FTP is another protocol available on the internet. It’s run on TCP and it’s used to transfer file between hosts. To start a connection the client host usually need to connect with a username and a password.

The peculiarity of FTP is that use two different TCP connection for file transferring. A first connection, the control connection is used for the client to send username, password and in general commands to the server. The data connection on the other hand is used to actually transfer files. The data connection can be opened by the server after the client request a file (active mode) or by the client (passive mode) with a port provided by the server.

For this reason FTP send its control information out-of-band whereas HTTP sent its control information (header) in-band.

The control connection uses the port $21$ and it’s alive for the whole session, for that reasons FTP need to keep track of the state of a user. The data connection uses tje port $20$ and it’s opened when a file transfer begin and it’s closed right after its completion. A data connection is created for each file transfer.

Usually each FTP command consist of 4 uppercase letters. The most used are

• USER username - used to username to the server
• PASS password - used to password to the server
• RETR filename - used to get the specified form the server
• STOR filename - used to put the specified local file to the server
• LIST - used to list the content of the current directory (the result will be sent over a new data connection)
• CWDR - used to change the current working directory

The response from the server provided by the FTP server can be

• 331 Username OK, password required
• 125 Data connection already open; transfer starting
• 425 Can’t open data connection
• 452 Error writing file

Reference RFC 959