Port numbers Flashcards
FTP
tcp/20, tcp/21
SSH
tcp/22
Telnet
tcp/23
SMTP
tcp/25
DNS
udp/53, tcp/53
DHCP
udp/67, udp/68
HTTP
tcp/80
HTTPS
tcp/443
POP3
tcp/110
IMAP4
tcp/143
NetBIOS (name service)
udp/137
NetBIOS (session service)
tcp/139
SMB
tcp/445
SNMP Query
udp/161
SNMP Trap
udp/162
LDAP
tcp/389
RDP
tcp/3389
What is FTP?
File Transfer Protocol
tcp/20 (active mode data) / tcp/21 (control)
- Transfers files between systems.
- Authenticates with a username and password (though some systems can use a generic/anonymous login)
- Full-featured functionality - list, add, delete, etc.
What is SSH?
Secure Shell
tcp/22 (encrypted communication link)
- Looks and acts the same as Telnet
What’s Telnet?
Telecommunication Network
tcp/23
- Login to devices remotely / gain console access
- In-the-clear communication (not the best choice for production systems)
What is SMTP?
Simple Mail Transfer Protocol
tcp/25 (server-to-server email transfer)
- Also used to send mail from a device to a mail server
- Commonly configured on mobile devices and email clients
- Other protocols are used for clients to receive email (IMAP / POP3)
What is DNS?
Domain Name System
udp/53
- Converts names to IP addresses
- These are super critical resources (usually multiple DNS servers are in production)
What is DHCP?
Dynamic Host Configuration Protocol
udp/67, udp/68
- Automates configuration of an IP address, subnet mask, and other options (requires a DHCP server, can be integrated in to a server / appliance / SOHO router)
- Reserves by assigning IP address to the MAC address in the DHCP server. Makes it easy to manage addresses from one location
What’s a dynamic IP address?
IP addresses are assigned in real-time from a pool using DHCP configuration. Each system is given a lease and must renew at set intervals.
What’s HTTP and HTTPS?
Hypertext Transfer Protocol
tcp/80 and tcp/443 (secure)
- Provides communication within the browser / other apps
- In-the-clear or encrypted
- Supported by nearly all web servers and clients
What is POP3?
Post Office Protocol version 3
tcp/110
- Receive (authenticate and transfer) emails from an email server
- Basic mail transfer functionality
What is IMAP4?
Internet Message Access Protocol version 4
tcp/143
- Receive (authenticate and transfer) emails from an email server
- Includes email inbox management from multiple clients
What is SMB?
Server Message Block
tcp/445
- Protocol used by Windows for file sharing, printer sharing
- Also called the CIFS (Common Internet File System)
What is NetBIOS?
Network Basic Input/Output System
udp/137 (nbname) - Register, remove, and find Windows services by name
tcp/139 (nbsession) - Windows connection-oriented data transfer
What is SNMP?
Simple Network Management Protocol
udp/161 (queries), udp/162 (traps)
- Gathers statistics from network devices
- v1 was the original with structured tables, in-the-clear
- v2 was a good step ahead, adding data type enhancements, bulk transfers, still in-the-clear
- v3 became a secure standard, adding message integrity, authentication, encryption
What is LDAP?
Lightweight Directory Access Protocol
tcp/389
Stores and retrieves information in a network directory (commonly used in Microsoft Active Directory)
What is RDP?
Remote Desktop Protocol
tcp/3389
- Allows sharing a desktop from a remote location
- Remote Desktop Services are on many Windows versions
- Clients for Windows, macOS, Linux, Unix, iPhone, Android, and others
