FTP - Active vs Passive
File Transfer Protocol (FTP) is a network protocol used to transfer data from one computer. In order to download and upload files to an FTP site, you need to connect using an FTP client/server.
FTP runs exclusively over TCP and listens on port 21 (command port) by default. Data is transferred across a separate data channel, but this port varies dependant on the FTP mode being used.
Generally there are 2 modes for FTP,
- Active mode
- Passive mode (PASV)
In Active mode the client connects to the FTP Servers command port (21) from a random high port. The clients data port then starts listening on a port, which is one greater than the random high port previously selected, and informs the server using the PORT command.
The server then connects to the clients data port from a source port of 20 (or the command port minus 1).
In order to stop the server initiating a data connection to the client, passive FTP or PASV was created. With passive mode the client initiates both connections to the server.
This resolves many of the firewall issues associated with Active FTP and the incoming data connections from the FTP server.
When opening a Passive connection the client opens two random ports locally. The first port is used to connect to the servers command port on port 21.
The client then issues the PASV command. The server then opens a random high port as the data port and informs the client. The client then connects to this port.
Below shows a summary of both FTP modes, and which side initiated each connection for each channel (command/data).
SFTP (SSH File Transfer Protocol) - SFTP is not FTP run over SSH, but rather a new protocol designed from the ground up by the IETF SECSH working group. SFTP uses the standard SSH port (22) for communication.
FTPS (File Transfer Protocol SSL) - FTP over SSL. FTPS uses the same default ports as standard FTP for communication. Due to the encrypted packets, FTPS can cause issues within some firewalls not being able to reconise it as an FTP connection. In this scenerio addition rules for the data connection would be required.
TFTP (Trivial File Transport Protocol) - A simplified version of FTP that lacks the authentication services FTP provides and relies on UDP rather than TCP for data transport.
|ABOR||abort a file transfer|
|CWD||change working directory|
|DELE||delete a remote file|
|LIST||list remote files|
|MDTM||return the modification time of a file|
|MKD||make a remote directory|
|NLST||name list of remote directory|
|PASV||enter passive mode|
|PORT||open a data port|
|PWD||print working directory|
|QUIT||terminate the connection|
|RETR||retrieve a remote file|
|RMD||remove a remote directory|
|SITE||Site specific commands|
|SIZE||return the size of a file|
|STOR||store a file on the remote host|
|TYPE||set transfer type|
Less Common Commands
|ACCT||send account information|
|APPE||append to a remote file|
|CDUP||CWD to the parent of the current directory|
|HELP||return help on using the server|
|MODE||set transfer mode|
|REIN||reinitialize the connection|
|STAT||return server status|
|STOU||store a file uniquely|
|STRU||set file transfer structure|
|SYST||return system type|
FTP Return Codes
|1xx||Positive Preliminary reply||The action requested is being initiated but there will be another reply before it begins|
|2xx||Positive Completion reply||The action requested has been completed. The client may now issue a new command.|
|3xx||Positive Intermediate reply||The command was successful, but a further command is required before the server can act upon the request|
|4xx||Transient Positive Intermediate reply||The command was not successful, but the client is free to try the command again as the failure is only temporary.|
|5xx||Permanent Negative Completion reply||The command was not successful and the client should not attempt to repeat it again.|
|x0x||The failure was due to a syntax error.|
|x1x||This response is a reply to a request for information.|
|x2x||This response is a reply relating to connection information.|
|x3x||This response is a reply relating to accounting and authorization.|
|x4x||Unspecified as yet|
|x5x||These responses indicate the status of the Server file system vis-a-vis the requested transfer or other file system action.|