Ftp or File Transfer Protocol is popular protocol used to transfer data, file, directory over networks. These networks may be our local network or internet. FTP has simple mechanisms which makes is easy to implement and use. In this tutorial we will look some FTP related information like port numbers, modes etc.
Default FTP port is TCP 21. TCP is transmission level protocol which provides reliable data transfer between hosts. FTP port can be changed easily but most users prefer to stay with default to make client work easy. FTP also uses TCP 20 in some conditions where they will be examined detailed in the following steps.
Check FTP Port
We can test remote ftp port with a FTP client like below.
$ ftp poftut.com
OR we can use
telnet just check whether the default FTP port is accessible. We should also specify telnet the FTP port number which is
21 in this example.
$ telnet ftp.itu.edu.tr 21
As we can see from screenshot that the
ftp.itu.edu.tr FTP server welcomes us
Active and Passive Mode Ftp Connections
FTP provides two main work mode. Active mode mainly used with TCP 21 for command and TCP 20 data transfer. These default port numbers are accessible over network security devices like Firewall, IPS/IDS etc. Passive mode is used to connect port numbers over 1024 for command and data transfer.
Active Mode Connection
Active mode is the simpler mode of FTP. It uses two ports for control and data. We will use TCP 21 for FTP commands and TCP 20 for FTP data. The data transfer will be done over TCP 20.
Passive Mode Connection
Now in detailed some network devices prevents and blocks ports below 1024. So FTP protocol provides some solution for this which is named Passive Mode. In passive mode first connections is established to TCP 21 for commands and then Server opens 2 ports over 1024 number one for command and other for data. For example if command port is 2000 the data port is 2001. The server will bind these port like regular command port and data port to TCP 21 and TCP 20. In order to activate the passive mode the
PASV command should be issued according to
PORT command during FTP connection.
As a simple protocol FTP have a lot of clients for different Operating system families like Windows, Linux, MacOS, BSD and different GUI types like command-line, web, desktop, mobile. Below you can find tutorial about FTP commands.
Secure FTP Port
As stated previously FTP do not provide a transmission security like encryption by default but we can use alternative ways to solve this issue.
SSH provide FTP like sub-protocol named
SFTP . SFTP works over and SSH connection which is an encrypted connection. To learn more about SFTP look following tutorial.
SSL/TLS is one of the most used secure tunneling technique. We can use SSL/FTP where FTP data will transferred over encrypted SSL tunnel.