2.1 - Common Network Ports

Question 1

In addition to the server and the client, what other devices might need to know well known port numbers?

Answer 1

Firewalls. They often make the decision on what traffic to allow and disallow based on the port number.

Question 2

What port(s) are used by FTP?

Answer 2

TCP/20 for data transfer, and TCP/21 for controlling the data transfer.

Question 3

What is FTP used for?

Answer 3

Used for transferring data between devices, usually requiring some sort of authentication to the remote device. It can also have additional functionality to list, add, and delete files.

Question 4

What is SSH used for?

Answer 4

Connecting to a remote device through a terminal or command-line front end. The data sent over the network is encrypted, hence “secure”.

Question 5

What port(s) does SSH use?

Answer 5

TCP/22.

Question 6

What is Telnet?

Answer 6

Telecommunication network. Similar to SSH, provides a text-based way to access a remote device.

Question 7

Why might one prefer SSH over Telnet?

Answer 7

Unlike Telnet, SSH sends its data encrypted. Telnet sends “in the clear”.

Question 8

What port(s) does Telnet use?

Answer 8

TCP/23.

Question 9

What is SMTP and what is it used for?

Answer 9

Simple Mail Transfer Protocol. Used for server to server email transfer, and for mail clients to send emails to servers. Note: NOT used to receive email.

Question 10

What port(s) does SMTP use?

Answer 10

TCP/25.

Question 11

What does DNS do?

Answer 11

It converts the fully qualified domain name (i.e., professormesser.com) to an IP address (162.159.246.164).

Question 12

What port(s) does DNS use?

Answer 12

UDP/53.

Question 13

What is DHCP and what is used for? Whence come the servers?

Answer 13

Dynamic Host Configuration Protocol. Used to automatically assign a device an IP address when it is connected to the network. DHCP servers are usually built into routers and access points that we use these days.

Question 14

What port(s) does DHCP use?

Answer 14

UDP/67 and UDP/68.

Question 15

What does it mean for IP addresses on a DHCP server to be “dynamic”, “pooled”, and “leased”?

Answer 15

“Dynamic” refers to the fact that they are assigned in real time. “Pooled” means that there is a pool on the server from which IP addresses are assigned. “Leased” means that each device is given a lease that it must renew at set intervals. If it does not, those IP addresses go back to the pool.

Question 16

What is DHCP reservation?

Answer 16

A specific IP address is reserved for a specific device on the server.

Question 17

What are HTTP and HTTPS, and what are they used for?

Answer 17

Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure. Used mostly for communication in the browser.

Question 18

What is the main difference between HTTP and HTTPS?

Answer 18

Communication over HTTPS is “secure”, which is to say encrypted.

Question 19

What port(s) does HTTP use?

Answer 19

TCP/80.

Question 20

What port(s) does HTTPS use?

Answer 20

TCP/443.

Question 21

What does POP3 stand for?

Answer 21

Post office protocol 3.

Question 22

What port(s) does POP3 use?

Answer 22

TCP/110.

Question 23

What does IMAP4 stand for?

Answer 23

Internet Message Access Protocol v4

Question 24

What is the advantage of IMAP4 vs POP3?

Answer 24

IMAP4 is better suited for when multiple clients need to access the same inbox.

Question 25

What port(s) does IMAP4 use?

Answer 25

TCP/143.

Question 26

What is SMB, what is it used for, and how else is it known?

Answer 26

Server Message Block - a protocol used by older Microsoft Windows machines for file transfer and printer sharing. AKA CIFS - Common Internet File System.

Question 27

What is NetBIOS over TCP/IP?

Answer 27

Network Basic Input/Output System. Allows for applications on different machines to communicate over a LAN (Local Area Network).

Question 28

What is nbname and what does it do?

Answer 28

NetBIOS name services, allows you to find devices by their name.

Question 29

What port does nbname use?

Answer 29

UDP/137

Question 30

What is nbsession and what does it do?

Answer 30

NetBIOS session service, allows you to setup a session and transfer data between devices

Question 31

What port does nbsession use?

Answer 31

TCP/139

Question 32

What is the alternative to NetBIOS in modern Windows machines?

Answer 32

Creating a direct SMB communication over TCP.

Question 33

What does SNMP stand for, and what is it used for?

Answer 33

Simple Network Management Protocol - allows for network management devices to gather statistics from network devices.

Question 34

What port does SNMP use for queries?

Answer 34

UDP/161

Question 35

What port does SNMP use for traps?

Answer 35

UDP/162

Question 36

What is a trap in the context on SNMP?

Answer 36

An alert that is sent by the network device.

Question 37

What is LDAP and what does it do?

Answer 37

Lightweight Directory Access Protocol, used to query directories.

Question 38

What port(s) does LDAP use?

Answer 38

TCP/389

Question 39

What is one of the most common implementations of LDAP?

Answer 39

Microsoft Active Directory.

Question 40

What does RDP stand for, and what is it used for?

Answer 40

Remote Desktop Protocol. Used to share a desktop from a remote location.

Question 41

What port does RDP use?

Answer 41

TCP/3389.

Question 41

On what server and client devices are RDP used?

Answer 41

RDP servers are almost exclusively on Windows computers, but clients exist for all OS’s.

Question 42

What port(s) does SMB use?

Answer 42

TCP/445