can my neighbor, or joe at the data center at a nearby company or university read it? Or joe at a big hosting company or data center that happens to be some where between California and Chicago if I am ftp'ing from California to Chicago?
Update 2: so maybe it is good to alias ftp='echo use sftp!!' on the bash too
To answer briefly, anyone on the path of the packets from your pc to the server.
In some cases (insecure networks, wireless networks, and so on) many more persons.
That's because the password will travel in plain text.
You can see more about packet sniffing at http://en.wikipedia.org/wiki/Packet_capture.
Also check http://en.wikipedia.org/wiki/File_Transfer_Protocol#Security_problems
Both ftp and telnet are unencrypted. That means that anyone who can capture your internet traffic (e.g. your isp, hosting provider, maybe government) can read your password in plain text averytime you login. Ssh and sftp/scp will encrypt your password and none should be able to read it.
Yes, by using a simple packet sniffer, such as Wireshark it is possible to read the plaintext passwords used by telnet and ftp. Try using this tool while initializing a ftp or telnet session and you'll see how non-secure these mechanisms are.
As tagged with this post, ssh and sftp are more secure alternatives as they encrypt the data as it moves across the wire. And, as always, never use these sorts of tools for evil!
Anyone with a sniffer can see it. Use the secure equivalents i.e. SFTP and SSH instead. They are protected with strong encryption and everything will be encrypted.

Resources