Difference between Active and Passive FTP
What is FTP?
FTP stands for File Transfer Protocol. It is a type of protocol that is used for transferring files over a network. FTP uses the TCP-based protocol. For a protocol with nearly fifty years on the clock, FTP can sometimes be a lot more complicated than most would assume. In particular, there is often a strong misunderstanding of the differences between active and passive FTP sessions, which can lead to confusion around port numbers in use and how the protocol works.
There are two different modes that the FTP works. These two modes are:
- Active FTP.
- Passive FTP.
Active FTP
In today's network, the session for active FTP is very rare. In active FTP mode, port 21 is used for all types of communication. Port 21 is also used to set up the channel for the client's authentication; once the client is authenticated by the port, the server assigns a particular port for that client. After that, the server informs the client that there is a dynamic port for the client to return back to the connection. Then the server creates a secondary port for the client to share the file over that port, and then the server initializes the transmission process.
Advantages of Active FTP
There are some advantages to active FTP. These advantages are as follows:
- It provides better security to the server.
- It provides a less attack surface to the server side.
- It is very easy to set up the server-side administration team.
Disadvantages of Active FTP
There are some disadvantages to active FTP. These disadvantages are as follows:
- FTP clients often use NAT behind firewalls, and a portable device, such as a laptop, will have an ever-changing external IP address. This means that the IP address sent to the server using the PORT command will have to be re-configured each time the external IP address changes.
- Where ever the FTP client is, at the time of initiating an FTP session, it will need to ensure that the dynamic data port has been allowed in any firewalls between the server and the client.
Passive FTP
The passive mode for the FTP is created to take some responsibility for firewall configuration. The passive FTP mode can control both data and the control channel. When the client opens the communication channel, at that time the server also initiates the sequence of action process. Passive FTP also uses port 21, like active FTP. At the backend of the channel, the client initiates a port command to initiate a transaction. When the command returns back to the port then, the client creates a data channel for this process.
Advantages of Passive FTP
- The configuration responsibility is placed on the server side, which is less likely to be changing or mobile.
- No inbound firewall requirements for the client.
Disadvantages of Passive FTP
On the server side, the administration team will need to allow the data channel in the firewall by opening a range of dynamic ports.
Difference between Active FTP and Passive FTP in Tabular Form
Active FTP | Passive FTP |
In this FTP, the client establishes a connection for the command, and the server establishes a connection for the data channel. | In this FTP, both the data channel and the command channel are established by the client only. |
The active FTP provides security to the File transfer protocol server. | The passive FTP does not provide security to the File transfer protocol server. |
Due to the firewall, the active FTP causes an error to the server. | There is no firewall connection issue in passive FTP. |
Active FTP is not the default mode for the browser. | Passive FTP is the default mode for the browser. |
The data channel is acknowledged by the client only. | The data channel is acknowledged by the server only. |
The data shared by the client is transferred to the random port of the server side. | In this FTP, the client shares the PASV command with the server. |