File Transfer Protocol
File Transfer Protocol (FTP) enables users to transfer files from one host to another. FTP is a TCP-based connection-oriented protocol and uses port 21 to open the connection and port 20 to transfer data. FTP uses clear-text authentication. FTP clients can be configured for two modes of operation: PORT (active) mode and PASV (passive) mode. Figure 3-1 shows FTP modes of operation between an FTP client and FTP server for both the active and passive mode.
Figure 3-1 Overview of FTP Operation and Operating Modes
In active mode, the FTP client opens a random port (greater than 1023), sends the FTP server the random port number on which it is listening over the control stream, and waits for a connection from the FTP server. When the FTP server initiates the data connection to the FTP client, it binds the source port to port 20 on the FTP server. Active FTP is less secure than passive mode because the FTP server initiates the data channel, which means opening port 20 to the outside world, which is less secure than using port 21. In active mode, the FTP server initiates the FTP data channel.
In passive mode, the FTP server opens a random port (greater than 1023), sends the FTP client the port on which it is listening over the control stream, and waits for a connection from the FTP client. In this case, the FTP client binds the source port of the connection to a random port greater than 1023. In passive FTP the client initiated both the control connection and the data connection.