Active FTP is beneficial to the management of FTP servers, but is not conducive to the management of clients. Because the FTP server attempts to establish a connection with the client's high-bit random port, this port is likely to be blocked by the client's firewall. Passive FTP is beneficial to the management of FTP clients, but is not conducive to the management of the server side. Because the client needs to establish two connections with the server, one of which is connected to a high-bit random port, and this port is likely to be blocked by the server-side firewall.
Fortunately, there are compromises. Since administrators of FTP servers require their servers to have the most customer connections, they must support passive FTP. We can reduce the exposure of server high-bit ports by specifying a limited port range for the FTP server. In this way, any ports not in this range will be blocked by the server's firewall. While this does not eliminate all the dangers targeting servers, it greatly reduces the dangers.
in short:
Active mode (PORT) and passive mode (PASV). The active mode initiates a connection from the server side to the client; the passive mode initiates a connection from the client side to the server side. The common point between the two is that both use port 21 for user authentication and management. The difference is that the data is transmitted differently. The FTP server data port in PORT mode is fixed at 20, while the PASV mode is randomly between 1025-65535.
Solutions and principles of FTP active mode and passive mode
FTP is the abbreviation of File Transfer Protocol, which is used to transfer files between two computers. Compared to HTTP, the FTP protocol is much more complex. The reason for this is complex is that the FTP protocol uses two TCP connections, one is a command link, which is used to pass commands between the FTP client and the server; the other is a data link, which is used to upload or download data.
There are two ways of working in the FTP protocol: PORT method and PASV method, which means active and passive in Chinese.
The connection process of PORT (active) method is: the client sends a connection request to the server's FTP port (default is 21), the server accepts the connection, and establishes a command link. When data needs to be transferred, the client uses the PORT command on the command link to tell the server: "I have opened the XXXX port, come and connect to me." So the server sends a connection request from port 20 to port XXXX of the client and establishes a data link to transmit data.
The PASV (passive) connection process is: the client sends a connection request to the server's FTP port (default is 21), the server accepts the connection, and establishes a command link. When data needs to be transferred, the server uses the PASV command to tell the client on the command link: "I have opened the XXXX port, come and connect to me." So the client sends a connection request to the XXXX port of the server and establishes a data link to transmit data.
Summary:
--------------------------------------------------------------------------------
Active mode: The server knocks on the client, and then the client opens the door.
Passive mode: The client knocks on the server, and then the server opens the door.
Therefore, if you are surfing the Internet through a proxy, you cannot use active mode, because the server knocks on the door of the proxy server, not the client's door
And sometimes, the client does not open the door easily because there is a firewall blocking it unless the client opens high-end ports larger than 1024.
--------------------------------------------------------------------------------
To download in active mode, please do not check the passive mode (PASV) of the download tool. It is OK to download in active mode. If there is an error, then passively and actively convert each other.
Common methods of closing PASV methods for FTP client software
Most FTP clients use PASV mode by default, and the Italian version of PASV mode is passive. In most FTP clients settings, common words are "PASV" or "passive mode".
IE: Tools -> Internet Options -> Advanced -> "Use Passive FTP" (requires IE6.0 or above to support).
CuteFTP: Edit -> Setting -> Connection -> Firewall -> “PASV Mode”
Or File -> Site Manager, select Site on the left -> Edit -> "Use PASV mode"
FlashGet: Tools -> Options -> Proxy Server -> Direct Connect -> Edit -> "PASV Mode"
FlashFXP: Options -> Parameter Selection -> Proxy/Firewall/Identification -> "Use Passive Mode"
Or Site Management -> Corresponding Site -> Options -> "Use Passive Mode"
or Quick Connect -> Switch -> "Use Passive Mode"
LeapFTP: Option ->Preferences -> General->Proxy->Use Pasv Mode
From the above, we can see that the two methods of command link connection are the same, while the method of establishing data links is completely different. And this is the complexity of FTP.
Fortunately, there are compromises. Since administrators of FTP servers require their servers to have the most customer connections, they must support passive FTP. We can reduce the exposure of server high-bit ports by specifying a limited port range for the FTP server. In this way, any ports not in this range will be blocked by the server's firewall. While this does not eliminate all the dangers targeting servers, it greatly reduces the dangers.
in short:
Active mode (PORT) and passive mode (PASV). The active mode initiates a connection from the server side to the client; the passive mode initiates a connection from the client side to the server side. The common point between the two is that both use port 21 for user authentication and management. The difference is that the data is transmitted differently. The FTP server data port in PORT mode is fixed at 20, while the PASV mode is randomly between 1025-65535.
Solutions and principles of FTP active mode and passive mode
FTP is the abbreviation of File Transfer Protocol, which is used to transfer files between two computers. Compared to HTTP, the FTP protocol is much more complex. The reason for this is complex is that the FTP protocol uses two TCP connections, one is a command link, which is used to pass commands between the FTP client and the server; the other is a data link, which is used to upload or download data.
There are two ways of working in the FTP protocol: PORT method and PASV method, which means active and passive in Chinese.
The connection process of PORT (active) method is: the client sends a connection request to the server's FTP port (default is 21), the server accepts the connection, and establishes a command link. When data needs to be transferred, the client uses the PORT command on the command link to tell the server: "I have opened the XXXX port, come and connect to me." So the server sends a connection request from port 20 to port XXXX of the client and establishes a data link to transmit data.
The PASV (passive) connection process is: the client sends a connection request to the server's FTP port (default is 21), the server accepts the connection, and establishes a command link. When data needs to be transferred, the server uses the PASV command to tell the client on the command link: "I have opened the XXXX port, come and connect to me." So the client sends a connection request to the XXXX port of the server and establishes a data link to transmit data.
Summary:
--------------------------------------------------------------------------------
Active mode: The server knocks on the client, and then the client opens the door.
Passive mode: The client knocks on the server, and then the server opens the door.
Therefore, if you are surfing the Internet through a proxy, you cannot use active mode, because the server knocks on the door of the proxy server, not the client's door
And sometimes, the client does not open the door easily because there is a firewall blocking it unless the client opens high-end ports larger than 1024.
--------------------------------------------------------------------------------
To download in active mode, please do not check the passive mode (PASV) of the download tool. It is OK to download in active mode. If there is an error, then passively and actively convert each other.
Common methods of closing PASV methods for FTP client software
Most FTP clients use PASV mode by default, and the Italian version of PASV mode is passive. In most FTP clients settings, common words are "PASV" or "passive mode".
IE: Tools -> Internet Options -> Advanced -> "Use Passive FTP" (requires IE6.0 or above to support).
CuteFTP: Edit -> Setting -> Connection -> Firewall -> “PASV Mode”
Or File -> Site Manager, select Site on the left -> Edit -> "Use PASV mode"
FlashGet: Tools -> Options -> Proxy Server -> Direct Connect -> Edit -> "PASV Mode"
FlashFXP: Options -> Parameter Selection -> Proxy/Firewall/Identification -> "Use Passive Mode"
Or Site Management -> Corresponding Site -> Options -> "Use Passive Mode"
or Quick Connect -> Switch -> "Use Passive Mode"
LeapFTP: Option ->Preferences -> General->Proxy->Use Pasv Mode
From the above, we can see that the two methods of command link connection are the same, while the method of establishing data links is completely different. And this is the complexity of FTP.