File Transfer Protocol

File Transfer Protocol (FTP), an application layer protocol of the TCP/IP protocol suite of applications, allows users to transfer files from one host to another. Two ports are required for FTP—one port is used to open the connection (port 21), and the other port is used to transfer data (20). FTP runs over TCP and is a connection-oriented protocol. To provide security, FTP allows usernames and passwords to be exchanged before any data can be transferred, adding some form of security authentication mechanism to ensure that only valid users access FTP servers.

The advantages of FTP are the ability to list a remote FTP server's full list of directories and ensure that only valid users are connected. The file transfer progress can be displayed to the FTP client, as well. Many FTP applications are available, and the range of options is endless. For example, on the CCIE Security lab exam, the application Reflection 2000 can be used for Telnet and FTP. For more details on this application, visit

NOTE FTP connection issues are typically communicated by end users (FTP clients) as poor network performance when the problem might actually be a result of filtering the FTP data on port 20. For example, when a client successfully logs into an FTP server remotely but fails to list the remote FTP server's directory or to transfer files, this can indicate a problem with the FTP data port (via TCP port 20) or an access list problem on the remote network.

FTP clients can be configured for two modes of operation:

Active FTP

Active FTP is defined as one connection initiated by the client to the server for FTP control connection. Remember that FTP requires two port connections through TCP ports 20 (data) and 21 (control). The second connection is made for the FTP data connection (where data is transferred), which is initiated from the server back to the client.

Active FTP is less secure than passive mode because the FTP server, which, in theory, could be any host, initiates the data channel.

Figure 3-2 displays the active FTP mode of operation between an FTP client and FTP server.

Figure 3-2 FTP Active Mode

FTP Server

Active FTP

FTP Client a.

FTP Port -Number

20 Data 21 Command

>1023 >1023

20 Data 21 Command

>1023 >1023

FTP Port Number

Figure 3-2 displays a typical FTP mode of operation between a client PC and FTP server in active mode. The following steps are completed before FTP data can be transferred:

1 The FTP client opens a control channel on TCP port number 21 to the FTP server. The source TCP port number on the FTP client is any number randomly generated above 1023.

2 The FTP server receives the request and sends an acknowledgment. FTP commands are exchanged between client and server.

3 When the FTP client requests a directory list or initiates a file transfer, the client sends a command (FTP port command). The FTP server then opens (initiates) a data connection on the FTP data port, TCP port 20.

4 The FTP client responds and data can be transferred.

0 0

Post a comment