The TFTP protocol for transferring files. Their stands for Trivial File Transfer Protocol, which we can translate as Spanish Protocol Trivial File Transfer. It is used for the exchange of information and small files between two computers. It works over UDP. It stands out especially for being straightforward and simple, so that unlike other protocols it does not have complex transfer functions.
What is the TFTP protocol?
It emerged in the early 1980s , so it is not exactly a recent protocol. It is used to regulate the transfer of files between a client and a server. It works easily and allows you to send small files.
Its name will inevitably lead us to make a similarity to FTP, which is a much better known and used protocol. However, there is a clear difference, and that is that TFTP is much simpler to use. This logically also makes it more limited. It is useful, for example, when user authentication is not required.
This that we comment also causes it to have limitations in terms of security. By transferring files and not having to authenticate, it causes risks to appear.
It generally uses UDP port 69 for file transfers, although this can be changed by the sender and receiver. This is an important difference from FTP, which uses TCP for file transfer and in this case it is secure.
What is TFTP used for?
The TFTP protocol was mainly designed to be able to read or write files remotely, through a server. But, as we will see, it has many more uses than just what we mentioned.
Reading and writing files
The main use is to read or send small files . For example a mail or a system folder. It is usually used to transfer files used to start a computer or to configure a system between different devices that are connected to each other.
It is commonly used when these devices are connected within the same network. We have seen that no authentication is required, so outside of that network it could be a major security issue.
Devices that do not have a hard drive
It is also used in devices that do not have a hard drive to store files. This allows TFTP to use a small part of the memory and for example to be able to boot a network or a system.
This makes it possible to dispense with that memory, such as a hard disk, which would be necessary in the case of using other similar file transfer protocols. It will allow us to start a computer remotely without the need for a hard drive.
An important point to highlight and that allows the TFTP protocol to be carried out is to create backup copies . We can do it with the network configuration of a computer. We are talking about small files that we can transfer easily and that it will not be necessary to authenticate.
These backup copies can also be created from the router configuration. This will allow us to have those files in case there is a problem and we want to return to the previous state.
Scan for Viruses
Although today it is a much less used and popular protocol than it was a few decades ago, the truth is that TFTP is still useful when it comes to analyzing a computer to detect possible threats in the form of malware.
It can act in a way that reduces the load on a system and allows us to analyze files in a simple way. Those responsible for security on certain occasions rely on this protocol.
Equipment with little capacity
Despite the fact that it is a simple protocol and that today we can say that it has become outdated if we compare it with other more recent ones, the truth is that it is still used. One of the reasons is to take advantage of its simplicity on computers that do not have a large capacity and not have to use many resources to transfer files or to configure something.
It is usually used in devices such as a router, a VoIP central and the like. For example, it allows you to update the firmware without having a hard disk or being able to configure something.
Security, a problem for the TFTP protocol
We have seen that it is a very old protocol and that it is only used for basic and specific things. However security is a problem that is present. On the one hand, there is the fact that transferring files is not secure as it does not require authentication, but it can also serve as a means of attack.
There have been cases of vulnerabilities in the TFTP protocol that affect its own operation and that makes any computer that has it enabled can be affected. We are talking about DrDoS attacks , which is basically a DDoS attack by extension. What this type of attack does is look for the service request or access packets and generate a large quantity.
A solution to avoid security problems with the TFTP protocol is to disable it in case we are not using it. However, this is something that the teams that have it enabled today is because it may be necessary.
Whenever possible, the ideal is to use other file transfer protocols such as SCP or SFTP. For example, Windows 10 has this protocol disabled as standard, although it is available to enable if we need it.
How to enable TFTP in Windows 10
To enable TFTP in Windows 10 we have to go to the Control Panel, enter Programs and click on Programs and Features. On the left we will see the section on Activate or deactivate Windows features. There we will see different characteristics that we can add if they interest us.
To enable TFTP we just have to check the box and click OK. The process will take a moment and it will already be enabled in the operating system and we can use it. However, as we have seen today, it is somewhat outdated and has certain security risks. Unless we need to use it, it is best to leave it disabled.
In short, TFTP is a simple file transfer protocol that allows us to read or write small files and exchange them between devices. Although it is an old protocol, today it is still used in certain circumstances.