Port 21 - FTP Control (TCP)
Severity: Medium | Category: DataTransfer
T1110 - Brute Force [Credential Access] Cleartext credentials; brute-force and credential stuffing common
T1083 - File and Directory Discovery [Discovery] Directory traversal to access unauthorized FTP directories
T1105 - Ingress Tool Transfer [Command and Control] Web shell/malware upload to writable FTP directories
Anonymous Auth Misconfigured servers allow anonymous login
FTP Bounce PORT command abused to scan internal networks through FTP