Scribd
Upload
29 views

3-4 PROTOCOLS-File Transfer Protocol

FTP uses TCP ports 20 and 21 to transfer files between a client and server. Port 21 is used to establish the control connection, while port 20 is typically used for the data connection in active FTP mode. In passive FTP mode, only port 21 is used and the server specifies the data port to the client. FTP can operate in either active or passive mode, depending on the client and server configuration and any firewalls between them.

Uploaded by

nsadnan
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
29 views

3-4 PROTOCOLS-File Transfer Protocol

FTP uses TCP ports 20 and 21 to transfer files between a client and server. Port 21 is used to establish the control connection, while port 20 is typically used for the data connection in active FTP mode. In passive FTP mode, only port 21 is used and the server specifies the data port to the client. FTP can operate in either active or passive mode, depending on the client and server configuration and any firewalls between them.

Uploaded by

nsadnan
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

File Transfer Protocol - FTP

Introduction

File transfer is among the most frequently used TCP/IP applications and it accounts for a lot
of the network traffic on the Internet. Various standard file transfer protocols existed even
before the Internet was available to everyone and it was these early versions of the file
transfer software that helped create today's standard known as the File Transfer
Protocol(FTP). Most recent specifications of the protocol are listed in RFC 959.

The Protocol

FTP uses TCP as a transport protocol. This means that FTP inherits TCP's robustness and is


very reliable for transferring files. Chances are if you download files, you've probably used
ftp a few hundred times without realising it ! And if you have a huge warez collection, then
make that a couple of thousand times :)

The picture below shows where FTP stands in contrast to the OSI model. As I have noted in
other sections, it's important to understand the concept of the OSI model, because it will
greatly help you understand all this too :)

Now, we mentioned
that FTP usesTCP as a
transport, but we didn't
say which ports it uses!
Port
numbers 21 and 20 are
used for FTP.Port 21 is
used to establish the
connection between the 2
computers (or hosts)
and port 20 totransfer
data (via the Data
channel).

But there are some


instances where port 21 is
used for both, establishing
a connection and data
transfer and I will analyse
them shortly.

 
The best thing you can do to "see" it yourself is to grab a packet sniffer which you will
conveniently find in our download section and try to capture a few packets while you're
ftp'ing to a site.

Both Ports - 20 and 21 - Active FTP Mode

I have included a screenshot from my workstation which clearly shows the 2 ports used. In
the example, I have ftp'ed into ftp.cdrom.com. Please click here to view the full picture

1
 

Only Port 21 - Passive FTP Mode

Now, in the next picture I ftp'ed into my NetWare server here at home and guess what ....
Only Port 21 was used ! Here is the screen shot:

Please click here to view the full picture.

Let me explain why this is happening:

FTP has two separate modes of operation: Active and Passive. You will use either one
depending on whether your PC is behind a firewall.

Active Mode FTP

Active mode is usually used when there isn't any firewall between you and the FTP server. In
such cases you have a direct connection to the Internet. When you (the client) try to
establish a connection to a FTP server, your workstation includes a second port number
(using the PORT command) that is used when data is to be exchanged, this is known as the
Data Channel.

The FTP server then starts the exchange of data from its own port 20 to whatever port was
designated by your workstation (in the screen shot, my workstation used port 1086), and
because the server initiated the communication, it's not controlled by the workstation client.
This can also potentially allow uninvited data to arrive to your computer from anywhere
posing as a normal FTP transfer. This is one of the reasons Passive FTP is more secure. 

Passive Mode FTP

Using normal or passive FTP, a client begins a session by sending a request to communicate
through TCP port 21, the port that is conventionally assigned for this use at the FTP server.
This communication is known as the Control Channel connection. 

At this point, a PASV command is sent instead of a PORT command. Instead of specifying a


port that the server can send to, the PASV command asks the server to specify a port it
wishes to use for the Data Channel connection. The server replies on the Control Channel
2
with the port number which the client then uses to initiate an exchange on the Data Channel.
The server will thus always be responding to client-initiated requests on the Data Channel
and the firewall can correlate these.

It's simple to configure your client FTP program to use either Active or Passive FTP. For
example, in Cute FTP, you can set your program to use Passive FTP by going to FTP-->
Settings --> Options and then selecting the "Firewall" tab :

If you remove the above options, then your workstation will be using (if possible) Active FTP
mode, and I say "if possible" cause if your already behind a firewall, there is probably no way
you will be using Active FTP, so the program will automatically change to Passive FTP mode.

So let's have a look at the process of a computer establishing an FTP connection with a


server: .

3
........ ..........

The above is assuming a direct connection to the FTP server. For simplicity reasons, we are
looking at the way the FTP connection is created and not worring if it's a Passive or Active
FTP connection. Since FTP is using TCP as a transport, you would expect to see the 3-way
handshake. Once that is completed and there is data connection established, the client will
send its login name and then password. After the authentication sequence is finished and the
user is authenticated to the Server, it's allowed access and is ready to leach the site dry :)

Finally, below are the most commonly used FTP commands:

ABOR: abort previous FTP command

LIST and NLST: list file and directories

DELE: delete a file

RMD: remove a directory

MKD: create a directory

PWD: print current working directory ( show you which dir. your at)

PASS: send password

PORT: request open port number on specific IP address/port number

QUIT: log off from server

RETR: retrieve file

STOR: send or put file

4
SYST: identity system type

TYPE: specify type (A for ASCII, I for binary)

USER: send username

And that just about complete's our analysis on the FTP protocol !

You might also like