Must my FTP server's port be 21?

  • Thread starter phoenixthoth
  • Start date
In summary: You should change the port to something different. I would recommend using a different port number between 1 and 65536. I think not using a port number at all is the best way to go, but that's just my opinion. Change the port to something else. I would recommend using a different port number between 1 and 65536. I think not using a port number at all is the best way to go, but that's just my opinion.
  • #1
phoenixthoth
1,605
2
I discontinued using an FTP server because of attempts to hack into it.

After several months, maybe over a year, I have decided to try again. Is it possible to set it up to listen on some port besides 21? Are there any ports that should not or can not be used for an FTP server? What are valid port numbers (I assume something between 1 and 65536)?

I don't think that in itself will stop the hack attempts but it might make some difference in that regard.

I was using Cerebus' FTP server and the log periodically showed a log-in attempt from someone I did not specifically inform of my server. I had programmed Cerebus to immediately block the ip address after 1 unsuccessful login attempt. Not only that, but I set it to ban the whole range Z.Z.*.* if 1 unsuccesful attempt came from Z.Z.A.B (I guess thus banning about 65536 ip addresses). For a long time, there were no "repeat offenders" from the same ip address.

This auto-banning feature seemed to work as I periodically got a second attempt from the same ip address but my log would say something like "ignoring log-in attempt from banned ip address." After that, no log-in attempts were made from the same ip address (though I realize it's not hard to scramble one's ip address at will).

Then one day, my computer was running really slowly. I checked my task manager and Cerebus was using 100% of the CPU. I checked the log and it showed that someone had attempted to log in over 1000 times using the user name "administrator," and was still trying. I shut down Cerebus and maybe my whole computer. Then I took Cerebus offline permanently.

Now I'm trying filezilla server. It doesn't seem to have all the options Cerebus had. I don't know, maybe I should try a newer version of Cerebus... I've apparently uninstalled it, so I don't know what version I was using.
 
Computer science news on Phys.org
  • #2
sure your best way to really thwart most port attacks is to just change the ports to somethign really random
are you using an active or passive ftp server?
i have never run filezilla as a server
i rum proftp on an ubuntu box and once i got it set up i haven't honestly had many problems
are you allowing anonymous logins?
or only to people that you exclusively set up accounts for?
--shawn
 
  • #3
Shawnzyoo said:
sure your best way to really thwart most port attacks is to just change the ports to somethign really random
are you using an active or passive ftp server?
i have never run filezilla as a server
i rum proftp on an ubuntu box and once i got it set up i haven't honestly had many problems
are you allowing anonymous logins?
or only to people that you exclusively set up accounts for?
--shawn
Thanks for your reply.

Do I have to be at all careful about what port I choose? Can I use 80, for example? What if that port is for something else?

I didn't know Filezilla had anything other than an FTP client until today. They also have an FTP server.

Anonymous logins are not allowed. When someone tries to log in anonymously, the response they get is something to the effect: "anonymous log-ins not allowed." They get that response before a password is asked for.

When my former sever from a year ago was set up, it was the same with anonymous log-ins. I had maybe five accounts set up with some permissions. Any user name besides those five should have had the response "invalid username," in my opinion, but when someone tried the username administrator, it actually asked for a password. administrator was not the username of any of the accounts I had set up.

Just for drill, I'm going to try to tap into my current server with certain usernames, like administrator, nobody, owner, etc., and see how the server responds.

On my current server, there are two user accounts set up. In general, I'll see what happens when someone tries a username besides one of those two.

I don't know how to determine if my server is passive or active. What is the difference? How do I determine if it's active or passive? Let me see...
Ok, there are some settings called "passive mode settings." Here's what it says:

External Server IP Address for passive mode transfers:
Default [this is currently selected]
Use the following IP: [grayed out entry form]
You can also enter hostnames:
Retreive external IP address from: [grayed out: http://filezilla.sourceforge.net/mis...]

Information for users with dynamic IPs: If your external IP changes, it might take up to 5 minutes after the next failed transfer until Filezilla Server recognizes the changed IP.
In most cases, the IP is updated within 30s after a failed transfer.

Don't use external IP for local connections [checked]
Use custom port range: [unchecked]
[grayed out--0] - [grayed out--0] (1-65535)

The following information is also in a box on the side of that menu:
Use custom PASV settings if you are operating the server from behind a NAT router or a firewall. In that case, the IP address of the server is not accessible from outside of the router, so you should fill in the correct address here. Use the port range to limit the number of ports that will need to be forwarded through the router.

I currently am on a wireless network behind a router (but I wasn't a year ago when they tried to hack in).
 
Last edited by a moderator:
  • #4
Ok, so the server seems to be responding the same way for any username I try. After entering a username, whether it be one on my list or not, it asks for a password. Then, unless I enter the right password for one of the two accounts I set up, it says something to the effect of "username or password incorrect."

When I try "anonymous" and "nobody" it behaves the same way. It does not say "anonymous connections are not allowed."
 
  • #5
This doesn't answer your question, but you really should be using sftp instead of ftp. Oh and its not like changing your port to some random number will help. He/she could easily port scan your router and see what's open.
 
Last edited:
  • #6
Tony11235 said:
This doesn't answer your question, but you really should be using sftp instead of ftp. Oh and its not like changing your port to some random number will help. He/she could easily port scan your router and see what's open.
How do I do that?
 
  • #7
phoenixthoth said:
How do I do that?

Do you already have an ssh server setup?
 
  • #8
Tony11235 said:
Do you already have an ssh server setup?
No.


...
 
  • #9
Install openssh on your machine. ssh uses port 22. What operating system do you use?
 
  • #10
A better alternative to FTP is WebDAV. If you have IIS then WebDAV is a safer option than FTP because it allows you to use Windows Authentication (for users with Windows or IE).
Within IIS it's very easy to change the FTP port, but FTP is really not a safe option. SFTP would be better.
 
  • #11
but you really should be using sftp instead of ftp

Yeh use ssh ftp, it has a stronger authentication method, thus is relevant to this perceived problem you have.

Beware tho.. If you set it up in a way that ssh is enabled per file xfer not session, your friends will have to authenticate numerous times..
 

1. Why is port 21 the default for FTP servers?

The File Transfer Protocol (FTP) was one of the first internet protocols developed, and port 21 was designated as the default port for FTP communication. This was done for consistency and to ensure that FTP servers and clients could easily communicate with each other.

2. Can I change my FTP server's port from 21 to a different number?

Yes, you can change your FTP server's port from 21 to a different number. However, keep in mind that if you do this, you will also need to update the settings on your FTP client to use the new port number.

3. Are there any benefits to using a non-standard port for my FTP server?

There are a few potential benefits to using a non-standard port for your FTP server. One is increased security, as it may be more difficult for hackers to detect and access your server. Another is that it can free up port 21 for other services if you are running multiple servers on the same machine.

4. Will changing my FTP server's port affect my website's functionality?

Changing your FTP server's port should not affect your website's functionality, as FTP and HTTP (the protocol used for websites) are two separate protocols. However, if your website is hosted on the same server as your FTP server, you may need to update your firewall settings to allow traffic on the new port.

5. What is the best practice for choosing a port number for my FTP server?

The best practice for choosing a port number for your FTP server is to use a number above 1024. This is because ports below 1024 are typically reserved for system services and may cause conflicts if used for other purposes. Additionally, it is recommended to avoid using well-known ports (e.g. 80, 443, 8080) for security reasons.

Similar threads

Connecting extra IPs on a server
    • Computing and Technology
Replies
4
Views
1K
Troubleshooting a FTP Server Connection on Windows 10 - Hi Stevie!
    • Computing and Technology
Replies
4
Views
3K
Python Socket library to create a server and client scripts
    • Programming and Computer Science
Replies
7
Views
438
IP Address Assignment: How are IP Addresses Assigned?
    • Computing and Technology
Replies
10
Views
2K
(How to) Sending Packets Between Different VLANs
    • Computing and Technology
Replies
4
Views
1K
MHB Redundant network design and how it affects subnetting?
    • Programming and Computer Science
Replies
1
Views
764
Website denies responsibility for 403 forbidden error
    • Computing and Technology
Replies
22
Views
5K
Comp Sci How do I free up tcp port 80 in windows 10?
    • Engineering and Comp Sci Homework Help
Replies
10
Views
1K
DHTML strings (Out of Curiosity)
    • Computing and Technology
Replies
15
Views
5K
Installing SQL Server Dev Config Manager (Snap in)
    • Computing and Technology
Replies
1
Views
1K

Hot Threads

Recent Insights

Back
Top