Essential Concepts - Network Protocols (HTTP & FTP)

Before continuing, I recommend you to read the previous post - Internet Protocols.

Hyper Text Transfer Protocol (HTTP) : 

The Hyper Text Transfer Protocol provides a standard for communication between web browsers and the server. It is one of the most widely used protocol on the Internet for requesting documents such as web pages and images.

Hypertext is structured text that uses logical links (hyperlinks) between nodes (two devices connected) containing text. HTTP is the protocol to exchange or transfer hypertext.

HTTP functions as a request–response protocol in the client–server computing model. A web browser, for example, may be the client and an application running on a computer hosting a website may be the server. The client submits an HTTP request message to the server. The server, which provides resources such as HTML files and other content, or performs other functions on behalf of the client, returns a response message to the client. The response contains completion status information about the request and may also contain requested content in its message body.

(You might be aware of session, authentication and cookies. All these terms are largely used while programming in PHP. But all these terms are HTTP terms. You can Google for information on it as these are easy to understand. Still if you have any doubts, comment below so that I can help you out with a simple article on it.)

HTTP was not designed a secure Protocol. It is vulnerable to Main-in-the-Middle attacks (this topic will be covered later). To overcome it, HTTPS is used now-a-days.

File Transfer Protocol (FTP) :

The File Transfer Protocol provides a standard for transferring files between two computers on the network. FTP is most widely used in carrying out upload/download operations between a server and a workstation.

FTP is built on a client-server model architecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it

FTP was not designed to be a secure protocol, and has many security weaknesses. In May 1999, the authors of RFC 2577 listed a vulnerability to the following problems (will be covered in later sessions):

• Brute force attack
• FTP bounce attack
• Packet capture
• Port stealing (guessing the next open port and usurping a legitimate connection)
• Spoofing attack

To overcome the attacks, FTPS is implemented.

NOTE : HTTPS and FTPS are HTTP over SSL and FTP over SSL respectively. (I will write a new article to make you understand what is SSL and its importance.)

What is the difference between FTP and HTTP?

HTTP and FTP are both network protocols for file transfer. HTTP is short for Hyper Text Transfer Protocol, and FTP is short for File Transfer Protocol. Both use TCP (Transmission Control Protocol) to transfer files

The difference between the two is that HTTP is a protocol used by the World Wide Web that allows the transfer of files from a web server to a user’s web browser for viewing web pages on the Internet, while the FTP protocol is used to transfer files from a computer to and from an FTP server. FTP facilitates the transfer of files from one computer to another.

HTTP transfers only web page content to the browser so as to view it. The transferred file is not saved in the memory space. FTP, on the other hand, transfers the whole file to the another computer, and the file is saved in memory. HTTP does not require a password and user name to access the server to transfer files, whereas the FTP protocol requires authentication.

HTTP is faster and more efficient for transferring smaller files, while FTP is faster and more efficient in transferring larger files. HTTP is able to use a single connection to transfer multiple files, while FTP requires a new connection to be created with each file transfer.