Embedded Files
FTP (File Transfer Protocol)
FTP (File Transfer Protocol)
Port(s): TCP 21 (control), TCP 20 (data)
Transport Layer: TCP
Key Features:
• - Unencrypted file transfer
• - Supports active and passive modes
• - Basic authentication (username/password)
Common Use Cases:
• - Legacy file sharing
• - Internal network transfers
SFTP (SSH File Transfer Protocol)
SFTP (SSH File Transfer Protocol)
Port(s): TCP 22
Transport Layer: TCP (via SSH)
Key Features:
• - Encrypted file transfer
• - Authentication via SSH keys or password
• - Supports file operations and permission changes
Common Use Cases:
• - Secure backups
• - Remote server file management
What SFTP Is
What SFTP Is
SFTP stands for SSH File Transfer Protocol (sometimes called “Secure File Transfer Protocol”).
Don’t confuse it with FTPS — despite the similar name, it’s not based on FTP at all.
It’s a completely separate protocol built on top of SSH (Secure Shell), meaning it inherits SSH’s security and authentication features.
Think of SFTP, like:
SFTP = a secure private tunnel (SSH) where file transfers are just one of the services you can run inside it.
How It Works
How It Works
SFTP runs as a subsystem of SSH. The same SSH connection that lets you run remote commands can also carry file operations — list directories, upload, download, change permissions, delete files, etc.
It’s defined in RFC 4254 (SSH connection protocol) and draft-ietf-secsh-filexfer for the file transfer subsystem.
Key points:
Single TCP connection (default port 22) — no separate data/control channels.
All communication (commands + data) is encrypted in the same SSH session.
Very firewall/NAT-friendly.
Security Features
Security Features
Encryption — Uses SSH-supported ciphers like AES, ChaCha20, etc.
Authentication — Username/password, public key authentication, or both.
Integrity — Message authentication codes (MACs) prevent tampering.
Host verification — Clients verify the server’s host key before connecting.
Ports and Firewall Simplicity
Ports and Firewall Simplicity
Default TCP port: 22
No random high ports — everything rides over the one SSH tunnel.
Works through most NAT/firewall setups without special handling.
Pros vs. FTPS
Pros vs. FTPS
SFTP Pros:
SFTP has the advantage of having a single port, which makes it far easier to traverse firewalls.
Strong SSH authentication (keys, certificates).
No separate passive/active data mode headaches.
It can be used wherever SSH access is available (many systems already run SSH).
SFTP Cons:
Not compatible with FTP/FTPS clients — requires SFTP-capable software.
Fewer built-in integration points for some older enterprise systems compared to FTP.
When You’d Use SFTP
When You’d Use SFTP
You already have SSH access to the server (common in Linux/Unix environments).
You want minimal firewall hassle and a single secure channel.
You need strong authentication via SSH keys.
You want a protocol with both file transfer and remote command execution capabilities over the same port.
FTPS (FTP Secure)
FTPS (FTP Secure)
Port(s): Explicit FTPS : TCP 21 (control), random ports (data) / Implicit FTPS port 990
Transport Layer: TCP with SSL/TLS
Key Features:
• - Encrypted FTP using SSL/TLS
• - Authentication via certificates or password
Common Use Cases:
• - Secure FTP with legacy compatibility
What is FTPS
What is FTPS
FTPS stands for File Transfer Protocol Secure.
It’s basically the old FTP protocol we already know, but wrapped inside TLS/SSL encryption so your credentials and file data don’t fly across the network in plain text like it’s still 1995.
Think of FTP(S) like 😀
FTP = sending postcards (everyone can read them)
FTPS = sending letters inside a locked envelope
How it works
How it works
FTPS is not a brand-new protocol; it’s an extension to FTP defined in RFC 4217. It uses the same basic commands (LIST, RETR, STOR) but negotiates a TLS/SSL handshake before sending sensitive stuff.
There are two main modes:
Implicit FTPS
Old-school style. The connection starts encrypted immediately.
It uses TCP port 990 for control, and the data ports are negotiated afterwards.
Considered outdated but still used in some legacy systems.
Explicit FTPS (a.k.a. FTPES)
The connection starts as plain FTP (usually on port 21).
Client explicitly requests encryption with AUTH TLS.
More modern, firewall-friendly, and RFC-compliant.
Security
Security
Encryption — Uses TLS 1.2/1.3 (or SSL if you’re dealing with something ancient).
Authentication — The server can present an X.509 certificate, and the client may also present its own certificates.
Integrity — Protects against tampering in transit.
Optional client certs — Good for higher security, not just username/password.
Pros vs. Cons
Pros vs. Cons
FTPS Pros:
Works well with existing FTP servers (just add TLS).
Can use public CA-signed certificates for easier trust.
FTPS Cons:
Messy with firewalls due to multiple ports.
More complex to configure than single-port SFTP.
The architecture of FTP continues to evolve.
SFTP (SSH File Transfer Protocol) is not FTP at all — it runs over SSH on port 22, with a single channel, simpler firewall rules, but different tooling.
TFTP (Trivial File Transfer Protocol)
TFTP (Trivial File Transfer Protocol)
Port(s): UDP 69
Transport Layer: UDP
Key Features:
• - Very lightweight and fast
• - No authentication or encryption
• - Limited file operations
Common Use Cases:
• - PXE booting
• - Firmware updates
• - Embedded systems
Telnet
Telnet
Port(s): TCP 23
Transport Layer: TCP
Key Features:
• - Text-based remote access
• - No encryption
• - Basic authentication
Common Use Cases:
• - Legacy remote administration
• - Network service testing
DHCP (Dynamic Host Configuration Protocol)
DHCP (Dynamic Host Configuration Protocol)
Port(s): UDP 67 (server), UDP 68 (client)
Transport Layer: UDP
Key Features:
• - Automatic IP address assignment
• - Lease-based system
• - Supports DNS, gateway, subnet mask configuration
Common Use Cases:
• - Home and enterprise networks
• - Virtual machines and containers
HTTP (HyperText Transfer Protocol)
HTTP (HyperText Transfer Protocol)
Port(s): TCP 80
Transport Layer: TCP
Key Features:
• - Stateless request-response protocol
• - Text-based and easy to debug
• - Supports multiple methods (GET, POST, etc.)
Common Use Cases:
• - Web browsing
• - Web APIs
SNMP (Simple Network Management Protocol)
SNMP (Simple Network Management Protocol)
Port(s): UDP 161 (queries), UDP 162 (traps)
Transport Layer: UDP
Key Features:
• - Monitoring and managing network devices
• - Uses MIB and OIDs
• - Supports traps and informs
Common Use Cases:
• - Network performance monitoring
• - Alerting and automation
MSB (Media Stream Broadcast)
MSB (Media Stream Broadcast)
Port(s): UDP (multicast)
Transport Layer: UDP
Key Features:
• - Multicast distribution of ASF packets
• - Uses .nsc files for stream configuration
• - Supports Forward Error Correction
Common Use Cases:
• - Enterprise media streaming
• - Live event broadcasting
SMB (Server Message Block)
SMB (Server Message Block)
Port(s): TCP 445, UDP 137, UDP 138, TCP 139
Transport Layer: TCP/UDP
Key Features:
• - File and printer sharing
• - Authentication and access control
• - Supports encrypted communication
Common Use Cases:
• - Windows file sharing
• - Network-attached storage
POP (Post Office Protocol)
POP (Post Office Protocol)
Port(s): TCP 110 (unencrypted), TCP 995 (SSL)
Transport Layer: TCP
Key Features:
• - Downloads emails to local device
• - No synchronization across devices
• - Simple and offline access
Common Use Cases:
• - Personal email clients
• - Offline email access
IMAP (Internet Message Access Protocol)
IMAP (Internet Message Access Protocol)
Port(s): TCP 143 (unencrypted), TCP 993 (SSL)
Transport Layer: TCP
Key Features:
• - Server-side email management
• - Supports folders and synchronization
• - Access from multiple devices
Common Use Cases:
• - Cloud-based email
• - Enterprise email systems
LDAP (Lightweight Directory Access Protocol)
LDAP (Lightweight Directory Access Protocol)
Port(s): TCP 389
Transport Layer: TCP
Key Features:
• - Access and manage directory services
• - Hierarchical data structure
• - Optimized for read-heavy operations
Common Use Cases:
• - User authentication
• - Centralized user management
LDAPS (LDAP over SSL)
LDAPS (LDAP over SSL)
Port(s): TCP 636
Transport Layer: TCP with SSL/TLS
Key Features:
• - Encrypted LDAP communication
• - Secure authentication and queries
Common Use Cases:
• - Secure directory access
• - Enterprise identity management
H.323
H.323
Port(s): TCP 1720
Transport Layer: TCP
Key Features:
• - Real-time voice and video communication
• - Supports call signaling and media transport
• - Includes terminals, gateways, gatekeepers
Common Use Cases:
• - Enterprise video conferencing
• - VoIP telephony
ICMP (Internet Control Message Protocol)
ICMP (Internet Control Message Protocol)
Port(s): No ports (IP protocol number 1)
Transport Layer: IP
Key Features:
• - Error reporting and diagnostics
• - Used by ping and traceroute
• - Stateless and lightweight
Common Use Cases:
• - Network diagnostics
• - Path discovery
UDP (User Datagram Protocol)
UDP (User Datagram Protocol)
Port(s): Varies by service
Transport Layer: UDP
Key Features:
• - Connectionless and fast
• - No reliability or ordering
• - Low overhead
Common Use Cases:
• - Streaming media
• - Online gaming
• - DNS, DHCP, SNMP
TCP (Transmission Control Protocol)
TCP (Transmission Control Protocol)
Port(s): Varies by service
Transport Layer: TCP
Key Features:
• - Connection-oriented
• - Reliable and ordered delivery
• - Supports flow and congestion control
Common Use Cases:
• - Web browsing
• - File transfers
Page updated
Google Sites
Report abuse