Active FTP is deﬁned as one connection initiated by the client to the server for FTP control Connection. Remember that FTP requires two port connections through TCP ports 20 (data) and 21 (control). The second connection is made for the FTP data connection (where data is transferred), which is initiated from the server back to the client.
Active FTP is less secure than passive mode because the FTP server, which, in theory, could be any host, initiates the data channel.
Figure 3-2 displays the active FTP mode of operation between an FTP client and FTP server.
Figure 3-2 displays a typical FTP mode of operation between a client PC and FTP server in active mode. The following steps are completed before FTP data can be transferred:
1 The FTP client opens a control channel on TCP port number 21 to the FTP server. The source TCP port number on the FTP client is any number randomly generated above 1023.
2 The FTP server receives the request and sends an acknowledgment. FTP commands are exchanged between client and server.
3 When the FTP client requests a directory list or initiates a ﬁle transfer, the client sends a command (FTP port command). The FTP server then opens (initiates) a data connection on the FTP data port, TCP port 20.
4 The FTP client responds and data can be transferred.
Passive FTP still requires a connection for the initial FTP control connection, which is initiated by the FTP client to the server. However, the second connection for the FTP data connection is also initiated from the client to the server (the reverse of active FTP).
Figure 3-3 displays a typical FTP mode of operation between a client PC and FTP server in passive mode.
The following steps are completed before data can be transferred:
1 The FTP client opens a control channel on TCP port 21 to the FTP server and requests passive mode with the FTP command pasv, or passive. The source TCP port number is any number randomly generated above 1023.
2 The FTP server receives the request and agrees to the connections using a randomly generated, local TCP port number greater than 1023.
3 The FTP client receives the information, selects a local TCP number randomly generated and greater than 1023, and opens a data channel to the FTP server (on TCP greater than 1023).
4 The FTP server receives the FTP client’s request and agrees to the connection.
In passive FTP, the client initiates both the control connection and the data connection. In active mode, the FTP server initiates the FTP data channel. When using passive FTP, the probability of compromising data is less because the FTP client initiates both connections.