# FTP (PORT: 21 )

[FTP  v/s SFTP v/s TFTP](https://www.youtube.com/watch?v=tOj8MSEIbfA)

* FTP (File Transfer Protocol) facilitates standard file transfers between server and client on a computer network.
* Utilizes a client-server architecture with distinct control and data connections.
* Users authenticate via clear-text sign-in, using username and password, or anonymously if server allows.
* For enhanced security, FTP can be secured with SSL/TLS (FTPS) or replaced with SSH File Transfer Protocol (SFTP) PORT 22.

Conceptually speaking, the client is always the host that downloads and uploads files to the server, and the server always is the host that safely stores the data being transferred.

From the graph below, you can see where FTP sits in the logical structure of the host, together with other services that could potentially be running on it at the same time.

<figure><img src="/files/BxkHcGiNlpoKUeJwpdVn" alt=""><figcaption></figcaption></figure>

FTP by itself does have the ability to require credentials before allowing access to the stored files. However, the deficiency here is that traffic containing said files can be intercepted with what is known as a Man-in-the-Middle Attack (MitM).\
The contents of the files can be read in plaintext (meaning unencrypted, human-readable form).\
\
\ <br>

<figure><img src="/files/cArN6O6pI6pxJK9oed4Q" alt=""><figcaption></figcaption></figure>

However, if the network administrators choose to wrap the connection with the SSL/TLS protocol or tunnel the FTP connection through SSH (as shown below) to add a layer of encryption that only the source and destination hosts can decrypt, this would successfully foil most Man-in-the-Middle attacks.

<figure><img src="/files/5Md4cSRm2NZE0GZooTA2" alt=""><figcaption></figcaption></figure>

## FTP COMMANDS

[Basic Commands of FTP](https://phoenixnap.com/kb/linux-ftp)

A typical misconfiguration for running FTP services allows an ***a-u*** account to access the service like any other authenticated user. The ***anonymous*** username can be input when the prompt appears, followed by any password whatsoever since the service will disregard the password for this specific account.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://n0m4dsec.gitbook.io/sec-book/common-web-services/ftp-port-21.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.