Port 21 (FTP)

TCP

File Transfer Protocol — FTP listens on port 21 by default.

What is Port 21?

Port 21 is the default control port for FTP (File Transfer Protocol), one of the oldest internet protocols still in active use. Defined in RFC 959, FTP on port 21 handles command and control communication between FTP clients and servers.

When you connect to an FTP server, port 21 manages the session — authentication, directory navigation, and transfer commands all flow through this control channel. Actual file data is transferred over a separate connection (port 20 in active mode or a negotiated port in passive mode).

While FTP remains widely used for website management, software distribution, and automated file transfers, its lack of built-in encryption makes it unsuitable for sensitive data. Modern alternatives include SFTP (SSH File Transfer Protocol) on port 22 and FTPS which adds TLS to standard FTP.

Port 21 Security

FTP on port 21 should be secured with appropriate access controls and monitoring. Ensure the service is only accessible from trusted networks by configuring firewall rules to restrict access. If the protocol supports encryption, enable TLS/SSL to protect data in transit.

Regularly update FTP to the latest version to patch known vulnerabilities. Monitor port 21 for unauthorized access attempts and implement rate limiting where possible. Follow the principle of least privilege when configuring access permissions.

How to Check Port 21

To check if port 21 is open on a remote host, use nmap: 'nmap -p 21 hostname'. For a quick TCP connection test, use: 'telnet hostname 21' or 'nc -zv hostname 21'. On Windows PowerShell, use: 'Test-NetConnection -ComputerName hostname -Port 21'.

To check if port 21 is listening on your local machine, use: 'netstat -tlnp | grep 21' on Linux, or 'ss -tlnp | grep 21'. On Windows, use: 'netstat -an | findstr 21'. For a comprehensive scan, use: 'nmap -sV -p 21 hostname' to detect the service version running on the port.

Related Ports

Port 20 (FTP-DATA) Port 22 (SSH) Port 69 (TFTP) Port 443 (HTTPS) Port 990

Frequently Asked Questions

What is port 21 used for?

Port 21 is the default port for File Transfer Protocol (FTP). It is used for ftp communication using the TCP protocol.

Is port 21 TCP or UDP?

Port 21 uses TCP. TCP is used because ftp requires reliable, ordered data delivery.

Should port 21 be open?

Port 21 should only be open if you are actively running FTP. Close unused ports to reduce your attack surface. If needed, restrict access to trusted IP addresses using firewall rules.

How do I check if port 21 is open?

Use 'nmap -p 21 hostname' to scan remotely, or 'netstat -tlnp | grep 21' to check locally on Linux. On Windows, use 'Test-NetConnection -Port 21 hostname' in PowerShell.

How do I secure port 21?

Secure port 21 by restricting access with firewall rules, using encryption (TLS/SSL) where supported, keeping FTP updated, using strong authentication, and monitoring for unauthorized access attempts.

🔍 Check Your IP Address

While you're here, find out your public IP address, location, and ISP details instantly.

Check My IP →

Related Tools

Port Reference
Complete network port database
Port Scanner
Scan ports on any host
SSL Check
Verify SSL certificate status
HTTP Headers
View HTTP response headers
Traceroute
Trace network route to host
Speed Test
Test your internet speed