File Transfer Protocol

FTP was first standardized in 1971.

FTP uses TCP ports 20 and 21.

Usernames and passwords are used for authentication, however there is no encryption.

For greater security, FTPS (FTP over SSL/TLS) can be used <- Upgrade to FTP

SSH File Transfer Protocol (SFTP) can also be used for greater security <- New protocol

FTP is more complex that TFTP and allows not only file transfers, but clients can also navigate file directories, add and remove directories, list files, etc.

The client sends FTP commands to the server to perform these functions.

Control Connections

FTP uses two types of connections.

• An FTP control connection (TCP 21) is established and used to send FTP commands and replies.

• When files or data are to be transferred, separate FTP data (TCP 20) connections are established and terminated as needed.

Active Mode FTP data connections

The default method of establishing FTP data connections is active mode, in which the server initiates the TCP connection.

In FTP active mode, the server initiates the data connection.

Passive Mode FTP data connections

In FTP passive mode, the client initiates the data connection. This is often necessary when the client is behind a firewall, which could block the incoming connection from the server.

Firewalls usually don't permit 'outside' devices to initiate connections. In this case, FTP passive mode is used and the client (behind the firewall) initiates the TCP connection.