This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ers to obtain copies of a Unix password file and then try to guess
passwords. To prevent this type of access, most TFTP servers nowadays provide an option whereby only files in a
specific directory (often /tftpboot on Unix systems) can be accessed. This directory then contains only the file:///D|/Documents%20and%20Settings/bigini/Documenti/homenet2run/tcpip/tcp-ip-illustrated/tftp_tri.htm (3 of 4) [12/09/2001 14.47.07] Chapter 15. TFTP: Trivial File Transfer Protocol bootstrap files required by the diskless systems.
For additional security, the TFTP server on a Unix system normally sets its user ID and group ID to values that
should not be assigned to any real user. This allows access only to files that have world-read or world-write
permissions. 15.5 Summary
TFTP is a simple protocol designed to fit into read-only memory and be used only during the bootstrap process of
diskless systems. It uses only a few message formats and a stop-and-wait protocol.
To allow multiple clients to bootstrap at the same time, a TFTP server needs to provide some form of concurrency.
Because UDP does not provide a unique connection between a client and server (as does TCP), the TFTP server
provides concurrency by creating a new UDP port for each client. This allows different client input datagrams to be
demultiplexed by the server's UDP module, based on destination port numbers, instead of doing this in the server
The TFTP protocol provides no security features. Most implementations count on the system administrator of the
TFTP server to restrict any client's access to the files necessary for bootstrapping only.
Chapter 27 covers the File Transfer Protocol (FTP), which is designed for general purpose, high-throughput file
15.1 Read the Host Requirements RFC to see what a TFTP server should do if it receives a request and the
destination IP address of the request is a broadcast address.
15.2 What do you think happens when the TFTP block number wraps around from 65535 to 0? Does RFC 1350 say
View Full Document
This test prep was uploaded on 04/04/2014 for the course ECE EL5373 taught by Professor Guoyang during the Spring '12 term at NYU Poly.
- Spring '12