Published on 30 Nov 2018 - Updated on 23 Feb 2021
You have files and images to transfer, and you want to know if Port 21 is secure? Don’t worry, read on to learn all about Port 21 and FTP for transferring files.
Port 21 is commonly associated with FTP. FTP has been assigned to Port 21 by the Internet Assigned Numbers Authority (IANA). The IANA also oversees global IP address allocation.
FTP is often thought of as a “not secure” file transfer protocol. This is mainly due to FTP sending data in clear text and offering an anonymous option with no password required. However, FTP is a trusted and still widely used protocol for transferring files. Many businesses rely on FTP daily for large file uploads and bulk file transfers.
Individuals, companies, and universities all use Port 21. It is a well-known port number. In fact, ports 1-1023 are considered the “well-known” port numbers. Well-known ports are essential for daily online interactions and data transfers.
Establishing a connection with a server via Port 21 does not automatically give your information away. Uploading and downloading files via FTP is done through a separate data channel, usually connecting to the server through Port 20. Meanwhile, your Port 21 connection allows you to enter FTP commands and browse file listings on the server.
There are simple measures you can take to improve the security of your data when utilizing a Port 21 connection.
Require a password for all your file transfers. While this is common knowledge today, many people find passwords a hassle and tend to skip if not required. A weak username and password mean a less secure transaction no matter what port you use.
It is also recommended that you limit IP addresses when using FTP and connecting through Port 21. Most FTP providers offer IP address whitelisting or blacklisting as a simple security measure you can opt into.
IP whitelisting lets you set which IP addresses are allowed to connect to and access your account. This is helpful when you have remote workers that need to upload and download files daily.
The server you access via port 21 for FTP transfers is a vital part of the process. Whether you choose in-house or a hosted FTP service, the server stores your files and needs to be maintained, monitored, and secure – both physically and from virtual threats.
First, keep your server up to date. Or, use an FTP service that is reliable and has engineering staff who monitor and update their servers as needed.
With server hosting, you can count on a server kept in optimal condition without needing to find the time, money, and I.T. staff to cover maintenance responsibilities.
An up-to-date server with the proper configuration means there are no known vulnerabilities when connecting and transferring files. Being proactive regarding server maintenance prevents issues such as security breaches, failures, and service outages. Port 21 connections will carry even less worry if the hardware is secure.
A sniffer sniffs ALL ports and network traffic, searching for vulnerabilities, not just Port 21. These packet sniffers look at data packets that flow between computers or computers and servers over the internet. It is highly unlikely that scanners and sniffers specifically target Port 21.
Individuals with malicious intent or who have some reason to desire access to your network will scan for all ports, looking for an opening. If you are using an alternate port instead of Port 21 for your FTP connections, it is likely that it will be discovered just as quickly as if you had stuck with Port 21.
Looking at it from this angle, the port number is the least of the security issues.
Finally, when connecting, you send a signal to the server via the control channel which is used to authenticate the client in the client-server relationship. The control channel also facilitates your interactions with the server, and this channel stays open so you can browse your files while executing commands. Don’t leave the connection open when you are done uploading or downloading files. With FTP it is easy to enter a command to close out the session. Closing the session when done reduces the chance that your Port 21 connection will be available to packet sniffers and robot scanners.
When you start with secure servers and infrastructure, passwords, and IP restrictions, you mitigate many security risks associated with Port 21 and FTP. You can also encrypt your data prior to transferring via FTP.
If there is additional concern regarding the use of Port 21 to transfer business files, you can look at other ports and protocols designed to transfer large files or mass amounts of data. One option is to connect via SFTP. The SFTP protocol is supported by most FTP clients and uses Port 22 to transfer both the commands and data.