Minggu, 11 April 2010

Hasil MU vs Blackburn Rovers 11 April 2010 | Manchester United Ditahan Imbang -

Sunday,April 11, 2010

Peluang MU mempertahankan trofi juara Liga Inggris makin menipis. Ini setelah pada pertandingan melawan Blackburn di Ewood Park yang berakhir beberapa menit lalu, hanya mampu meraih hasil imbang 0-0.

Image and video hosting by TinyPic

Hasil ini membuat MU tertahan di posisi dua klasemen dengan poin 73 dari 34 laga. Atau tertinggal 1 poin dari Chelsea yang baru memainkan 33 laga. Bahkan, posisi MU rawan tergusur Arsenal jika pasukan Arsene Wenger mampu mengatasi Tottenham Hotspurs.

Pada laga di kandang Blackburn ini, MU sebenarnya lebih menguasai permainan. Namun, buruknya penyelesaian akhri membuat sejumlah peluang gagal berbuah gol.

Susunan Pemain
Blackburn: Robinson; Jones, Givet, Salgado, Nzonzi, Samba (Nelsen 32′) Grella, Pedersen, Olsson (Diouf 70′), Emerton (Dunn 45′), Kalinic

Manchester Utd : Van der Sar; Vidic, Ferdinand, O’Shea (Evra 78′), Neville, Scholes, Nani, Giggs (Gibson 57′), Valencia, Macheda (Park 65′), Berbatov

Javier Hernandez baru pembelian awal MU

April 9, 2010 by bola

Manchester United

Kehadiran Javier Hernandez bukan belanjaan terakhir Manchester United. Chief Executive David Gill menegaskan United akan bergerilya pada bursa transfer musim panas.

The Red Devils bergerak cepat usai tersingkir dari Liga Champions, Kamis (8/4) dinihari WIB. Striker muda Chivas de Guadalaraja, Javier Hernandez akhirnya lolos tes medis dan siap bergabung dengan United per 1 Juli mendatang, jika mendapat izin kerja Inggris.

Sebelumnya, United mengamankan bek muda Fulham Chris Smalling pada bursa transfer musim dingin, Januari silam. Namun ditegaskan Gill, United masih akan memburu pemain anyar saat buka transfer kembali dibuka usai Piala Dunia 2010.

“Kami punya rencana-rencana untuk musim depan. Kami sudah mendatangkan Smalling dari Fulham dan sangat senang karena dia bisa bergabung Juli ini. Kita lihat apa yang akan terjadi nanti,” ujar Gill kepada MUTV sebagaimana dilansir Evening Echo, Jumat (9/4/2010).

Kegagalan The Red Devils di Liga Champions tampaknya menjadi pukulan telak. Untuk itu, Sir Alex Ferguson meminta tambahan amunisi agar timnya lebih siap musim depan.

Musim ini, United praktis hanya mengandalkan striker Wayne Rooney di lini depan. Bomber jangkung Dimitar Berbatov belum menunjukkan kapasitasnya. Ujung tombak Real Madrid Karim Benzema masih terus dikaitkan dengan United, meski sejauh ini belum ada pernyataan resmi dari Los Blancos.

Minggu, 22 Februari 2009

Selasa, 23 Desember 2008

Tugas Jawaban TAS Semt IV

Soal :
1.Sebutkan dan Gambarkan beberapa mode yang terdapat dalam perangkat WLAN Access Point!
2.Jelaskan dan Gambarkan macam-macam orthogonal chanel set!
Jawaban :
1.Perangkat wireless dapat bekerja dalam beberapa mode antara lain :

a.Mode AP (access point), mode ini merupakan sering pula disebut multipoint. satu perangkat wireless dapat diakses oleh banyak perangkat wireless.



b.Mode client , sebagai client dari mode AP




c.Mode Bridge, digunakan untuk point to point dua perangkat wireless. Biasanya digunakan untuk menjangkau perangkat wireless yang terpasang pada jarak yang jauh. Pada mode ini jika jaringan sudah sangat kompleks akan mengakibatkan traffick broadcast yang semakin meningkat.



2.Macam-macam orthogonal chanel set :

Terdapat 2 orthogonal



gambar 3 orthogonal dan 4 orthogonal
Untuk meningkatkan pemisahan atau karena peraturan pembatasan,dapat memilih tiga (3) orthogonal channel set, yaitu,
Channel 1 2412 MHz
Channel 6 2437 MHz
Channel 11 2462 MHz

Namun, bagi mereka yang cukup beruntung dengan akses penuh ke channel set 14,mendapat sedikit dari gangguan dan menggunakan empat (4) orthogonal channel set,yaitu,
Channel 1 2412 MHz
Channel 5 2432 MHz
Channel 9 2452 MHz
Channel 13 2472 MHz

Tugas P.Hendra (Jaringan Nirkabel)

Yang dimaksud Teknologi Wireless adalah sistem komunikasi yang menggunakan frekuensi radio, yang memungkinkan transmisi tanpa koneksi secara fisik. Keuntungan penggunaan wireless adalah: Lebih fleksibel, bebas dari masalah pengkabelan, dapat ditempatkan dimanapun, relatif lebih cepat, dan murah.
Dalam topologi wireless terdapat pengertian:
s="fullpost">pc tidak komunikasi secara langsung melainkan menggunakan perantara access point.Soal Dari Citius Wahyu E. K., S. Kom
Pengertian Chanel dalam Teknologi wireless adalah frekuensi hopping yang bekerja menggunakan hop patern. System frekuensi hopping biasannya menggunakan standard FCC 26, dan beberapa sistem tersebut memperbolehkan patern hop sendiri untuk dibuat.
Tentang mode access point Mode Bridge adalah access point bertindak seperti bridge. Device bridge wireless berfungsi menggabungkan dua atau lebih jaringan.contohnya:



Pada sebuah perusahaan yang mempunyai dua gedung yang berjauhan yang berjarak 2 Km, mempunyai jaringan kabel di masing-masing gedung dan mempunyai kelas ip yang berbeda. untuk menghubungkan jaringan di kedua gedung itu tidak mungkin kalau menggunakan kabel, maka cara yang efektif yaitu dengan access point. dengan access point tinggla di setting mode bridge.
Diposkan oleh hari-hari yang menyenangkan di 01:55 0 komentar
Tiga Jalan Untuk Mengatur Wireless LAN

Basic Service

Konfigurasi BSS minimal terdri dari sebuah Access-Point yang terhubung ke jaringan kabel atau internet. Access-Point ini dikenal juga sebagai managed network. Komunikasi antara dua station, misalnya A dan B, harus dari station A ke Acces-Point dahulu kemudian Access-Point mengulang mengirim data ke B. Untuk membangun suatu jaringan dengan server pada konfigurasi ini, server diletakkan pada Access-Point dan station-station lainnya sebagai client


Extended Service Set


Extended Service Set (ESS) terdiri dari beberapa Basic Service Set (BSS) yang saling overlap dan masing-masing mempunyai Acces-Point. Access-Point satu sama lainnya dihubungkan dengan Distributed System(DS). Distributed System(DS) bisa berupa kabel ataupun wireless



Independent Basic Service Set


Konfigurasi Independent Basic Service Set (IBSS) dikenal sebagai konfigurasi independen. Secara logika konfigurasi IBSS mirip dengan jaringan kabel peer-to-peer, dimana komunikasi antar station dapat dilakukan secara langsung tanpa adanya managed network. Jenis IBSS ini dikenal juga sebagai ad-hoc network dan biasanya untuk jaringan wireless dalam ruang yang terbatas dan tidak dihubungkan ke jaringan komputer atau internet yang lebih luas

Senin, 29 September 2008

Tugas RSI Kelompok 17

PERENCANAAN DAN ANALISIS SISTEM

PENERIMAAN SISWA BARU














Disusun Oleh :


  1. Ahmad Sofyan (07.0511.0006)

  2. Agus Budi Prasetyo (07.0511.0005)

  3. Muchamad Fadhil M (07.0511.0148)

  4. Prabu Imanniarto (07.0511.0083)


TEKNIK INFORMATIKA (D3-TKJ)

SYSTEM PENERIMAAN SISWA BARU


  1. LATAR BELAKANG

Akhir tahun pembelajaran yang telah usai, instansi-instansi sekolah melalui PSB 2008/2009 mengadakan penerimaan siswa baru, yang dalam hal ini kelompok kami melakukan study kasus system Penerimaan Siswa Baru tersebut pada SMP Persatuan Mertoyudan.

Hal-hal yang melatar belakangi yaitu:

  • Untuk memajukan pendidikan bangsa

  • Memberdayakan sumber daya yang telah ada

  • Untuk mempermudah SMP Persatuan Mertoyudan dalam memperoleh calon siswa


  1. RUMUSAN MASALAH

Melalui study kasus yang kami lakukan,dapat diperoleh beberapa masalah,yaitu:

  • Sistem yang masih manual

  • Kurang minatnya calon siswa

  • Keterbatasan daya manusia yang mengoperasikanya

Berdasarkan masalah-masalah yng ditemui di lapangan,maka kami membuat Rekayasa system penerimaan tersebut dari system manual menjadi lebih baik atau komputerisasi agar efektif dan lebih mudah pengelolaannya.

  1. TUJUAN

Tujuan system penerimaan sekaligus modal utama SMP Persatuan Mertoyudan dalam Penerimaan Siswa Baru(PSB),yaitu:

  1. Membantu SMP Persatuan Mertoyudan dalam PSB

  2. Mempermudah SMP Persatuan Mertoyudan dalam memperoleh calon siswa

  3. Membuat sistem yang sudah ada menjadi lebih baik




  1. BATASAN MASALAH


Dalam pelaksanaannya sistem ditujukan untuk menghubungkan calon siswa, sekolah dan Dinas Pendidikan. Sistem akan mengatur proses pendaftaran calon siswa baru. Calon siswa baru, panitia pelaksanaan proses, kepala sekolah dan Dinas Pendidikan merupakan pengguna sistem yang akan dibatasi oleh sistem tersebut. Sistem akan mengatur jalannya proses dan memberikan informasi tentang persyaratan serta hasil dari proses penerimaan siswa baru tersebut.


  1. METODELOGI

Langkah-langkah yang ditempuh yaitu:

  • Diskusi kelompok tentang tugas observasi dilakukan oleh seluruh anggota kelompok pada tanggal 20 Juli 2008

  • Study lapangan ke instansi pendidikan,proyek yang kami pilih yaitu SMP Persatuan Mertoyudan

  • Wawancara dan observasi kepada pihak terkait yang dilakukan oleh 2 orang dari kelompok kami pada tanggal 22 Juli 2008

  • Pembuatan tugas RSI ini dikerjakan mulai tanggal 23 juli 2008, sebagai tindak lanjut dari observasi dan wawancara


  1. IDENTITAS ORGANISASI


- Nama Sekolah : SMP Persatuan Mertoyudan

- Alamat : Jl.Kh Irsyad no.11Manggoran,Bondowoso,

Mertoyudan,Magelang (56172)

  • Bidang Gerak : Pendidikan

  • Telephone : (0293)5510187


  1. DESKRIPSI DAN ANALISA SYSTEM SEKARANG BERJALAN


  • System penerimaan siswa baru pada SMP Persatuan Mertoyudan masih menggunakan system manual

  • Penaggung jawab dalam Penerimaan Siswa Baru:

  • Dinas Pendidikan

  • Kepala sekolah

  • Panitia Penerimaan Siswa Baru

  • Calon siswa baru



  • Struktur Organisasi PSB SMP Persatuan Mertoyudan










  • Diagram Konteks

















  • Diagram Arus Data









  • Diagram Relasi Entitas










  1. ANALISA KEBUTUHAN PENGGUNA


  • Pengguna system ini adalah Panitia PSB, dan fasilitas-fasilitas yang diberikan

  • Melalui survei siswa berprestasi dari SD/MI yang tidak mampu akan mendapatkan seragam gratis dari SMP Persatuan Mertoyudan

  • Melalui suvei yang dilakukan oleh dewan guru ke lingkungan, bagi calon siswa yang tidak mampu ataupun putus sekolah akan diberikan keringann biaya sekolah



  1. DAFTAR PUSTAKA


Abdul Kadir.”Konsep & Tuntunan Praktis Basis Data”.Andi Yogyakarta. 2001

Davis, Gordon B.” Manajemen Information System”. terjemahan oleh Drs.Bob

Widyahartono, PT.Pustaka Binaman pressindo, 1984

Scott, George M.”Principles of Management Information System”.terjemahan oleh

Achmad Nashir Budiman, Edisi I, PT.Raja Grafindo Persada, Jakarta, 1997


  1. LAMPIRAN


Dalam menyelesaikan laporan tahap 1, kelompok kami menggunakan metode study dan wawancara.

Diperoleh contoh formulir pendaftarn PSB tersebut


Selasa, 02 September 2008

TUGAS PAK HENDRA ADMINJAR

File Transfer Protocol

File Transfer Protocol (FTP) is a network protocol used to transfer data from one computer to another through a network, such as the Internet.

FTP is a file transfer protocol for exchanging and manipulating files over any Transmission Control Protocol, TCP-based computer network. A FTP client may connect to a FTP server to manipulate files on that server. As there are many FTP client and server programs available for different operating systems, FTP is a popular choice for exchanging files independent of the operating systems involved.

Connection methods

FTP runs exclusively over TCP. It defaults to listen on port 21 for incoming connections from FTP clients. A connection to this port from the FTP Client forms the control stream on which commands are passed to the FTP server from the FTP client and on occasion from the FTP server to the FTP client. FTP uses out-of-band control, which means it uses a separate connection for control and data. Thus, for the actual file transfer to take place, a different connection is required which is called the data stream. Depending on the transfer mode, the process of setting up the data stream is different.

In active mode, the FTP client opens a dynamic port, sends the FTP server the dynamic port number on which it is listening over the control stream and waits for a connection from the FTP server. When the FTP server initiates the data connection to the FTP client it binds the source port to port 20 on the FTP server.

In order to use active mode, the client sends a PORT command, with the IP and port as argument. The format for the IP and port is "h1,h2,h3,h4,p1,p2". Each field is a decimal representation of 8 bits of the host IP, followed by the chosen data port. For example, a client with an IP of 192.168.0.1, listening on port 49154 for the data connection will send the command "PORT 192,168,0,1,192,2". The port fields should be interpreted as p1×256 + p2 = port, or, in this example, 192×256 + 2 = 49154.

In passive mode, the FTP server opens a dynamic port, sends the FTP client the server's IP address to connect to and the port on which it is listening (a 16-bit value broken into a high and low byte, as explained before) over the control stream and waits for a connection from the FTP client. In this case the FTP client binds the source port of the connection to a dynamic port.

To use passive mode, the client sends the PASV command to which the server would reply with something similar to "227 Entering Passive Mode (127,0,0,1,192,52)". The syntax of the IP address and port are the same as for the argument to the PORT command.

In extended passive mode, the FTP server operates exactly the same as passive mode, however it only transmits the port number (not broken into high and low bytes) and the client is to assume that it connects to the same IP address that was originally connected to. Extended passive mode was added by RFC 2428 in September 1998.

While data is being transferred via the data stream, the control stream sits idle. This can cause problems with large data transfers through firewalls which time out sessions after lengthy periods of idleness. While the file may well be successfully transferred, the control session can be disconnected by the firewall, causing an error to be generated.

The FTP protocol supports resuming of interrupted downloads using the REST command. The client passes the number of bytes it has already received as argument to the REST command and restarts the transfer. In some commandline clients for example, there is an often-ignored but valuable command, "reget" (meaning "get again") that will cause an interrupted "get" command to be continued, hopefully to completion, after a communications interruption.

Resuming uploads is not as easy. Although the FTP protocol supports the APPE command to append data to a file on the server, the client does not know the exact position at which a transfer got interrupted. It has to obtain the size of the file some other way, for example over a directory listing or using the SIZE command.

In ASCII mode (see below), resuming transfers can be troublesome if client and server use different end of line characters.

The objectives of FTP, as outlined by its RFC, are:

  1. To promote sharing of files (computer programs and/or data).
  2. To encourage indirect or implicit use of remote computers.
  3. To shield a user from variations in file storage systems among different hosts.
  4. To transfer data reliably, and efficiently.

Criticisms of FTP

  • Passwords and file contents are sent in clear text, which can be intercepted by eavesdroppers. There are protocol enhancements that remedy this, for instance by using SSL, TLS or Kerberos.
  • Multiple TCP/IP connections are used, one for the control connection, and one for each download, upload, or directory listing. Firewalls may need additional logic and/or configuration changes to account for these connections.
  • It is hard to filter active mode FTP traffic on the client side by using a firewall, since the client must open an arbitrary port in order to receive the connection. This problem is largely resolved by using passive mode FTP.
  • It is possible to abuse the protocol's built-in proxy features to tell a server to send data to an arbitrary port of a third computer; see FXP.
  • FTP is a high latency protocol due to the number of commands needed to initiate a transfer.
  • No integrity check on the receiver side. If a transfer is interrupted, the receiver has no way to know if the received file is complete or not. Some servers support extensions to calculate for example a file's MD5 sum (e.g. using the SITE MD5 command), XCRC, XMD5, XSHA or CRC checksum, however even then the client has to make explicit use of them. In the absence of such extensions, integrity checks have to be managed externally.
  • No date/timestamp attribute transfer. Uploaded files are given a new current timestamp, unlike other file transfer protocols such as SFTP, which allow attributes to be included. There is no way in the standard FTP protocol to set the time-last-modified (or time-created) datestamp that most modern filesystems preserve. There is a draft of a proposed extension that adds new commands for this, but as of yet, most of the popular FTP servers do not support it.

Security problems

The original FTP specification is an inherently insecure method of transferring files because there is no method specified for transferring data in an encrypted fashion. This means that under most network configurations, user names, passwords, FTP commands and transferred files can be "sniffed" or viewed by anyone on the same network using a packet sniffer. This is a problem common to many Internet protocol specifications written prior to the creation of SSL such as HTTP, SMTP and Telnet. The common solution to this problem is to use either SFTP (SSH File Transfer Protocol), or FTPS (FTP over SSL), which adds SSL or TLS encryption to FTP as specified in RFC 4217.

FTP return codes

FTP server return codes indicate their status by the digits within them. A brief explanation of various digits' meanings are given below:

  • 1xx: Positive Preliminary reply. The action requested is being initiated but there will be another reply before it begins.
  • 2xx: Positive Completion reply. The action requested has been completed. The client may now issue a new command.
  • 3xx: Positive Intermediate reply. The command was successful, but a further command is required before the server can act upon the request.
  • 4xx: Transient Negative Completion reply. The command was not successful, but the client is free to try the command again as the failure is only temporary.
  • 5xx: Permanent Negative Completion reply. The command was not successful and the client should not attempt to repeat it again.
  • x0x: The failure was due to a syntax error.
  • x1x: This response is a reply to a request for information.
  • x2x: This response is a reply relating to connection information.
  • x3x: This response is a reply relating to accounting and authorization.
  • x4x: Unspecified as yet
  • x5x: These responses indicate the status of the Server file system vis-a-vis the requested transfer or other file system action.

Anonymous FTP

Many sites that run FTP servers enable anonymous ftp. Under this arrangement, users do not need an account on the server. The user name for anonymous access is typically 'anonymous', but historically 'ftp' was also used in the past; this account does not need a password.

Although users are commonly asked to send their email addresses as their passwords for "authentication," there is usually only trivial or no verification of what is actually entered. As modern FTP clients hide the login process from the user, and usually don't know the user's email address, the software supplies dummy passwords. For example:

  • Mozilla Firefox (2.0) — mozilla@example.com
  • KDE Konqueror (3.5) — anonymous@
  • wget (1.10.2) — -wget@
  • lftp (3.4.4) — lftp@

Internet Gopher has been suggested as an alternative to anonymous FTP, as well as Trivial File Transfer Protocol and File Service Protocol.

Data format

While transferring data over the network, several data representations can be used. The two most common transfer modes are:

  1. ASCII mode
  2. Binary mode: In "Binary mode", the sending machine sends each file byte for byte and as such the recipient stores the bytestream as it receives it. (The FTP standard calls this "IMAGE" or "I" mode)

In "ASCII mode", any form of data that is not plain text will be corrupted. When a file is sent using an ASCII-type transfer, the individual letters, numbers, and characters are sent using their ASCII character codes. The receiving machine saves these in a text file in the appropriate format (for example, a Unix machine saves it in a Unix format, a Windows machine saves it in a Windows format). Hence if an ASCII transfer is used it can be assumed plain text is sent, which is stored by the receiving computer in its own format. Translating between text formats might entail substituting the end of line and end of file characters used on the source platform with those on the destination platform, e.g. a Windows machine receiving a file from a Unix machine will replace the line feeds with carriage return-line feed pairs. It might also involve translating characters; for example, when transferring from an IBM mainframe to a system using ASCII, EBCDIC characters used on the mainframe will be translated to their ASCII equivalents, and when transferring from the system using ASCII to the mainframe, ASCII characters will be translated to their EBCDIC equivalents.

By default, most FTP clients use ASCII mode. Some clients try to determine the required transfer-mode by inspecting the file's name or contents, or by determining whether the server is running an operating system with the same text file format.

The FTP specifications also list the following transfer modes:

  1. EBCDIC mode - this transfers bytes, except they are encoded in EBCDIC rather than ASCII. Thus, for example, the ASCII mode server
  2. Local mode - this is designed for use with systems that are word-oriented rather than byte-oriented. For example mode "L 36" can be used to transfer binary data between two 36-bit machines. In L mode, the words are packed into bytes rather than being padded. Given the predominance of byte-oriented hardware nowadays, this mode is rarely used. However, some FTP servers accept "L 8" as being equivalent to "I".

In practice, these additional transfer modes are rarely used. They are however still used by some legacy mainframe systems.

The text (ASCII/EBCDIC) modes can also be qualified with the type of carriage control used (e.g. TELNET NVT carriage control, ASA carriage control), although that is rarely used nowadays.

Note that the terminology "mode" is technically incorrect, although commonly used by FTP clients. "MODE" in RFC 959 refers to the format of the protocol data stream (STREAM, BLOCK or COMPRESSED), as opposed to the format of the underlying file. What is commonly called "mode" is actually the "TYPE", which specifies the format of the file rather than the data stream. FTP also supports specification of the file structure ("STRU"), which can be either FILE (stream-oriented files), RECORD (record-oriented files) or PAGE (special type designed for use with TENEX). PAGE STRU is not really useful for non-TENEX systems, and RFC1123 section 4.1.2.3 recommends that it not be implemented.

FTP and web browsers

Most recent web browsers and file managers can connect to FTP servers, although they may lack the support for protocol extensions such as FTPS. This allows manipulation of remote files over FTP through an interface similar to that used for local files. This is done via an FTP URL, which takes the form ftp(s)://<ftpserveraddress> (e.g., ftp://ftp.gimp.org/). A password can optionally be given in the URL, e.g.: ftp(s)://<login>:<password>@<ftpserveraddress>:<port>. Most web-browsers require the use of passive mode FTP, which not all FTP servers are capable of handling. Some browsers allow only the downloading of files, but offer no way to upload files to the server.

FTP and NAT devices

The representation of the IPs and ports in the PORT command and PASV reply poses another challenge for NAT devices in handling FTP. The NAT device must alter these values, so that they contain the IP of the NAT-ed client, and a port chosen by the NAT device for the data connection. The new IP and port will probably differ in length in their decimal representation from the original IP and port. This means that altering the values on the control connection by the NAT device must be done carefully, changing the TCP Sequence and Acknowledgment fields for all subsequent packets.

For example: A client with an IP of 192.168.0.1, starting an active mode transfer on port 1025, will send the string "PORT 192,168,0,1,4,1". A NAT device masquerading this client with an IP of 192.168.15.5, with a chosen port of 2000 for the data connection, will need to replace the above string with "PORT 192,168,15,5,7,208".

The new string is 23 characters long, compared to 20 characters in the original packet. The Acknowledgment field by the server to this packet will need to be decreased by 3 bytes by the NAT device for the client to correctly understand that the PORT command has arrived to the server. If the NAT device is not capable of correcting the Sequence and Acknowledgement fields, it will not be possible to use active mode FTP. Passive mode FTP will work in this case, because the information about the IP and port for the data connection is sent by the server, which doesn't need to be NATed. If NAT is performed on the server by the NAT device, then the exact opposite will happen. Active mode will work, but passive mode will fail.

It should be noted that many NAT devices perform this protocol inspection and modify the PORT command without being explicitly told to do so by the user. This can lead to several problems. First of all, there is no guarantee that the used protocol really is FTP, or it might use some extension not understood by the NAT device. One example would be an SSL secured FTP connection. Due to the encryption, the NAT device will be unable to modify the address. As result, active mode transfers will fail only if encryption is used, much to the confusion of the user.

The proper way to solve this is to tell the client which IP address and ports to use for active mode. Furthermore, the NAT device has to be configured to forward the selected range of ports to the client's machine.

FTP over SSH

FTP over SSH refers to the practice of tunneling a normal FTP session over an SSH connection.

Because FTP uses multiple TCP connections (unusual for a TCP/IP protocol that is still in use), it is particularly difficult to tunnel over SSH. With many SSH clients, attempting to set up a tunnel for the control channel (the initial client-to-server connection on port 21) will protect only that channel; when data is transferred, the FTP software at either end will set up new TCP connections (data channels) which will bypass the SSH connection, and thus have no confidentiality, integrity protection, etc.

If the FTP client is configured to use passive mode and to connect to a SOCKS server interface that many SSH clients can present for tunneling, it is possible to run all the FTP channels over the SSH connection.

Otherwise, it is necessary for the SSH client software to have specific knowledge of the FTP protocol, and monitor and rewrite FTP control channel messages and autonomously open new forwardings for FTP data channels. Version 3 of SSH Communications Security's software suite, and the GPL licensed FONC are two software packages that support this mode.

FTP over SSH is sometimes referred to as secure FTP; this should not be confused with other methods of securing FTP, such as with SSL/TLS (FTPS). Other methods of transferring files using SSH that are not related to FTP include SFTP and SCP; in each of these, the entire conversation (credentials and data) is always protected by the SSH protocol.