From csulb.edu!library.ucla.edu!agate!spool.mu.edu!mnemosyne.cs.du.edu!nyx10.cs.du.edu!not-for-mai l Fri Oct 7 17:45:38 1994 Path: csulb.edu!library.ucla.edu!agate!spool.mu.edu!mnemosyne.cs.du.edu!nyx10.cs.du.edu!not-for-mai l From: esasaki@nyx10.cs.du.edu (Eric Sasaki) Newsgroups: alt.comp.fsp Subject: REPOST: alt.comp.fsp FAQ (part 2/2) Date: 30 Sep 1994 22:52:31 -0600 Organization: University of Denver, Math/CS Dept. Lines: 234 Message-ID: <36ipuf$22v@nyx10.cs.du.edu> NNTP-Posting-Host: nyx10.cs.du.edu X-Newsreader: NN version 6.5.0 #3 (NOV) Last-modified: 1994/06/07 --------------------------------------------------------------------------- Section 3: Technical Issues Q.3.1 What are the main differences between FSP and FTP? How does FSP work? From the user's point of view, the differences are not that great, except that some of the more annoying features of FTP are gone. Here are the main differences. a. The protocol can stand things going down: if the server or the network falls over in the middle of a transfer, you can just wait until it comes back up. You don't have to reconnect, and even better, if the server went down 90% through grabbing a file, you can continue from where you left off. b. The protocol doesn't need a username or password. You just throw packets at the server. You don't have to identify yourself (though you're not completely anonymous -- see below). c. It's harder to kill off a site with an FSP server than with an FTP server. The FSP daemon is designed to be as lightweight as possible: it doesn't fork off any sub-processes, and it takes steps to limit the amount of traffic it handles. d. The user interface is completely different. The interface that comes with the package consists of eleven commands that you can call from the shell. In effect, your shell is providing all the nice functions like command line editing. This makes the interface much more versatile than FTP's. (See below for how to get an FTP-like interface, though). e. FSP is a bit slower than FTP. This is a feature, not a bug. The point is to keep the communication lightweight, and not to flood the net. From the programmer's point of view, fsp is a complete rewrite. a. Instead of TCP sockets, it uses datagrams to communicate, so that the connection doesn't break on a flaky line. b. FTP works by opening a port, and then asking the server to send a file to it. FSP uses the same port all the time for communication, and asks for segments of a file. So you can start off a transfer half way through a file, if you really want to. c. The server tries to make sure you don't ask for packets too quickly. Each packet it sends out has a random identification number, which the client must return on the next request. (If the client loses the number, it must wait a few seconds before the server accepts another packet from it). Therefore, the client has to wait for an answer to each request before it sends out the next one. Q.3.2 How secure/anonymous is FSP? By default, the FSP daemon keeps logs of transactions, along with their site names. An FSP administrator could use this to find out who you are, with a reasonable degree of certainty. In short, FSP gives you no more privacy than anonymous FTP. Anyone who tells you different has a less devious mind than most FSP admins I know. Why not make FSP more anonymous? Well, it's impossible to make a protocol with complete anonymity, since at some point, the remote site will have to send a file back to you, and it needs at least an address to send it to. If you really need privacy, you can encrypt any files you make available, and only give out the decryption password to a select few. But of course, you have to trust them to keep the password safe. Q.3.3 Why not add passwords to FSP? (Thanks to Joseph Traub for the material for this section) 1. They don't add much security. If you use one password for the whole site, then you might just as well set up the site and only tell a few people its port number. That's no more or less secure than using a password. Besides, it's easier just to set up the server only to respond to certain hosts. 2. Any other password system is likely to be a big lose on efficiency, since you'll have to check every single packet. 3. The main use of server passwords appears to be so that people can move pirated software around, and the authors don't want to add code to support that. To quote Joseph Traub, the ex-FSP maintainer: If you really want to do passworded file transfer, grab a copy of the ftpd source code (which is also on my server) and modify it to a) use a higher port number (Yes virginia, you CAN specify port numbers to most ftp clients) and b) to read a file other than /etc/password to look up user information. This capability does NOT belong in FSP because it gets away from the concept of lightweight simple file transfers. Q.3.4 So what *does* FSP stand for? As of 12th August 1993, FSP stands for `File Service Protocol'. Thanks to mg@ac.duke.edu (Michael Grubb) for the words, and Wen-King for the initials. Other suggestions were: File Slurping Protocol Flaky Stream Protocol FTP's Sexier Partner --------------------------------------------------------------------------- Section 4: Who's Who? Q.4.1 Who writes and maintains FSP software? Wen-King Su (wen-king@cs.caltech.edu) wrote the original Unix version (versions 1.0 to 2.6.4). Joseph Traub (was jtraub@cs.cmu.edu) was maintainer from Dec 1992 to July 1993 (versions 2.6.5 to 2.7.1). The next maintainers were Phil Richards (pgr@sst.icl.co.uk) and Pete Bevin (pete@sst.icl.co.uk) from July 1993 to March 1994. Phil is also the maintainer of fspclient, an FTP-like interface for FSP. The current maintainer (as of March 1994) is Andy Doherty , who also maintains the alt.comp.fsp FAQ and wrote and maintains FSPtool an X-Windows GUI FSP Client. Sven Pechler (S.A.Pechler@bdk.tue.nl) wrote and maintains a VMS version. OS/2 is handled by Larkin Lowrey (llowrey@ucsd.edu), and Lindsey Smith, of the MS-DOS rewrite is lsmith@symantec.com Q.4.2 Who writes and maintains FSP Client Software? Jim Browne (jbrowne@uiuc.edu) is writing the (soon to be released?) Macintosh client. See section (2.2.3) Andy Doherty (A.J.Doherty@uk.ac.reading) wrote and maintains FSPtool an X-Windows based Unix client. Also the FAQ maintainer. Ian Heath (ih@ecs.soton.ac.uk) wrote 'winfsp' a MS-Windows based client. Nicolai Langfeldt's (janl@ifi.uio.no) wrote and maintains 'fspcli' a Perl based client. Ove Ruben R Olsen (Ruben@uib.no) wrote and maintains 'fspsh', another Perl based client. Phil Richards' (pgr@sst.icl.co.uk) wrote and maintains 'fspclient'. Q.4.3 Who helped put this FAQ together? The following people have contributed to the FAQ. Thanks very much to all of them. Pete Bevin Tony Brannigan Jim Browne Dan Charrois Maurizio Codogno David DeSimone Ian Dickinson Andy Doherty Ian Heath Larkin Lowrey Jan Nicolai Langfeldt Ove Ruben R Olsen Jerome Pier Lutz Prechelt Phil Richards Lindsey Smith Wen-King Su Joseph Traub --------------------------------------------------------------------------- Section 5: Site Information Q.5.1 What FSPable sites exist ? The following is a small list of the some sites sites which are available through the FSP protocol. This list should be reasonably up to date but comes with no warranty ;-) It is in the unofficial "taxus" format. ftp.germany.eu.net is the official home for FSP software distributions, most packages can be found there. genie.lut.ac.uk 21 genie / # small UK site ftp.germany.eu.net 2001 germany / # big German archive (FSP) fsp.luth.se 6969 luth / # Top of Europe mosaic.cs.caltech.edu 21 mosaic / # BSD386/Usenet sunsite.doc.ic.ac.uk 21 src / # big UK site, lots of mirrors terra.stack.urc.tue.nl 21 terra / # big Netherlands site ftp.bilkent.edu.tr 21 bilkent / # uni. of Bilkent, Turkey garfield.catt.ncsu.edu 21 Garfield / # garfield site ftp.wustl.edu 21 wu / # lots of mirrors ... For more site information see section 2 (Q.2.3) --------------------------------------------------------------------------- -- Eric Sasaki - IBM Co-op || esasaki@nyx10.cs.du.edu / gt7294b@prism.gatech.edu Georgia Tech INTA major || http://nyx10.cs.du.edu:8001/~esasaki/home.html "More than an end to war, we want an end to the beginnings of all wars." -- Franklin D. Roosevelt