主动模式
|
[root@dhcp-0-149 Packages]# ftp 10.66.0.185
Connected to 10.66.0.185 (10.66.0.185).
220 (vsFTPd 2.0.5)
Name (10.66.0.185:root): yang
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode off.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x 3 500 500 4096 Aug 09 07:58 Desktop
drwxr-xr-x 4 0 0 4096 Aug 16 02:27 experiment
-rw------- 1 500 500 975 Sep 26 10:10 mbox
drwxrwxr-x 2 500 500 4096 Aug 09 08:54 vmware
226 Directory send OK.
ftp> quit
221 Goodbye.
|
Source Destination Protocol Info
10.66.0.149 10.66.0.185 TCP 48749 > ftp [SYN] Seq=0 Len=0
10.66.0.185 10.66.0.149 TCP ftp > 48749 [SYN, ACK] Seq=0 A
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=1 Ack=1
10.66.0.185 10.66.0.149 FTP Response: 220 (vsFTPd 2.0.5)
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=1 Ack=21
10.66.0.149 10.66.0.185 FTP Request: USER yang
10.66.0.185 10.66.0.149 TCP ftp > 48749 [ACK] Seq=21 Ack=1
10.66.0.185 10.66.0.149 FTP Response: 331 Please specify t
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=12 Ack=5
10.66.0.149 10.66.0.185 FTP Request: PASS 123456
10.66.0.185 10.66.0.149 FTP Response: 230 Login successful
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=25 Ack=7
10.66.0.149 10.66.0.185 FTP Request: SYST
10.66.0.185 10.66.0.149 FTP Response: 215 UNIX Type: L8
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=31 Ack=9
10.66.0.149 10.66.0.185 FTP Request: PORT 10,66,0,149,205,
10.66.0.185 10.66.0.149 FTP Response: 200 PORT command suc
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=57 Ack=1
10.66.0.149 10.66.0.185 FTP Request: LIST
10.66.0.185 10.66.0.149 TCP ftp-data > 52690 [SYN] Seq=0 L
10.66.0.149 10.66.0.185 TCP 52690 > ftp-data [SYN, ACK] Se
10.66.0.185 10.66.0.149 TCP ftp-data > 52690 [ACK] Seq=1 A
10.66.0.185 10.66.0.149 FTP Response: 150 Here comes the d
10.66.0.185 10.66.0.149 FTP-DATA FTP Data: 259 bytes
10.66.0.185 10.66.0.149 TCP ftp-data > 52690 [FIN, ACK] Se
10.66.0.149 10.66.0.185 TCP 52690 > ftp-data [ACK] Seq=1 A7
10.66.0.149 10.66.0.185 TCP 52690 > ftp-data [FIN, ACK] Se
10.66.0.185 10.66.0.149 TCP ftp-data > 52690 [ACK] Seq=2611
10.66.0.185 10.66.0.149 FTP Response: 226 Directory send O
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=63 Ack=2
10.66.0.149 10.66.0.185 FTP Request: QUIT
10.66.0.185 10.66.0.149 FTP Response: 221 Goodbye.
10.66.0.149 10.66.0.185 TCP 48749 > ftp [FIN, ACK] Seq=69 73
10.66.0.185 10.66.0.149 TCP ftp > 48749 [FIN, ACK] Seq=22535
10.66.0.149 10.66.0.185 TCP 48749 > ftp [ACK] Seq=70 Ack=2
|
上面的粉色部分可以说明问题:
Request: PORT 10,66,0,149,205,210 (注:205*256+210=52690)
Response: 200 PORT command successful. Consider using PASV.
被动模式
|
Source Destination Protocol Info
10.66.0.149 10.66.0.185 TCP 35173 > ftp [SYN] Seq=0 Len=0 MSS=1460 TSV=2465
10.66.0.185 10.66.0.149 TCP ftp > 35173 [SYN, ACK] Seq=0 Ack=1 Win=741376 L
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=1 Ack=1 Win=5856 Len=0 TS
10.66.0.185 10.66.0.149 FTP Response: 220 (vsFTPd 2.0.5)
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=1 Ack=21 Win=5856 Len=0 T
10.66.0.149 10.66.0.185 FTP Request: USER yang
10.66.0.185 10.66.0.149 TCP ftp > 35173 [ACK] Seq=21 Ack=12 Win=5888 Len=0
10.66.0.185 10.66.0.149 FTP Response: 331 Please specify the password.
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=12 Ack=55 Win=5856 Len=0
10.66.0.149 10.66.0.185 FTP Request: PASS 123456
10.66.0.185 10.66.0.149 FTP Response: 230 Login successful.
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=25 Ack=78 Win=5856 Len=0
10.66.0.149 10.66.0.185 FTP Request: SYST
10.66.0.185 10.66.0.149 FTP Response: 215 UNIX Type: L8
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=31 Ack=97 Win=5856 Len=0
10.66.0.149 10.66.0.185 FTP Request: PASV
10.66.0.185 10.66.0.149 FTP Response: 227 Entering Passive Mode (10,66,0,18
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=37 Ack=146 Win=5856 Len=0
10.66.0.149 10.66.0.185 TCP 51765 > 37835 [SYN] Seq=0 Len=0 MSS=1460 TSV=24
10.66.0.185 10.66.0.149 TCP 37835 > 51765 [SYN, ACK] Seq=0 Ack=1 Win=741376
10.66.0.149 10.66.0.185 TCP 51765 > 37835 [ACK] Seq=1 Ack=1 Win=5856 Len=0
10.66.0.149 10.66.0.185 FTP Request: LIST
10.66.0.185 10.66.0.149 FTP Response: 150 Here comes the directory listing.
10.66.0.185 10.66.0.149 FTP-DATA FTP Data: 63 bytes
10.66.0.185 10.66.0.149 TCP 37835 > 51765 [FIN, ACK] Seq=64 Ack=1 Win=5888 6
10.66.0.149 10.66.0.185 TCP 51765 > 37835 [ACK] Seq=1 Ack=64 Win=5856 Len=0
10.66.0.149 10.66.0.185 TCP 51765 > 37835 [FIN, ACK] Seq=1 Ack=65 Win=5856 3
10.66.0.185 10.66.0.149 TCP 37835 > 51765 [ACK] Seq=65 Ack=2 Win=5888 Len=0
10.66.0.185 10.66.0.149 FTP Response: 226 Directory send OK.
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=43 Ack=209 Win=5856 Len=0
10.66.0.149 10.66.0.185 FTP Request: QUIT
10.66.0.185 10.66.0.149 FTP Response: 221 Goodbye.
10.66.0.149 10.66.0.185 TCP 35173 > ftp [FIN, ACK] Seq=49 Ack=223 Win=5856 6
10.66.0.185 10.66.0.149 TCP ftp > 35173 [FIN, ACK] Seq=223 Ack=49 Win=5888 9
10.66.0.149 10.66.0.185 TCP 35173 > ftp [ACK] Seq=50 Ack=224 Win=5856 Len=0
10.66.0.185 10.66.0.149 TCP ftp > 35173 [ACK] Seq=224 Ack=50 Win=5888 Len=0
|
Request: PASV
Response: 227 Entering Passive Mode (10,66,0,185,147,203) (注:147*256+203=35173)
