← Back to all network ports
TCP
Vulnerable

21 FTP Control

Port 21 handles FTP authentication and command negotiation for file servers and legacy transfer workflows.

Security Context

Port 21 is high-risk when broadly exposed. Treat it as an attack-surface decision, not just a connectivity setting, and confirm whether the listener truly needs to be reachable.

  • !Plaintext FTP exposes credentials and data in transit.
  • !Brute-force attacks often target exposed FTP logins.

Nmap Check

Use a version probe first so you confirm whether the expected service is really what is listening on this port.

nmap -sV -p 21 <host>

Firewall Commands

UFW
sudo ufw allow 21/tcp
iptables
sudo iptables -A INPUT -p tcp --dport 21 -j ACCEPT

Related TCP Ports

20
FTP Data
22
SSH / SFTP
23
Telnet
25
SMTP
80
HTTP
110
POP3