NetworkingBeginner18 min read

What Is FTP in Networking?

Reviewed byJohnson Ajibi· Senior Network & Security Engineer · MSc IT Security
On This Page

Quick Definition

FTP is a way to move files from one computer to another over the internet. It uses a client program on your computer to connect to a server. You can upload files to the server or download files from it. It is often used by web developers to update websites or by IT staff to manage remote systems.

Commonly Confused With

FTPvsTFTP

TFTP (Trivial File Transfer Protocol) is a simpler, UDP-based protocol that uses port 69. It has no authentication, no directory listing, and is less reliable than FTP. It is used mainly for booting diskless workstations or transferring firmware to network devices.

You would use TFTP to upload a new router OS image, but FTP to manage website files.

FTPvsSFTP

SFTP (SSH File Transfer Protocol) is not FTP at all. It is a secure file transfer protocol that runs over SSH (port 22). It encrypts everything, supports resuming transfers, and provides strong authentication. SFTP is a different protocol, not a variant of FTP.

If you need to securely transfer files to a Linux server, you would use SFTP, not plain FTP.

FTPvsFTPS

FTPS (FTP over SSL/TLS) is the standard FTP protocol wrapped in an encrypted SSL/TLS layer. It can be explicit (AUTH TLS on port 21) or implicit (port 990). It adds security to standard FTP commands.

An e-commerce site might use FTPS to securely upload customer data files from a branch office.

FTPvsHTTP

HTTP (Hypertext Transfer Protocol) is used for transferring web pages and related content, not files in general. HTTP uses port 80 and has a different command set (GET, POST, etc.). File downloads via HTTP are common, but HTTP does not have built-in directory browsing like FTP.

You use HTTP to view a website in a browser. You use FTP to upload that website's files to a server.

Must Know for Exams

FTP is a core topic in many general IT certification exams, including CompTIA Network+, CompTIA A+, and the CCNA from Cisco. In Network+, for instance, you are expected to know FTP's port numbers (21 for control, 20 for active data), its use as a TCP-based protocol, and the differences between active and passive modes. Exam questions may ask you to choose the correct port for an FTP server on a firewall rule, or to identify which protocol is used to securely transfer files.

In the CCNA, FTP appears in the context of device management. You might be asked how to back up a router or switch configuration to an FTP server. You need to know the copy command syntax and that FTP requires a username and password (unlike TFTP which is simpler). The exam may also test your understanding of when to use FTP vs TFTP vs SCP.

For A+, the focus is on practical knowledge: setting up an FTP client, understanding anonymous access, and recognizing that FTP traffic is unencrypted. Questions might ask about troubleshooting a failed file transfer due to firewall settings or incorrect login credentials.

In all these exams, FTP questions often appear in scenario-based formats. You might be given a network diagram and asked to identify which port to open for FTP. Or you may be presented with a troubleshooting log and need to infer that a passive mode negotiation failed. Understanding the nuance of active vs passive mode and the security implications of cleartext passwords is what separates a good score from a great one.

Simple Meaning

Imagine you have a big pile of papers on your desk, and you need to send them to a friend who lives in another city. One way to do it is to put the papers in a box, drive to the post office, and mail the box. That works, but it takes time and effort. FTP is like having a dedicated postal service that works instantly over a wire.

With FTP, your computer uses a special program called an FTP client to talk to another computer called an FTP server. The server is always listening for file requests. You log in with a username and password (or sometimes anonymously) and then you can see the files on the server as if they were on your own computer. You can drag and drop files to copy them to the server, or pull files from the server to your local machine.

Think of it as a digital file cabinet. Your computer is your home office, and the server is a secure office building downtown. FTP is the secure courier that shuttles documents between your home office and the downtown building. It handles big files, multiple files at once, and even folders. Without FTP, moving large files over the internet would be clumsy and slow, like trying to email a huge video file that gets blocked by the attachment size limit. FTP makes file transfer fast, reliable, and efficient for IT professionals and web developers.

Full Technical Definition

FTP (File Transfer Protocol) is an application-layer protocol defined in RFC 959 that operates over the Transmission Control Protocol (TCP). It uses a client-server architecture and establishes two separate connections: a control connection on port 21 and a data connection on port 20 (active mode) or a random high port (passive mode). The control connection is used for sending commands (like USER, PASS, LIST, RETR, STOR) and receiving responses, while the data connection is used for the actual file transfer.

FTP supports two modes of data transfer: active and passive. In active mode, the client opens a random port and tells the server to connect back to that port for data. This can cause issues with firewalls and NAT (Network Address Translation) because the server initiates the data connection to the client. In passive mode, the server opens a random high port and tells the client to connect to that port for data. Passive mode is more firewall-friendly and is the default in most modern FTP clients.

FTP authentication can be done with a username and password (cleartext, not encrypted) or anonymously (using 'anonymous' as the username and an email address as the password). The protocol itself does not provide encryption, meaning credentials and data are sent in plaintext. This is a major security weakness. To address this, secure variants such as FTPS (FTP over SSL/TLS) and SFTP (SSH File Transfer Protocol, which is actually a different protocol) were developed. FTPS adds SSL/TLS encryption to the control and/or data channels, while SFTP uses the SSH protocol to provide a secure encrypted channel for file transfer.

In IT implementation, FTP servers are often run on Linux or Windows Server using software like vsftpd, ProFTPD, or IIS FTP. Clients include FileZilla, WinSCP, and command-line tools like ftp and curl. FTP is still widely used for legacy systems, large file transfers, and in environments where encryption is handled by other means, such as VPNs.

Real-Life Example

Imagine you are a chef running a busy restaurant. You receive daily shipments of ingredients from a central warehouse. The warehouse has a loading dock where all deliveries are received and stored. That loading dock is like an FTP server. Each morning, you drive your truck to the warehouse, show your ID badge (that's your username and password), and then you can either drop off empty crates (upload) or pick up fresh produce (download).

Now, suppose your restaurant is on a busy street with a one-way alley. If you try to drive into the alley from the wrong direction (like active FTP mode), the traffic might block you because the alley is narrow and the flow is restricted. Instead, you take the passive approach: the warehouse tells you which specific loading bay is open (passive port), and you drive to that bay from the correct direction. This works smoothly no matter how the traffic flows.

Just as a chef needs to move food efficiently between kitchen and warehouse, an IT professional needs to move files between a local computer and a remote server. FTP is that dedicated loading dock for digital data. It handles large orders (big files), multiple crates (batch transfers), and works even when the restaurant is far away (remote server). The key lesson is that FTP is not just about moving files, it is about doing so reliably, with clear commands and responses, and with a system that avoids getting stuck in network traffic jams.

Why This Term Matters

FTP is one of the foundational protocols for file transfer in IT. Even with the rise of cloud storage and web-based file sharing, understanding FTP is crucial because countless legacy servers, embedded systems, and specialized devices still rely on it. Many IT professionals encounter FTP when managing web servers, uploading software updates to networking equipment, or maintaining backup systems.

Knowing how FTP works helps you troubleshoot connectivity issues. For example, if a web developer cannot upload a new site, the problem might be passive vs active mode, a firewall blocking port 21, or incorrect login credentials. Without understanding FTP, you might waste hours on the wrong fix.

FTP also teaches fundamental networking concepts: client-server model, port numbers, control vs data channels, and the difference between cleartext and encrypted protocols. These concepts reappear in HTTP, SMTP, and SSH. Mastering FTP gives you a solid grounding in how application-layer protocols operate. In a world where security is paramount, knowing the weaknesses of plaintext FTP (and how to mitigate them with FTPS/SFTP) is directly applicable to real-world security hardening.

How It Appears in Exam Questions

FTP exam questions come in several patterns. One common type is direct knowledge: 'Which port does FTP use for control?' or 'What is the default data port for active FTP?' These are straightforward and test your memorization of port numbers. Another pattern involves comparing FTP with other file transfer protocols: 'Which protocol is used for secure file transfer over SSH?' (answer: SFTP).

Scenario-based questions are more challenging. For example: 'A user is unable to connect to an FTP server from outside the company network. The server is behind a firewall. Which FTP mode should be used to ensure successful connections?' The correct answer is passive mode because it allows the client to initiate both control and data connections, making it firewall-friendly.

Troubleshooting questions might provide a packet capture or log. For instance, 'An administrator sees TCP port 21 connections succeeding but file transfers fail. What is the most likely issue?' The answer could be that the firewall is blocking the data connection port range (active mode data port 20, or passive mode high ports).

Configuration questions appear in CCNA: 'Complete the command to back up the running configuration to an FTP server.' The correct command might be 'copy running-config ftp://username@server-ip/config-file'. You need to recall the syntax and the fact that you must specify a username.

Security-focused questions: 'Why should plain FTP be avoided on public networks?' Because credentials and data are sent in cleartext, making them vulnerable to packet sniffing. The recommended alternative is FTPS or SFTP.

Practise FTP Questions

Test your understanding with exam-style practice questions.

Practise

Example Scenario

You are a junior IT technician at a small marketing agency. The company's website is hosted on a remote Linux server. The lead designer asks you to upload a new homepage file (index.html) and a folder of images (about 50 MB total). The designer gives you the server address, a username, and a password.

Using FileZilla, you enter the hostname (ftp.example.com), port 21, and the credentials. FileZilla connects quickly, and you see the remote directory listing. You drag the index.html file and the images folder from your local PC to the remote 'public_html' folder. The transfer starts, but a few minutes later, it stops with an error: 'Failed to retrieve directory listing'. The designer is frustrated and you need to fix it.

You check the server settings. The FTP server is behind a company firewall that only allows outbound connections. Active FTP mode is requesting the server to connect back to your client on a random port, which the firewall blocks. Solution: In FileZilla, you change the transfer mode to 'Passive' in the settings. You reconnect and the transfer completes successfully. You also remember that FTP sends passwords in plaintext, so you recommend implementing FTPS or SFTP for future transfers.

This scenario shows the real-world interplay between FTP modes, firewalls, and security considerations. It highlights why understanding active vs passive mode is not just exam theory but a practical necessity for daily IT work.

Common Mistakes

Thinking FTP uses UDP instead of TCP.

UDP is connectionless and unreliable, which would cause file corruption. FTP requires reliable, ordered delivery, so it must use TCP.

Memorize that FTP is a TCP-based protocol. UDP-based file transfer is done by TFTP.

Confusing active mode with passive mode, especially which side initiates the data connection.

In active mode, the server initiates the data connection back to the client. In passive mode, the client initiates both connections. Mixing them up leads to firewall troubleshooting errors.

Remember: Active = server acts (connects to client); Passive = client stays in charge (connects to server).

Believing FTP is secure by default.

Standard FTP sends all data, including usernames and passwords, in plaintext. Anyone on the network can capture this traffic with a packet sniffer.

Always use FTPS (FTP over SSL/TLS) or SFTP (SSH-based) when security is required. Assume plain FTP is only for trusted networks.

Assuming FTP only uses port 21.

Port 21 is only for control. For data transfer, active mode uses port 20, and passive mode uses a random high port (typically 1024-65535). Firewalls must allow both.

When configuring firewalls, open port 21 for control, and either port 20 (active) or a range of high ports (passive) depending on the mode used.

Thinking SFTP is just FTP with SSL.

SFTP (SSH File Transfer Protocol) is a completely different protocol from FTP, built on the SSH transport layer. It is not FTP at all. FTPS is FTP with SSL/TLS.

SFTP = SSH-based (port 22). FTPS = FTP + SSL/TLS (port 990 for implicit, or 21 for explicit). Know the difference for exams and real life.

Exam Trap — Don't Get Fooled

{"trap":"The exam asks: 'Which protocol uses TCP port 21 for control and TCP port 20 for data?' The learner sees 'FTP' and selects it, but the question specifies 'in passive mode'. Passive mode does not use port 20 for data."

,"why_learners_choose_it":"Most learners memorize that FTP uses port 21 and 20, but they forget that port 20 is only for active mode data. In passive mode, data uses a random high port.","how_to_avoid_it":"Always read the mode mentioned.

If the question does not specify, assume the general case (active mode uses port 20). But if passive mode is mentioned, remember that port 20 is not involved. Practice by creating table of active vs passive ports."

Step-by-Step Breakdown

1

Client initiates control connection

The FTP client (e.g., FileZilla) makes a TCP connection to the server's port 21. This connection stays open for the entire session and carries commands like USER, PASS, and LIST.

2

Server sends a greeting and prompts for credentials

The server sends a 220 message indicating it's ready. The client then sends a USER command with the username, and the server replies with a 331 prompt for the password. The client sends the PASS command.

3

Authentication and session setup

If credentials are correct, the server sends a 230 message. The session is now authenticated. The client can then send commands like PWD (print working directory), CWD (change working directory), and LIST (list files).

4

Data connection establishment (active or passive)

When a file transfer is requested (e.g., RETR for download or STOR for upload), a separate data connection is established. In active mode, the client provides an IP and port, and the server connects back. In passive mode, the client asks for a passive mode (PASV), and the server responds with an IP and a random high port.

5

File transfer and completion

Data flows over the data connection in the agreed mode (binary or ASCII). After the transfer, the data connection closes. The control connection remains open for further commands. The session ends when the client sends QUIT.

Practical Mini-Lesson

As an IT professional, you will likely use FTP for server management, especially in environments without a cloud interface. Let's walk through a typical setup and potential pitfalls.

First, you need an FTP server. On Linux, 'vsftpd' is a common choice. Installation is simple: 'sudo apt install vsftpd'. The main configuration file is '/etc/vsftpd.conf'. You enable local user access, set the root directory (chroot), and choose whether to allow anonymous logins. You must also configure the firewall to allow ports 21 and the passive port range (e.g., 30000-31000).

On the client side, FileZilla is user-friendly. When you connect, pay attention to the log window. If you see 'ECONNREFUSED' on port 21, the server is not running or the port is blocked. If the control connection succeeds but directory listing fails, the issue is likely with the data connection mode. Try switching from active to passive (or vice versa) in FileZilla's Site Manager.

What can go wrong? Firewalls are the number one enemy. Many corporate firewalls only allow outbound connections, so passive mode is mandatory. Also, NAT can break active mode because the client's internal IP may not be reachable from the server. If you use active mode behind NAT, configure the client to send its public IP (via the PORT command) or use the 'PASV' workaround.

Security is a big concern. Plain FTP is a sniffing target. Whenever possible, enable FTPS by generating an SSL certificate and setting 'ssl_enable=YES' in vsftpd. Alternatively, use SFTP (which is actually SSH). Many modern organizations ban plain FTP entirely. As a professional, you should know how to set up both secure variants and explain the trade-offs: FTPS uses separate ports and can be complex with firewalls, while SFTP uses a single port (22) and is simpler but requires SSH server setup.

Finally, automation is common. Scripts using 'curl' or 'wget' with FTP URLs can automate backups or deployments. For example, 'curl -u username:password ftp://server/file.zip -O' downloads a file. Remember that exposing credentials in scripts is a security risk; use .netrc files or environment variables instead.

Memory Tip

FTP: Files Travel on Port 21; Data Travels on Port 20 (active only). To remember active vs passive: Active = A for 'Aggressive' (server connects to you); Passive = P for 'Polite' (client connects to server).

Covered in These Exams

Current Exam Context

Current exam versions that test this topic — use these objectives when studying.

Related Glossary Terms

Frequently Asked Questions

What port does FTP use?

FTP uses TCP port 21 for control commands and TCP port 20 for data in active mode. In passive mode, data uses a random high port (typically 1024-65535).

Is FTP secure?

No, standard FTP sends all data including passwords in plaintext. For secure file transfer, use FTPS (FTP over SSL/TLS) or SFTP (SSH-based).

What is the difference between active and passive FTP?

In active mode, the server connects to the client for data transfer. In passive mode, the client connects to the server. Passive mode is more firewall-friendly.

Can I use FTP to transfer files between two computers on the same network?

Yes, if one computer runs an FTP server and the other runs an FTP client. Both machines must be on the same network and able to reach each other's IP addresses.

What is anonymous FTP?

Anonymous FTP allows users to log in with 'anonymous' as the username and their email address as the password. It is used for public file sharing where authentication is not required.

How do I enable FTP on a Windows server?

You can install the FTP Server role via Server Manager, configure it in IIS, and then set up users and permissions. Ensure the Windows firewall allows port 21.

What is the difference between FTP and HTTP for file transfer?

FTP is designed specifically for file management (upload, download, rename, delete) with directory browsing, while HTTP is for viewing web pages. FTP is more efficient for large batch transfers.

Why does my FTP directory listing fail after a successful login?

This usually indicates a problem with the data connection. Try switching between active and passive mode in your client, or check that your firewall allows the necessary ports.

Summary

FTP (File Transfer Protocol) is a foundational networking protocol for transferring files between a client and a server over TCP. It uses a control connection on port 21 and a separate data connection, which can be established in active mode (server connects to client on port 20) or passive mode (client connects to a random high port). Understanding FTP is essential for IT professionals because it is still widely used for website management, device configuration backups, and legacy system integration.

For certification exams like CompTIA Network+, A+, and the CCNA, you must know FTP's port numbers, mode differences, and security limitations. Common exam traps include confusing active vs passive mode, assuming FTP is secure, and mixing up FTPS, SFTP, and TFTP. Real-world practice with FileZilla or command-line ftp helps solidify these concepts.

The key takeaway is that while FTP is simple and effective, it is inherently insecure. Always use encrypted alternatives (FTPS or SFTP) for any sensitive data. Mastering FTP gives you a stronger grasp of application-layer protocols, client-server communication, and network troubleshooting-skills that transfer directly to HTTP, SMTP, and SSH. On your exam, remember the port numbers, the mode mechanics, and the security caveats, and you will handle any FTP question with confidence.