Ports

Question 1

Port 3389

Answer 1

Protocol: RDP (Remote Desktop Protocol)
Type: TCP
Description: Allows remote access to a Windows computer’s graphical desktop. It enables IT admins and users to control a computer from another location.

Question 2

Port 53

Answer 2

Protocol: DNS (Domain Name System)
Type: TCP/UDP
Description: Resolves domain names into IP addresses. UDP is used for fast queries, while TCP is used for larger responses like DNS zone transfers.

Question 3

Port 514

Answer 3

Protocol: Syslog
Type: UDP
Description: Used for collecting and forwarding system log messages from devices such as routers, firewalls, and servers for centralized monitoring.

Question 4

Port 993

Answer 4

Protocol: IMAPS (IMAP over SSL/TLS)
Type: TCP
Description: A secure version of IMAP that encrypts email retrieval with SSL/TLS, ensuring data privacy.

Question 5

Port 21

Answer 5

Protocol: FTP (File Transfer Protocol)
Type: TCP
Description: Used for transferring files between computers. It does not provide encryption, making it vulnerable to attacks like password sniffing. Secure alternatives include SFTP and FTPS.

Question 6

Port 445

Answer 6

Protocol: SMB (Server Message Block)
Type: TCP
Description: Used for file and printer sharing between Windows machines. It replaces the older NetBIOS protocol. Often a target for ransomware and exploits like WannaCry.

Question 7

Ports 1645, 1646

Answer 7

Protocol:: RADIUS (Remote Authentication) - TCP
Type: TCP
Description: Provides authentication, authorization, and accounting (AAA) for users accessing networks. Often used for Wi-Fi authentication.

Question 8

Ports 1812, 1813

Answer 8

Protocol: RADIUS UDP - UDP
Type: UDP
Description: Provides authentication, authorization, and accounting (AAA) for users accessing networks. Often used for Wi-Fi authentication.

Question 9

Port 1433

Answer 9

Protocol: Microsoft SQL
Type: TCP
Description: Used for connecting to Microsoft SQL Server databases. It allows applications to send database queries and retrieve results.

Question 10

Port 443

Answer 10

Protocol: HTTPS (HTTP Secure)
Type: TCP
Description: Secure version of HTTP that encrypts web traffic using SSL/TLS, protecting sensitive data such as login credentials and credit card details.

Question 11

Port 135

Answer 11

Protocol: RPC (Remote Procedure Call)
Type: TCP/UDP
Description: Enables remote execution of programs on Windows networks, often used by services like Microsoft Exchange and DCOM applications.

In essence, port 135 helps manage remote requests between programs in Windows environments

Example:
Suppose a network management tool wants to check on the status of your Windows computer from another location. The tool sends a message to your computer using port 135. Port 135 then directs the message to the appropriate service on your computer that can provide the status information. Without this “receptionist,” the tool wouldn’t know where to send its request within the computer.

Question 12

Port 80

Answer 12

Protocol: HTTP (Hypertext Transfer Protocol)
Type: TCP
Description: Standard protocol for browsing websites. It transmits data in plaintext, making it susceptible to interception. Secure browsing uses HTTPS (port 443).

Question 13

Port 162

Answer 13

Protocol: SNMPTrap
Type: UDP
Description: Receives alerts from SNMP-enabled devices when specific events occur, such as network failures or high CPU usage.

Question 14

Port 636

Answer 14

Protocol: LDAPS (LDAP Secure)
Type: TCP
Description: A secure version of LDAP that encrypts directory service communications using SSL/TLS.

Question 15

Port 110

Answer 15

Protocol: POP3 (Post Office Protocol)
Type: TCP
Description: Retrieves emails from a mail server to a local device. Once downloaded, emails are typically removed from the server unless configured otherwise.

Question 16

Ports 137, 138, 139

Answer 16

Protocol: NetBIOS
Type: TCP/UDP
Description: Used for legacy Windows file sharing and local network name resolution. SMB (port 445) has mostly replaced NetBIOS for file sharing.

Question 17

Port 22

Answer 17

Protocol: SSH, SCP, SFTP
Type: TCP
Description: Secure Shell (SSH) provides encrypted remote access. Secure Copy Protocol (SCP) and Secure File Transfer Protocol (SFTP) are used for secure file transfers over SSH.

Question 18

Port 69

Answer 18

Protocol: TFTP (Trivial File Transfer Protocol)
Type: UDP
Description: A simplified version of FTP that lacks authentication. It is mainly used for transferring configuration files to network devices like routers and switches.

Question 19

Port 25

Answer 19

Protocol: SMTP (Simple Mail Transfer Protocol)
Type: TCP
Description: Used for sending emails between mail servers. It is often blocked by ISPs to prevent spam. Secure versions use ports 465 or 587.

Question 20

Port 6514

Answer 20

Protocol: Syslog TLS
Type: TCP
Description: A secure version of Syslog that uses TLS encryption to protect log messages from tampering during transmission.

Question 21

Port 88

Answer 21

Protocol: Kerberos
Type: UDP
Description: A network authentication protocol that uses tickets for secure logins. It is widely used in Active Directory environments for single sign-on (SSO).

Question 22

Port 161

Answer 22

Protocol: SNMP (Simple Network Management Protocol)
Type: UDP
Description: Used to monitor and manage network devices like routers, switches, and servers. It collects device performance and status information.

Question 23

Port 143

Answer 23

Protocol: IMAP (Internet Message Access Protocol)
Type: TCP
Description: Allows users to access emails stored on a mail server while keeping them synchronized across multiple devices. Unlike POP3, emails remain on the server.

Question 24

Port 995

Answer 24

Protocol: POP3S (POP3 over SSL/TLS)
Type: TCP
Description: A secure version of POP3 that encrypts email retrieval, preventing credentials from being exposed during transmission.

Question 25

Port 23

Answer 25

Protocol: Telnet Type: TCP Description: Allows remote command-line access to devices but is insecure because it sends data, including passwords, in plaintext. SSH is the preferred secure alternative.

Question 26

Port 119

Answer 26

Protocol: NNTP (Network News Transfer Protocol) Type: TCP Description: What is it? Port 119 is used by the Network News Transfer Protocol (NNTP), which is a protocol for managing and distributing news articles (like forum posts or discussion threads) across the internet. What does it do? NNTP allows users to: Read news articles from news servers. Post new articles to newsgroups (like online forums). Download articles to their local devices for offline reading.

Question 27

Port 389

Answer 27

Protocol: LDAP (Lightweight Directory Access Protocol) Type: TCP Description: Used for managing and accessing directory services such as Active Directory. It helps in storing user authentication data and organizational hierarchies.

Question 28

Ports 465, 587

Answer 28

Protocol: SMTPS (SMTP Secure) Type: TCP Description: Secure versions of SMTP used for sending encrypted emails with SSL/TLS protection.

Question 29

Note about TCP vs TCP over SSL/TLS

Answer 29

TCP vs. TCP over SSL/TLS TCP (Transmission Control Protocol): What it does: TCP is a core protocol that ensures data is reliably transmitted between devices over a network. Security: TCP itself does not provide encryption or security. It only ensures that data is delivered correctly and in order. TCP over SSL/TLS (Secure Sockets Layer / Transport Layer Security): What it does: SSL/TLS adds a layer of encryption on top of TCP. Security: TCP over SSL/TLS ensures that the data being transmitted is encrypted, making it secure from eavesdropping or tampering. Is the TCP Version Not Secure? Yes, TCP alone is not secure. If a protocol has a version that uses TCP alone, it means the data is transmitted in plaintext. This makes it vulnerable to: Eavesdropping: Attackers can read the data. Tampering: Attackers can modify the data. Spoofing: Attackers can impersonate the sender or receiver. TCP over SSL/TLS is secure. SSL/TLS encrypts the data, making it unreadable to anyone who intercepts it. This ensures: Confidentiality: Data is private. Integrity: Data cannot be tampered with. Authentication: The identity of the sender/receiver is verified. Example: HTTP vs. HTTPS HTTP (TCP): Uses plain TCP. Data (like passwords or credit card numbers) is sent in plaintext. Not secure. HTTPS (TCP over SSL/TLS): Uses TCP with SSL/TLS encryption. Data is encrypted, making it secure.