Pages

Tuesday, March 17, 2015

Interview questions on FTP

How much data can be send in a Single FTP session
The amount of data which can be sent is infinite. FTP uses TCP. The TCP channel can be used until the complete data is transferred. Multiple TCP segments can be used within the same TCP channel.

Can an IP packet carry FTP data
An IP packet is a carrier protocol used for carrying application layer data. The FTP data is packaged in TCP, which is sent to the intended recipient using the IP protocol in an IP based network

How does Active FTP communication Work
When a FTP client initiates a connection with FTP server in Active FTP mode, initially the FTP client initiates tcp 3-way handshake with the FTP server. This is initiated to port 21 on the server and is referred to as the control connection. Once the control connection is succesful, the client responds with the port command to the server, which contains the port number to which the server needs to initiate the second TCP connection. The server initiates the connection ( 2ND tcp 3-way handshake) from port 20 on it to the port number provided by the client. This is known as data connection.Once the data connection is succesful, the data transmission can commence.

How many TCP connections are used by Active and Passive FTP respectively
Both Active and Passive FTP uses two TCP connections

Why does Active FTP not work when a firewall is involved between the client and the server.
In Active FTP, once the FTP client establishes the connectivity with the server, the server initiates the data connection to the client. This is a TCP connection which is initiated from a system (FTP Server) which resides outside the network. All traffic initiated from outside is considered as untrusted, and the firewall would drop it by default.

How does Passive FTP resolve the issue with firewalls
In Passive FTP, the FTP client initiates the connection with the server and not the FTP server with the client. Since the client is residing within the network, the connection is considered as trusted by the firewall.

In Active FTP, which TCP port is used for initiating the control channel 
Port 21

1. What is FTP?

FTP (File Transfer Protocol) is a standard protocol used to transfer files between a client and server over a TCP/IP network.

2. Which port does FTP use?

  • Port 21 → Command/control.

  • Port 20 → Data transfer (active mode).

3. What are the two modes of FTP?

  • Active Mode:

    • Client opens a random port.

    • Server connects back from port 20 to client’s port.

  • Passive Mode:

    • Server opens a random port.

    • Client initiates both command and data connections (helps with firewalls/NAT).

4. What is the difference between FTP and SFTP/FTPS?

  • FTP → Plaintext (no encryption).

  • FTPS → FTP over SSL/TLS (secure).

  • SFTP → File transfer over SSH (completely different protocol).

5. Does FTP use TCP or UDP?

FTP uses TCP (reliable, connection-oriented).

6. What is anonymous FTP?

A feature that allows users to log in with username “anonymous” and an email/password placeholder to access public files.

7. What are the common FTP response codes?

  • 200 → Command OK.

  • 220 → Service ready.

  • 221 → Closing connection.

  • 331 → Username OK, need password.

  • 425 → Can’t open data connection.

  • 530 → Authentication failure.

8. What are the limitations of FTP?

  • Credentials sent in plaintext.

  • Data not encrypted.

  • Firewall issues (because of dynamic ports).

  • Replaced in many cases by SFTP, SCP, HTTPS.

9. What file transfer modes does FTP support?

  • ASCII mode → For text files.

  • Binary mode → For images, executables, etc.

10. How does FTP handle authentication?

  • Username + Password (plaintext unless FTPS/SFTP).

  • Supports anonymous login if enabled.

Quick Recap for Interviews:

  • FTP = Port 21 (control), Port 20 (data, active).

  • Supports active & passive modes.

  • Uses TCP.

  • Not secure → replaced by SFTP/FTPS.

  • Two transfer modes: ASCII & Binary.


Here’s a clean comparison table of FTP vs SFTP vs FTPS that you can directly use in interviews 👇

 FTP vs SFTP vs FTPS Comparison

Feature FTP (File Transfer Protocol) SFTP (SSH File Transfer Protocol) FTPS (FTP Secure)
Underlying Protocol TCP/IP (application layer) SSH (Secure Shell) FTP + SSL/TLS
Port 21 (control), 20 (data in active mode) 22 21 (control) + dynamic ports for data
Encryption ❌ None (plaintext) ✅ Encrypted via SSH ✅ Encrypted via SSL/TLS
Authentication Username & Password (plaintext) or Anonymous Username & Password (SSH keys supported) Username & Password, Certificate-based
Security Low (data + credentials in plaintext) High (strong encryption) High (depends on TLS/SSL config)
Firewall/NAT Friendly ❌ Problematic (dynamic ports in active mode) ✅ Easy (single port 22) ❌ Can be tricky (dynamic ports for data)
Transfer Modes ASCII, Binary Binary (default, secure) ASCII, Binary
Speed Fast but insecure Slightly slower (encryption overhead) Slightly slower (encryption overhead)
Use Cases Legacy systems, public file sharing Secure enterprise file transfer, backups Organizations needing compliance (PCI-DSS, HIPAA)
Standardization Old, widely supported Part of SSH standard (RFC 4253) Defined in RFC 4217

Quick takeaway for interviews:

  • FTP → Simple, insecure, legacy.

  • SFTP → Secure, single port, SSH-based.

  • FTPS → Secure, SSL/TLS-based, more firewall issues.


1. What is FTP and what is its primary purpose?

FTP stands for File Transfer Protocol. It is a standard network protocol used to transfer computer files between a client and a server on a computer network. Its primary purpose is to enable reliable and efficient file transfers, either to download files from a server or to upload files to a server. FTP operates on the client-server model and uses TCP (Transmission Control Protocol) for a reliable connection.

2. What ports does FTP use and for what purpose?

FTP uses two separate channels for communication, each with a dedicated port:

  • Port 21 (Control Channel): This port is used for the control connection. It is responsible for sending commands from the client to the server and receiving replies. Commands include things like USER, PASS, LIST, PWD, and QUIT. This channel remains open for the duration of the session.

  • Port 20 (Data Channel): This port is used for the data connection, which is established only when a file transfer is initiated. All file data is transferred over this channel.

3. Explain the difference between FTP's Active and Passive modes.

This is a critical concept for understanding how FTP works, especially with firewalls.

Active Mode: In Active mode, the client initiates the control connection from a random, unprivileged port to the server's Port 21. When the client wants to transfer data, it sends the PORT command, informing the server which client-side port it will listen on (a random, unprivileged port). The server then initiates a data connection from its Port 20 to the client's specified port. This mode can often be blocked by firewalls on the client side, as the server is trying to initiate a connection to the client.

Passive Mode: In Passive mode, the client again initiates the control connection to the server's Port 21. When a data transfer is needed, the client sends a PASV command. The server responds by sending back a randomly generated port number that it is listening on. The client then initiates the data connection from its own random port to the server's specified port. This mode is more common and firewall-friendly because the client is responsible for initiating both the control and data connections.

4. What is the difference between FTP, FTPS, and SFTP?

The key difference between these protocols is the level of security.

  • FTP (File Transfer Protocol): Transmits data and credentials (username/password) in plain text. It offers no security and is highly vulnerable to sniffing attacks.

  • FTPS (File Transfer Protocol Secure): This is a secure version of FTP that uses SSL/TLS (Secure Sockets Layer/Transport Layer Security) to encrypt the control and/or data channels. It is essentially FTP with an added security layer.

  • SFTP (SSH File Transfer Protocol): SFTP is a completely different protocol from FTP. It is a subsystem of SSH (Secure Shell) that transfers files securely over a single connection. It encrypts both commands and data by leveraging the underlying SSH security.

5. How does a user authenticate with an FTP server?

An FTP server can authenticate users in two main ways:

  • Username and Password: A user provides a username and a corresponding password to gain access. For security, this is typically done over FTPS or SFTP to prevent the credentials from being sent in plain text.

  • Anonymous Access: Some FTP servers allow anonymous access, which means a user can log in with the username anonymous and use their email address as the password. This is typically used for public, read-only access to files.

6. What is the difference between the control connection and the data connection?

The control connection (Port 21) is responsible for managing the session and handling commands. It's like the conversation you have with the server about what you want to do (e.g., "list files," "get this file"). It stays open throughout the session.

The data connection (Port 20 or a random port) is only used for the actual transfer of data. It is established and then closed for each file transfer command (e.g., GET, PUT, LIST)

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)