Network Protocols

Question 1

FTP

Answer 1

Port 21, TCP

used to transfer files from host to host. Not secure. See also TFTP and SFTP

Question 2

SSH

Answer 2

Port 22, TCP/UDP
Secure Shell
used to remotely administer network devices and systems. See also SCP (secure copy) and SFTP (secure FTP)

Question 3

SCP

Answer 3

Port 22, TCP/UDP
Secure Copy
See also SSH and SFTP

Question 4

SFTP

Answer 4

Port 22, TCP/UDP
Secure File Transfer Protocol
See also SSH, SCP, and FTP

Question 5

Telnet

Answer 5

Port 23, TCP/UDP

Telnet is unencrypted. Used to be used for remote administration. Should be DISABLED EVERYWHERE as it is not secure.

Question 6

SMTP

Answer 6

Port 25 TCP
Simple Mail Transfer Protocol
common email service. See also IMAP and POP3

Question 7

DNS

Answer 7

Port 53, TCP/UDP
Domain Name Service
used to resolve hostnames to IPs, IPs to hostnames

Question 8

TFTP

Answer 8

Port 69, UDP
Trivial FTP.
Simplified FTP. Not secure.

Question 9

HTTP

Answer 9

Port 80, TCP
Hyper Text Transfer Protocol
web browser, not secure

Question 10

Kerberos

Answer 10

Port 88, TCP/UDP
Kerberos
Used for network authentication using a system of tickets within a Windows domain

Question 11

POP3

Answer 11

Port 110, TCP
Post Office Protocol v3
common email. Not secure on port 110. Port 995 has secure POP3 using SSL/TLS encrypted connection

Question 12

NNTP

Answer 12

Port 119, TCP
Network News Transfer Protocol
used for Usenet articles

Question 13

RPC

Answer 13

Port 135 TCP/UDP
Remote Procedure Call
used to locate DCOM ports and request a service from a program on another computer on the network

Question 14

NetBIOS

Answer 14

Ports 137-139, TCP/UDP

NetBIOS is used to conduct name querying, sending of data, and other functions

Question 15

IMAP

Answer 15

Port 143, TCP
Internet Message Access Protocol
common email client with more features than POP3

Question 16

SNMP

Answer 16

Port 161, UDP
Simple Network Management Protocol
remotely admin network devices

First version to support encryption is SNMPv3

Question 17

SNMPTRAP

Answer 17

Port 162, TCP/UDP

Used to send Trap and InformRequests to the SNMP manager on a network. SNMP part is Simple Network Management Protocol

Question 18

LDAP

Answer 18

Port 389 TCP/UDP
Lightweight Directory Access Protocol
used to maintain directories of users and others. Often connected to a RADIUS. MS Active Directory is a type of LDAP

Question 19

HTTPS

Answer 19

Port 443 TCP
Hyper Text Transfer Protocol Secure
for secure web browsing. Uses SSL/TLS encrypted connection

Question 20

SMB

Answer 20

Port 445 TCP
Server Message Block
provides shared access to files and other resources on a network

Question 21

SMTP with SSL/TLS

Answer 21

Ports 465, 587 TCP
Simple Mail Transfer Protcol (secure)
email. Uses SSL or TLS secured connection

Question 22

Syslog

Answer 22

Port 514 UDP
Syslog
used for system logging, particular routers and firewalls
This is the plaintext version. The encrypted version is on port 6514 using TCP, and is called syslog-ng or rsyslog or syslog TLS.

Question 23

LDAP SSL/TLS

Answer 23

Port 636 TCP/UDP
Lightweight Directory Access Protocol
used to maintain directories of users and other objects, over encrypted SSL/TLS connection

Question 24

iSCSI

Answer 24

Port 860 TCP
Internet Small Computer Systems Interface
used for linking data storage facilities over IP

Question 25

FTPS

Answer 25

Port 989, 990
File Transfer Protocol Secure
transfers files from host to host over encrypted connection. See also FTP, SCP.

Question 26

IMAP4

Answer 26

Port 993 TCP
Internet Message Access Protocol
used to receive email over an SSL/TLS encrypted connection

Question 27

POP3 (SSL/TLS)

Answer 27

Port 995
Post Office Protocol v3
used to receive email over an SSL/TLS-encrypted connection

Question 28

MSSQLS

Answer 28

Port 1433 TCP
Ms-sql-s, Microsoft SQL Server
database engine

Question 29

RADIUS

Answer 29

Port 1645, 1646, 1812, 1813 UDP
Remote Authentication Dial-In Service
used for authentication and authorization on port 1812 or 1645 and accounting on port 1813 or 1646

Note that it uses UDP, not TCP

Question 30

L2TP

Answer 30

Port 1701 UDP
Layer 2 Tunnel Protocol
used as an underlying VPN protocol but has no inherent security

Question 31

PPTP

Answer 31

Port 1723 TCP/UDP
Point-to-Point Tunneling Protocol
is an underlying VPN protocol with built-in security

Question 32

FCIP

Answer 32

Port 3225 TCP/UDP
Fibre Channel IP
used to encapsulate Fibre Channel frames within TCP/IP packets

Question 33

iSCSI Target

Answer 33

Port 3260 TCP
Internet Small Computer Systems Interface Target
listening port for iSCSI- targeted devices when linking data storage facilities over IP

Question 34

RDP

Answer 34

Port 3389 TCP/UDP
Remote Desktop Protocol
what we use to get to our dev VMs ;)

Question 35

Diameter

Answer 35

Port 3868 TCP

Diameter is a more advanced version of RADIUS, for authentication (AAA protocol)

Question 36

Syslog over TLS

Answer 36

Port 6514 TCP

Secure system logging. Uses TLS encrypted connection. Also called syslog-ng or rsyslog. See Syslog