Port Authority Edition – Internet Vulnerability Profiling
by Steve Gibson,  Gibson Research Corporation.

Goto Port 19
Probe Port 20
Enter Port: 0-65535
Goto Port 21

Port Authority Database

Port 20


File Transfer Protocol (Default Data Channel)

The FTP protocol uses a pair of connections between the FTP client and FTP server. The connection with the FTP server's port 20 is the second connection created during an FTP session, the first one being to the server's port 21.

See the brief discussion below for additional information, and the detailed information on the port 21 page for much more.

Related Ports: 

Background and Additional Information:

The FTP protocol employs a pair of connections between the client and server. Connections to the FTP server are initiated over the command and control channel which is established from an arbitrary port on the FTP client machine to (usually) port 21 on the FTP server machine.

Next, a second "data channel" connection is created. This is either made from the FTP server's port 20 to a client-specified port on the client machine (in the case of Active FTP), or from an arbitrary port on the client machine to port 20 on the FTP server machine.

In other words, the first "command and control" connection of an FTP session is made from the client to the server (to port 21 by default) then the second connection, as specified by the commands carried over the first connection, is made either the client to the server, or back from the server to the client.

Please see our port 21 page which discusses the FTP protocol and the relationship between ports 20 and 21 in much greater detail.

Trojan Sightings: Senna Spy FTP server

The entire contents of this page is copyright © 2008 by Gibson Research Corporation.

Jump to top of page
Gibson Research Corporation is owned and operated by Steve Gibson.  The contents
of this page are Copyright (c) 2020 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy.
Jump to top of page