We help IT Professionals succeed at work.

how to check which application uses FTP port 21 on W2008?


I need to check which application uses FTP port 21 on W2008?

When I telnet the application, I saw the result as "Microsoft FTP Service" as a result. But  how can i be sure that any other application is not using port 21 (e.g. Filezilla).

Note that I am unable install anything but can run commands on cmd.

Watch Question

nociSoftware Engineer
Distinguished Expert 2019
ports are free to choose..., but there are conventions...
port 21 = FTP (+port 20 for transfer).
port 22 = SSH
port 23 = TELNET
port 80 = HTTP
etc. etc.

btw, FTP also needs another port to transfer the data with, that port is negotiated through port 21.
There is only a configuration to start HTTP on port 21..., it will confuse the world... (or rather they can't communicate with you) but it can be configured & used.
So using a non-standard services isn't done often.

If a port is used by a process, another process CANNOT use that port as well.
So once the FTP runs, no other processes can use it.

That said on windows netstat -b should show you all ports with processes running on them.
Top Expert 2014
Do the following:

netstat -an | findstr /c:":21"
net stop "Microsoft FTP Service"
netstat -an | findstr /c:":21"
net start "Microsoft FTP Service"
netstat -an | findstr /c:":21"

My guess is that after the net stop you will not see anything listening on port 21.

As noci stated, FTP also uses port 20, but this is only used when an active mode data transfers are done.  Today most ftp data transfers use passive mode.  This is because passive mode is friendlier with firewalls.
Greg HejlPrincipal Consultant
I would caution against using straight FTP - you will get a man-in-the-middle attack.

Setup SFTP per MS's recommendations.

Here's the link for security settings for IIS FTP service:
nociSoftware Engineer
Distinguished Expert 2019
best is to NOT use FTP, unless for anonymous access. as FTP transmits passwords without encryption over the internet. Best is to use scp (part of ssh), that also prevents the necessity for firewall to monitor the port 21 channel to be able to open the right ports.