File Transfer Protocol (FTP)
- Application layer protocol (Layer 7) designed for transferring files between hosts over TCP/IP networks
- Uses two separate TCP connections - one for commands (control) and one for data transfer
- Operates on a client-server model where FTP client initiates connections to FTP server
- Built for reliability over speed (uses TCP, not UDP) - mission-critical file transfers need guaranteed delivery
Connection Architecture
- Control Connection (Port 21): Persistent connection for commands, authentication, and responses
- Data Connection (Port 20 or ephemeral): Temporary connection established for each file transfer
- Control connection remains open throughout entire FTP session
- Data connection opens/closes for each transfer operation
FTP Modes
Active Mode:
- Client opens random high port and sends PORT command with this port number
- Server initiates data connection FROM port 20 TO client’s specified port
- Problem: Client firewalls often block incoming connections from server
Passive Mode (PASV):
- Client sends PASV command requesting passive mode
- Server opens random high port and sends port number to client
- Client initiates data connection TO server’s specified port
- Firewall-friendly because client initiates both connections
Authentication Methods
| Method | Security Level | Use Case |
|---|---|---|
| Anonymous FTP | None | Public file repositories |
| Username/Password | Basic | Internal networks |
| FTPS | Encrypted | Secure file transfers |
| SFTP | Encrypted + Key-based | Modern secure alternative |
Transfer Modes
ASCII Mode:
- Text files with automatic line ending conversion
- Use for .txt, .html, .cfg files
Binary Mode:
- Raw byte transfer with no modification
- Critical for executable files, images, compressed files
Notes
- FTP sends passwords in plaintext - never use over untrusted networks without encryption
- SFTP (port 22) is preferred over FTPS for new implementations
- Troubleshooting tip: If active mode fails, try passive mode - 90% of FTP issues are firewall-related