File Transfer Protocol is a popular protocol used to transfer data, file, directory over networks. These networks may be our local network or internet. FTP has simple mechanisms that make it easy to implement and use. In this tutorial, we will look at some FTP related information like port numbers, modes, etc.
Ftp Port – TCP 21
The default FTP port is TCP 21. TCP is a transmission level protocol that provides reliable data transfer between hosts. FTP port can be changed easily but most users prefer to stay with default to make client work easy. FTP also uses TCP 20 in some conditions where they will be examined detailed in the following steps.
Check FTP Port
We can test remote ftp port with a FTP client like below.
$ ftp poftut.com
OR we can use
telnet just check whether the default FTP port is accessible. We should also specify telnet the FTP port number which is
21 in this example.
$ telnet ftp.itu.edu.tr 21
As we can see from screenshot that the
ftp.itu.edu.tr FTP server welcomes us. Because the FTP service or port provided by the host name ftp which is under the itu.edu.tr domain. The fully qualified domain name for the FTP service or port is ftp.itu.edu.tr.
Alternatively, the Nmap tool can be used to check the remote FTP port of a single host or multiple hosts. We can use a hostname/domain name or IP address. In the following example, we scan the FTP ports of single and multiple IP addresses.
$ nmap -p 21 ftp.itu.edu.tr
Or we can get more information about the FTP port by using -sV and -sC parameters that will run scripts and version scan about the FTP service and print more detailed information like login type, bandwidth limit, client count, server software name and version, etc.
Active and Passive Mode Ftp Connections
FTP provides two main work mode. Active mode mainly used with TCP 21 for command and TCP 20 data transfer. These default port numbers are accessible over network security devices like Firewall, IPS/IDS, etc. Passive mode is used to connect port numbers over 1024 for command and data transfer.
Active Mode Connection
Active mode is the simpler mode of FTP. It uses two ports for control and data. We will use TCP 21 for FTP commands and TCP 20 for FTP data. The data transfer will be done over TCP 20.
Passive Mode Connection
Now in detailed some network devices prevents and blocks ports below 1024. So FTP protocol provides some solution for this which is named Passive Mode. In passive mode, first connections are established to TCP 21 for commands, and then Server opens 2 ports over 1024 number one for command and other for data. For example, if the command port is 2000 the data port is 2001. The server will bind these ports like regular command port and data port to TCP 21 and TCP 20. In order to activate the passive mode the PASV command should be issued according to PORT command during the FTP connection.
As a simple protocol FTP have a lot of clients for different Operating system families like Windows, Linux, MacOS X, BSD, and different GUI types like command-line, web, desktop, mobile. Below you can find different tutorials about FTP commands.
Secure FTP Port
As stated previously FTP does not provide transmission security like encryption by default but we can use alternative ways to solve this issue.
SSH provides FTP like sub-protocol named SFTP. SFTP works over an SSH connection which is an encrypted connection. To learn more about SFTP look following the tutorial.
SSL/TLS is one of the most used secure tunneling techniques. We can use SSL/FTP where FTP data will be transferred over an encrypted SSL tunnel.