What is the protocol 'ftp-data' identified by wireshark?

wireshark filezilla ftp winpcap
17,171

Solution 1

It's port 20 according to the wiki.

Port 21 is used for control data. The actual file data is sent on a different port.

To my knowledge, that port is usually negotiated before transfer. I don't know if Wireshark uses a fixed value of 20 or if it knows what port was used for data transmission.

Please note that what Wireshark calls a protocol is something like TCP.
I'm assuming you're talking about a human-readable version of a port.

From: http://www.wireshark.org/docs/wsug_html_chunked/ChAdvNameResolutionSection.html

7.7.5. TCP/UDP port name resolution (transport layer)

Try to resolve a TCP/UDP port (e.g. 80) to something more "human readable".

TCP/UDP port conversion (system service): Wireshark will ask the operating system to convert a TCP or UDP port to its well known name (e.g. 80 → http).

XXX - mention the role of the /etc/services file (but don't forget the files and folders section)!

So, it's a static lookup approach from port number to service. The information is basically meaningless.

Solution 2

There are 2 ports associated with the FTP protocol. They are 20 and 21 with 20 being the channel in which the data travels over(ftp-data) while port 21 is the port that the control messages are sent over (i.e 200 OK).

There are also differences regarding passive or active mode with passive using a random high port for data trasfer.

Also keep in mind ftp by default is plain text and easily intercepted over the wire. If this FTP solution is not inside your LAN's foot print I would recommend sftp, ftp over vpn or scp for moving files to and from the server.

Share:
17,171

Related videos on Youtube

user3318603
Author by

user3318603

Updated on September 18, 2022

Comments

  • user3318603
    user3318603 over 1 year

    Just implementing a FTP server and use wireshark to analize the protocol. I find there is a protocol identified by wireshark FTP-DATA. What is that? Any document or RFC can be referred?

    Thanks and Best Regards.

  • user3318603
    user3318603 about 12 years
    Thanks for your reply. But the wiki also says the FTP data port is negotiated through the control port and will typically vary in an "unpredictable" manner. And in my case, PASV has been turned on, two port numbers are 53213(src) and 3602(dest) respectively.
  • user3318603
    user3318603 about 12 years
    Thanks. I implement partial of FTP, and try to connect my server with FileZilla client. The client can't receive data from data connection in PASV mode. I also tried telnet connection, it works(I mean, I can connect the passive data socket and receive data there.) Have no idea where things go wrong.
  • Ivan Kastorsky
    Ivan Kastorsky about 12 years
    see my answer regarding passive..
  • user3318603
    user3318603 about 12 years
    Thanks. When you say high, is there a lower bound? Cause my ftp is implemented on a cloud platform. The port number I can use should be pre-allocated.
  • Ivan Kastorsky
    Ivan Kastorsky about 12 years
    Lower bound is 1024, by high i also mean ephemeral.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

FTP disconnects after entering passive mode b/c packets are lost
Is an FTP error (503 Bad sequence of commands) the result of a client issue or a server issue
How can I CHMOD files/directories on Windows Azure?
FTP file into docker container on remote server
pause transfer on filezilla and continue later (will shutdown my pc)
FTP Connection established...Connection timed out problem with all my sites and FTP programs?
How to download files with a specific extension only from an FTP server?
How to set NetBeans as a default editor in FileZilla
16.04: Filezilla crashes when performing any remote action
FileZilla 3.25.1 on Ubuntu 16.04?