Port 21
1. What is FTP?
FTP (File Transfer Protocol) is a standard protocol used to transfer files between a client and server over a TCP/IP network.
2. Which port does FTP use?
-
Port 21 → Command/control.
-
Port 20 → Data transfer (active mode).
3. What are the two modes of FTP?
-
Active Mode:
-
Client opens a random port.
-
Server connects back from port 20 to client’s port.
-
-
Passive Mode:
-
Server opens a random port.
-
Client initiates both command and data connections (helps with firewalls/NAT).
-
4. What is the difference between FTP and SFTP/FTPS?
-
FTP → Plaintext (no encryption).
-
FTPS → FTP over SSL/TLS (secure).
-
SFTP → File transfer over SSH (completely different protocol).
5. Does FTP use TCP or UDP?
FTP uses TCP (reliable, connection-oriented).
6. What is anonymous FTP?
A feature that allows users to log in with username “anonymous” and an email/password placeholder to access public files.
7. What are the common FTP response codes?
-
200 → Command OK.
-
220 → Service ready.
-
221 → Closing connection.
-
331 → Username OK, need password.
-
425 → Can’t open data connection.
-
530 → Authentication failure.
8. What are the limitations of FTP?
-
Credentials sent in plaintext.
-
Data not encrypted.
-
Firewall issues (because of dynamic ports).
-
Replaced in many cases by SFTP, SCP, HTTPS.
9. What file transfer modes does FTP support?
-
ASCII mode → For text files.
-
Binary mode → For images, executables, etc.
10. How does FTP handle authentication?
-
Username + Password (plaintext unless FTPS/SFTP).
-
Supports anonymous login if enabled.
Quick Recap for Interviews:
-
FTP = Port 21 (control), Port 20 (data, active).
-
Supports active & passive modes.
-
Uses TCP.
-
Not secure → replaced by SFTP/FTPS.
-
Two transfer modes: ASCII & Binary.
Here’s a clean comparison table of FTP vs SFTP vs FTPS that you can directly use in interviews 👇
FTP vs SFTP vs FTPS Comparison
Feature | FTP (File Transfer Protocol) | SFTP (SSH File Transfer Protocol) | FTPS (FTP Secure) |
---|---|---|---|
Underlying Protocol | TCP/IP (application layer) | SSH (Secure Shell) | FTP + SSL/TLS |
Port | 21 (control), 20 (data in active mode) | 22 | 21 (control) + dynamic ports for data |
Encryption | ❌ None (plaintext) | ✅ Encrypted via SSH | ✅ Encrypted via SSL/TLS |
Authentication | Username & Password (plaintext) or Anonymous | Username & Password (SSH keys supported) | Username & Password, Certificate-based |
Security | Low (data + credentials in plaintext) | High (strong encryption) | High (depends on TLS/SSL config) |
Firewall/NAT Friendly | ❌ Problematic (dynamic ports in active mode) | ✅ Easy (single port 22) | ❌ Can be tricky (dynamic ports for data) |
Transfer Modes | ASCII, Binary | Binary (default, secure) | ASCII, Binary |
Speed | Fast but insecure | Slightly slower (encryption overhead) | Slightly slower (encryption overhead) |
Use Cases | Legacy systems, public file sharing | Secure enterprise file transfer, backups | Organizations needing compliance (PCI-DSS, HIPAA) |
Standardization | Old, widely supported | Part of SSH standard (RFC 4253) | Defined in RFC 4217 |
Quick takeaway for interviews:
-
FTP → Simple, insecure, legacy.
-
SFTP → Secure, single port, SSH-based.
-
FTPS → Secure, SSL/TLS-based, more firewall issues.
1. What is FTP and what is its primary purpose?
FTP stands for File Transfer Protocol. It is a standard network protocol used to transfer computer files between a client and a server on a computer network. Its primary purpose is to enable reliable and efficient file transfers, either to download files from a server or to upload files to a server. FTP operates on the client-server model and uses TCP (Transmission Control Protocol) for a reliable connection.
2. What ports does FTP use and for what purpose?
FTP uses two separate channels for communication, each with a dedicated port:
Port 21 (Control Channel): This port is used for the control connection. It is responsible for sending commands from the client to the server and receiving replies. Commands include things like
USER
,PASS
,LIST
,PWD
, andQUIT
. This channel remains open for the duration of the session.Port 20 (Data Channel): This port is used for the data connection, which is established only when a file transfer is initiated. All file data is transferred over this channel.
3. Explain the difference between FTP's Active and Passive modes.
This is a critical concept for understanding how FTP works, especially with firewalls.
Active Mode:
In Active mode, the client initiates the control connection from a random, unprivileged port to the server's Port 21. When the client wants to transfer data, it sends the PORT
command, informing the server which client-side port it will listen on (a random, unprivileged port). The server then initiates a data connection from its Port 20 to the client's specified port. This mode can often be blocked by firewalls on the client side, as the server is trying to initiate a connection to the client.
Passive Mode:
In Passive mode, the client again initiates the control connection to the server's Port 21. When a data transfer is needed, the client sends a PASV
command. The server responds by sending back a randomly generated port number that it is listening on. The client then initiates the data connection from its own random port to the server's specified port. This mode is more common and firewall-friendly because the client is responsible for initiating both the control and data connections.
4. What is the difference between FTP, FTPS, and SFTP?
The key difference between these protocols is the level of security.
FTP (File Transfer Protocol): Transmits data and credentials (username/password) in plain text. It offers no security and is highly vulnerable to sniffing attacks.
FTPS (File Transfer Protocol Secure): This is a secure version of FTP that uses SSL/TLS (Secure Sockets Layer/Transport Layer Security) to encrypt the control and/or data channels. It is essentially FTP with an added security layer.
SFTP (SSH File Transfer Protocol): SFTP is a completely different protocol from FTP. It is a subsystem of SSH (Secure Shell) that transfers files securely over a single connection. It encrypts both commands and data by leveraging the underlying SSH security.
5. How does a user authenticate with an FTP server?
An FTP server can authenticate users in two main ways:
Username and Password: A user provides a username and a corresponding password to gain access. For security, this is typically done over FTPS or SFTP to prevent the credentials from being sent in plain text.
Anonymous Access: Some FTP servers allow anonymous access, which means a user can log in with the username
anonymous
and use their email address as the password. This is typically used for public, read-only access to files.
6. What is the difference between the control connection and the data connection?
The control connection (Port 21) is responsible for managing the session and handling commands. It's like the conversation you have with the server about what you want to do (e.g., "list files," "get this file"). It stays open throughout the session.
The data connection (Port 20 or a random port) is only used for the actual transfer of data. It is established and then closed for each file transfer command (e.g., GET
, PUT
, LIST
)
No comments:
Post a Comment