The three application protocols described in this section are all based on TCP. They send authentication information and data in the clear (i.e., unencrypted), and hence are easily compromised by network sniffers. Also, their authentication of the host is simply the IP address that they respond to. Consequently, utilities based on these protocols should not be used in situations where security is a concern. The SSH described later provides near equivalent functionality at a higher level of security
Telnet establishes a TCP connection with a telnet server on the reserved port 23, passes the keystrokes of the telnet client to the server, and accepts the output of the server as characters to be displayed on the client. The server presents these keystrokes as input received from a pseudo-terminal to the OS hosting the telnet server. Telnet defines a network virtual terminal (NVT) format as that which permits interoperability with machines that use different characters for common operations such as terminating a line and interrupting a run-away process.
The control functions are encoded as escape sequences of 2 bytes, the IAC (255), followed by the 1-byte code of the control function. Telnet uses the URGENT DATA mechanism of TCP to send control functions so that the telnet server can respond appropriately
File Transfer Protocol (FTP)
FTP [RFC 959, 1985] uses two TCP connections, one called the control connection and the other the data connection. The client can issue a number of commands on the control connection that changes various settings of the FTP session. All content transfer occurs on the data connection. The FTP client opens a control connection to port 21 of the FTP server machine. This connection persists the entire session. The format of data passed over the control connection is the same as that of telnet NVT. The GET command requests for the transfer of the contents that the server has (popularly known as downloading), and the PUT command requests the server to receive and store the contents that the client is about to send.
The data connection can be opened in two modes. In the active mode FTP, the server initiates a data connection as needed from its port 20 to a port whose number is supplied by the client via the PORT command. In the passive mode FTP, the server informs the client of a port number higher than 1024, to which the client initiates a data connection.
The login protocol [RFC 1282] is similar in functionality to telnet and also operates by opening a TCP connection on the login server machine at port 513. It is widely used between UNIX hosts because it provides transport of more of the UNIX terminal environment semantics than does the telnet protocol and because on many UNIX hosts it can be configured not to require user entry of passwords when connections originate from trusted hosts.
The Internet and the World Wide Web are based on a suite of protocols collectively known as TCP/IP. It includes not only the transmission control protocol and Internet protocol, but also other protocols such as UDP, ARP, and ICMP, and applications such as telnet, FTP, Secure Shell, and Web browsers and servers. We surveyed these topics starting from the seven-layer OSI model to recent improvements in the implementations of the protocol stack and firewalls.