File Transfer Protocol - FTP

Port Number - 21

RFC - RFC 959 (October 1985)
OSI Model - Application Layer

File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one computer to another over a TCP-based network, such as the Internet or Local Area network. FTP is part of the TCP/IP protocol suite. TCP/IP is the basic protocol that runs the whole Internet. There are a number of smaller protocols that run on top of TCP/IP, such as email, HTTP, and Telnet. FTP is one of these. FTP operates on the application layer of the OSI model, and is used to transfer files using TCP/IP.


The first FTP client applications were interactive command-line tools, implementing standard commands and syntax. Graphical user interface clients have since been developed for many of the popular desktop operating systems in use today. The original specification for the File Transfer Protocol was written by Abhay Bhushan and published as RFC 114 on 16 April 1971, before TCP and IP even existed. It was later replaced by RFC 765 (June 1980) and RFC 959 (October 1985), the current specification.
How does Work
FTP works on the principal of a client/server. FTP works very similarly to the way web pages work. Each file on an FTP server is given an address (URL) so that other computers connected to the internet can find it. Users can then either use an FTP client or most web browsers to either download or upload files to the server.
         When a user wishes to engage in File transfer, FTP sets up a TCP connection to the target system for the exchange of control messages. These allow used ID and password to be transmitted and allow the user to specify the file and file action desired. Once file transfer is approved, a second TCP connection is set up for data transfer.
Windows NT supports both file transfer protocol (FTP) and trivial file transfer protocol (TFTP) under its implementation of TCP/IP. Both of these protocols can be used for transferring files across the Internet. The differences between the two protocols are explained below:
  • FTP is a complete, session-oriented, general purpose file transfer protocol. TFTP is used as a bare-bones special purpose file transfer protocol.
  • FTP can be used interactively. TFTP allows only unidirectional transfer of files.
  • FTP depends on TCP, is connection oriented, and provides reliable control. TFTP depends on UDP, requires less overhead, and provides virtually no control.
  • FTP provides user authentication. TFTP does not.
  • FTP uses well-known TCP port numbers: 20 for data and 21 for connection dialog. TFTP uses UDP port number 69 for its file transfer activity.
The Windows NT FTP server service does not support TFTP because TFTP does not support authentication.
Windows 95 and TCP/IP-32 for Windows for Workgroups do not include a TFTP client program.
Passive and active FTP
Internet Information Server (IIS) with File Transmission Protocol (FTP) installed supports the following connection types:
  • Active-mode FTP
  • Passive-mode FTP
The IIS-based FTP service (MSFTPSVC) supports both active and passive mode connections, depending on the method that is specified by the client. The FTP protocol uses a minimum of two connections during a session: a half-duplex connection for control, and a full-duplex connection for data transfer. By default, TCP port 21 is used on the server for the control connection.
Active Mode FTP Connection
Active-mode FTP is sometimes referred to as "client-managed" because the client sends a PORT command to the server (over the control connection) that requests the server to establish a data connection from TCP Port 20 on the server, to the client, using the TCP port that is specified by the PORT command.
[Note: -The FTP client sends the PORT command to the FTP server in the following format:
PORT 192,168,0,3,19,243
where the first four comma-separated values correspond to the octets of the client's IP address, and the fifth and sixth values are the high- and low-order bits of the 16-bit port number.]
Passive-mode FTP Connections
Passive-mode FTP is sometimes referred to as "server-managed", because after the client issues a PASV command, the server responds to that PASV instruction with one of its ephemeral ports that will be used as the server-side port of the data connection. After a data connection command is issued by the client, the server connects to the client using the port immediately.
Anonymous FTP
A host that provides an FTP service may additionally provide anonymous FTP access. Users typically log into the service with an 'anonymous' account when prompted for user name. Although users are commonly asked to send their email address in lieu of a password, no verification is actually performed on the supplied data. Many FTP hosts whose purpose is to provide software updates will provide anonymous logins. Examples of anonymous FTP servers can be found here. Some universities, government agencies, companies, and private individuals have set up public archives that you may access via FTP, usually in a directory named pub for anonymous FTP.