INFORMATION OVER THE FTP SERVER ACTIVE VS PASSIVE MODE
FTP or file transfer protocol is very old but it is still a popular protocol to transfer files.
Across a network however, there are two implementations of ftp, ftp active and passive ftp and the difference between them is small but very important for the configuration of the firewall.
This article gives some explanation here.
To use ftp successful use there is a connection of two ports required between the client and the ftp server.
This includes a command port and data port.
By default, port 21 is used for the connection command for the data connection that depends on the choice of active or passive ftp.
First, a connection is set up on the command port and when it was successful, a connection is set up on the data port.
THE ACTIVE FTP SERVER:
1. The command connection: the client connects from a random port > 1024 = N to the server on port 21.
2. The data, the server connection from port 20 to the client on port N + 1.
THE PASSIVE FTP SERVER:
1. Command connection: the client connects from a random client port > 1024 = N to the server default port 21.
2. Data connection: the client connect from the client port N + 1 to the server on a random port > 1024.
A MORE DETAILED EXPLANATION:
The major problem with active ftp is in 2.
The server tries to set up a new connection with the client.
Every computer user that is not too green has a personal firewall enabled which, if properly configured, no incoming connections allow.
From the standpoint of the server administrator active ftp is preferable, because it needs only one input port to the ftp server open to be put.
In passive ftp starts both in setting up the first and the second connection to the connect the customer so that the problem of the personal firewall or nat router is circumvented.
From the standpoint of the passive ftp server manager is disadvantageous because a whole series of gates to open the Server should be put.
THE ACTIVE FTP CLIENT:
Starting communications port 21 to allow incoming communication to enable the ports above 1024.
THE ACTIVE FTP SERVER:
Communications to allow incoming Port 21.
Outgoing communications to allow the ports above 1024.
THE PASSIVE FTP CLIENT:
Communications to allow outgoing Port 21.
Outgoing communications to allow the ports above 1024.
THE PASSIVE SERVER:
Communications to allow incoming Port 21.
Incoming communications allow the ports above 1024.
THE CONCLUSION:
Each system administrator should immediately opt for an active ftp because of the lower safety risks due to the limited number of input ports only one of the Server that must be opened.
For public ftp servers, this is not an option, only a minority of users would be able to successfully filled a connect to server.
For users of active ftp is very adversely affected by the number of input ports of the client that must be accessible.
It is certainly not advisable for all those ports open on the Personal Firewall Client.
Passive ftp is not much to do, and the Server Manager will look at his or her lip to bite when opening all the ports or there are unfortunately almost no up or downloads.
THIS IS A WARNING FOR COPYRIGHT PROTECTED MATERIAL
Any redistribution, modification or commercial use of the downloads is forbidden, and protected by us and international copyright law.
Do not display our images, software, files and downloads on your own website or on other websites without written permission from the webmaster.
All images, software, files and downloads of this website are only intended for personal use.
Business use is strictly prohibited without written consent from the webmaster.