TFTP stands for Trivial file transfer protocol. TFTP uses port 69. Trivial file transfer protocol (TFTP) is similar to FTP, but more compact and requires no login. TFTP uses the UDP protocol to keep it small for use by diskless workstations. Some have had security concerns with TFTP, but it appears that security with TFTP has been greatly improved lately. This is because TFTP can be set up so access outside a specified directory will be denied. In fact the TFTP client cannot execute a directory command or have any way to search outside its single directory. In spite of this, it is still not generally recommended to assume TFTP is fully secure. It is therefore recommended that a TFTP server not be used to store sensitive data. The TFTP message block begins with an opcode which will be set to one of the following values:

  1. RRQ=1. Read request.
  2. WRQ=2. Write request.
  3. Data=3. File data being transferred.
  4. ACK=4. Acknowledge of data received.
  5. Error=5. Data error.

The TFTP datagram with a RRQ or WRQ opcode will contain a filename with a null terminator, and mode. The mode is a string "netascii" or "octet" terminated by a null character. Octet means the data is 8bit bytes of data and netascii means the data is ASC text. All data packets (opcode=3) have a block number that is later used in the acknowledgement (opcode=4). During a transfer, the following happens:

  1. The client sends a read request for a given file.
  2. The server responds with a data packet of 512 bytes. (Assuming the file request was allowed)
  3. The client acknowledges the data packet
  4. The above two steps are repeated until the client receives a data packet smaller than 512 bytes, meaning the end of file has been reached.