FTP (File Transfer Protocol) – Detailed Explanation

What is FTP?

Definition: FTP (File Transfer Protocol) is a standard network protocol used to transfer files between a client and a server over a TCP/IP network.

Purpose: Enables users to upload, download, and manage files on remote systems.

Example: John wants to upload his website files from his PC to a web server. He uses an FTP client (like FileZilla) to connect and transfer files.

FTP Modes

Active Mode

  • The client opens a random port and tells the server where to connect.
  • The server initiates the data connection back to the client.
  • Issue: Often blocked by firewalls since the server tries to connect to the client.

Passive Mode

  • The server opens a random port and tells the client which port to connect to.
  • The client initiates all connections.
  • Advantage: Works better behind client-side firewalls and NAT devices.

Tip: Use passive mode if you are behind a firewall or NAT.

FTP Operation

Control Connection: Used for sending FTP commands and responses, always on TCP port 21.
Data Connection: Used for transferring files, on TCP port 20 (active mode) or a negotiated port (passive mode).

Example: John opens FileZilla and connects to ftp.example.com (control connection on port 21), then requests to upload myfile.txt. A data connection is established to transfer the file.

FTP Ports

Port Purpose Mode
21Control connection (commands and responses)Active/Passive
20Data connection (file transfers)Active
Random (1024+)Data connection (file transfers)Passive

FTP Commands and Responses

Command Description Example Usage
USERSpecify usernameUSER john
PASSProvide passwordPASS password123
LISTList directory contentsLIST
RETRRetrieve (download) fileRETR report.pdf
STORStore (upload) fileSTOR data.csv

Server responses use numeric codes (e.g., 200 OK, 550 Permission Denied) to indicate status.

Authentication and Security

Anonymous FTP: Allows users to log in without a password, typically for public downloads.

Authenticated FTP: Requires username and password for access.

Security Limitation: Standard FTP transmits credentials and data in plaintext, making it insecure for sensitive files.

Secure Variants of FTP

  • FTPS: FTP over SSL/TLS. Adds encryption but uses the same commands and ports.
  • SFTP (SSH File Transfer Protocol): Runs over SSH (port 22). Different protocol, encrypts both commands and data.

Tip: Use FTPS or SFTP when transferring sensitive data to protect credentials and files.

Configuring FTP Servers and Clients

Server Setup

  • Install FTP server software (e.g., vsftpd, ProFTPD, Windows IIS FTP).
  • Set user accounts and directory permissions.
  • Configure firewall rules to allow ports 21 and the passive port range.

Client Setup

  • Use FTP client software (FileZilla, WinSCP, command-line ftp).
  • Enter server address, username, and password.
  • Select active or passive mode based on network setup.

Firewall and NAT Considerations

  • Active Mode Issues: Server initiates data connection to client; often blocked by firewalls/NAT.
  • Passive Mode Issues: Server must have passive ports open and properly configured.

Recommendation: Prefer passive mode, especially behind NAT or client firewalls.

Common Use Cases and Applications

  • Website management: Uploading and managing website files.
  • Large file transfers between systems.
  • Public file distribution via anonymous FTP.

Troubleshooting FTP Issues

  • Check firewall rules for ports 21, 20, and passive range.
  • Confirm server availability and credentials.
  • Switch between active and passive modes if transfers fail.
  • Ensure correct directory permissions.

Exam Tips & Key Points

  • FTP uses TCP port 21 for control; port 20 for active data or random ports for passive data.
  • Active mode: server connects back to client; passive mode: client initiates all connections.
  • Standard FTP is not encrypted; use FTPS or SFTP for secure transfers.
  • Common FTP commands: USER, PASS, LIST, RETR, STOR.
  • Firewall/NAT often block FTP; know how to select the correct mode.

Example Scenario

John manages a website and uses FileZilla to connect to ftp.mywebsite.com with his username and password. Since his office firewall blocks incoming connections, he sets FileZilla to passive mode to upload files successfully.

FTP (File Transfer Protocol) Quiz

1. What does FTP stand for?

Correct answer is A. FTP stands for File Transfer Protocol, used to transfer files between client and server.

2. Which TCP port is used for the FTP control connection?

Correct answer is C. FTP control commands are sent via TCP port 21.

3. What is the main difference between FTP active mode and passive mode?

Correct answer is B. In active mode, the server initiates data connection back to the client, which can be blocked by firewalls; passive mode avoids this by client initiating all connections.

4. Which FTP command is used to upload a file to the server?

Correct answer is D. STOR command uploads files to the FTP server.

5. What security limitation does standard FTP have?

Correct answer is A. Standard FTP transmits data, including usernames and passwords, in plaintext making it insecure.

6. Which FTP variant uses SSH for secure file transfer?

Correct answer is B. SFTP is FTP over SSH, encrypting both commands and data.

7. What TCP port does SFTP commonly use?

Correct answer is C. SFTP runs over SSH on TCP port 22.

8. Which FTP command lists directory contents on the server?

Correct answer is A. LIST command requests directory listing from the server.

9. Why is passive FTP mode preferred behind firewalls?

Correct answer is D. Passive mode allows clients to initiate data connections, avoiding firewall blocks on inbound connections.

10. Which of the following is a common FTP client software?

Correct answer is B. FileZilla is a popular FTP client software for transferring files.

← Back to Home