Let’s talk about ports, and not the kind that ships load cargo onto but the cooler, geekier, virtual ones that help computers sort out the network traffic they are faced with.

What are ports?

Not just for cargo ships.
Not just for cargo ships. Photo by Alex Duffy on Unsplash

Unlike cargo ships, in the computing world, ports are virtual communication endpoints that make it possible for computers and servers to connect and transfer data, helping them to propel that data in the right direction. All apps or processes that use a network such as the Internet to communicate have a standardized port number that is used for identifying a network-based application on a computer.

Port numbers are primarily used for TCP and UDP based networks. Each port number indicates a specific service, and each host may have 65,535 ports pertaining to one IP address. While an application can change its port number, there are certain defaults that are quite popular and mostly go unchanged, such as: 23 for Telnet, 80 for HTTP, 25 for SMTP and 21 for FTP.

What is FTP?

FTP (File Transfer Protocol) is a communications protocol that emerged in the early 1970’s for the purpose of file transfer amongst computers. More specifically, it supports the direct transfer of files over the network between a client and a server.

FTP ports

FTP utilizes two individual channels to transfer information: a ‘control information’ port (used for commands and responses) and a ‘data’ port (used for transferring data - uploading and downloading files). By default the control port is tcp port 21 and the data port is well, it’s complicated...

In order to execute an FTP port connection through a client, the user has to enter both the name of the server and login credentials in the authorization fields of the FTP client. The FTP connection is then established to the FTP server’s port 21. Then, depending on the FTP session mode, another connection between a set of ports is used for data transfer. In the active mode, the server will open a connection from port 20 to the client’s control port+1. The active mode is hardly ever used because of its incompatibility with firewalls and the access requirement to a client behind a NAT. When using the passive mode, the client asks which server port to connect to for data and creates another connection to it. In the passive mode, the server’s data port is random.

The risks

As mentioned earlier, FTP was designed a long time ago, back when security over the network was not a prioritized factor. This also explains why it allows anonymous access, meaning that a user isn’t required to authenticate themselves before they get a hold of your files and why nothing is encrypted when using the FTP protocol over the wire.

Additionally, the antique FTP was made before duplex channels were invented, and therefore utilizes 2 ports, as explained above. Therefore, it is difficult to harden the networks it’s being used on since firewall rules and NATs must be set up in a particular way in order to enable the opening of the data channel.

Choosing a safer way

Today, security is no longer something to dismiss when transferring information over the web. Whether the files contain customer information, financials, EDI documents, or any other kind of data, your critical assets need to be protected from cybercriminal activities. That is where SFTP comes in.

Using a single port connection (port 22 by default) for both control and data transfer, SFTP is built to protect your data and credentials against sniffing and man-in-the-middle attacks by encrypting communication between client and server. It relies on SSH for its authentication processes as well as encryption and offers the options of a private/public key or user/password authentication.

You can read all about SFTP and the differences between the SFTP and FTP protocols here.