What is FTP?

FTP stands for File Transfer Protocol. As the name implies it’s protocol that facilitates the transfer of a file from one client over the network to another client.

FTP modes: active versus passive

FTP connections can be made using one of these two modes. In active mode the server decides the destination port for the data connection. In passive mode it will be the client that decides which port will be used for the data transfer.

Mmm … and why does this matter?

The mode will come into play when you need your FTP connection to work through a firewall. In active mode there is not so much of a surprise as the control connection will be on destination port 21 and the data connection on port 20 usually. The firewall sees this session that will be initiated from the server and will automatically allow return traffic. In passive mode however, as the client dictates the port to use, it can be a little bit more challenging to configure the firewall correctly.

Application Layer Gateway

To help with dynamic port assignments during the setup of a control session, firewalls have a feature called Application Layer Gateway (ALG) that will intercept these messages about ports that are decided between a client and a server and create a firewall policy on the fly to allow the traffic through the firewall.

Why you don’t use FTP?

As with Telnet and HTTP. FTP is a protocol where the data travels without any encryption over the network. So yes, an attacker could see and intercept the whole session.

We will discuss the safer options like SFTP and SCP in later articles.