Ports

Question 1

FTP

Answer 1

20/21

File Transfer Protocol
• tcp/20 (active mode data), tcp/21 (control)
• Transfers files between systems
• Authenticates with a username and password
• Some systems use a generic/anonymous login
• Full-featured functionality
• List, add, delete, etc.

Question 2

SSH

Answer 2

22

Secure Shell
• Encrypted communication link - tcp/22
• Looks and acts the same as Telnet

Question 3

Telnet

Answer 3

23

• Telnet – Telecommunication Network - tcp/23
• Login to devices remotely
• Console access
• In-the-clear communication
• Not the best choice for production systems

Question 4

SMTP

Answer 4

25

Simple Mail Transfer Protocol
• Server to server email transfer - tcp/25
• Also used to send mail from a device to a mail server
• Commonly configured on mobile devices
and email clients
• Other protocols are used for clients to receive email
• IMAP, POP3

Question 5

DNS

Answer 5

53

Domain Name System
• Converts names to IP addresses - udp/53
• www.professormesser.com = 162.159.246.164
• These are very critical resources
• Usually multiple DNS servers are in production

Question 6

HTTP

Answer 6

80

Hypertext Transfer Protocol - tcp/80
• Communication in the browser
• And by other applications

Question 7

HTTPS

Answer 7

443

Hypertext Transfer Protocol Secure
• Encrypted - HTTPS - tcp/443
• Supported by nearly all web servers and clients

Question 8

POP3

Answer 8

110

• POP3 - Post office Protocol version 3 - tcp/110
• Basic mail transfer functionality
• Receive emails from an email server
• Authenticate and transfer

Question 9

IMAP4

Answer 9

143

Internet Message Access Protocol v4 - tcp/143
• Includes management of email inbox from multiple clients

Question 10

RDP

Answer 10

3389

Remote Desktop Protocol
• Share a desktop from a remote location over tcp/3389
• Remote Desktop Services on many Windows versions
• Can connect to an entire desktop or just an application
• Clients for Windows, macOS, Linux, Unix,
iPhone, Android, and others

Question 11

NETBIOS

Answer 11

137, 138, 139

Server Message Block
• Protocol used by Microsoft Windows
• File sharing, printer sharing
• Also called CIFS (Common Internet File System)
• Using NetBIOS over TCP/IP
• udp/137 - NetBIOS name services (nbname)
• udp/138 - NetBIOS datagram service (nbdatagram)
• tcp/139 - NetBIOS session service (nbsession)

Question 12

AFP

Answer 12

548

Apple Filing Protocol
• File services in macOS
• tcp/548
• Works with SLP (Service Location Protocol)
• tcp/427 and udp/427
• Populates the list of available devices
• File management
• Copy, move, delete files

Question 13

DHCP

Answer 13

67, 68

Dynamic Host Configuration Protocol
• Automated configuration of IP address, subnet mask
and other options
• udp/67, udp/68
• Requires a DHCP server
• Server, appliance, integrated into a SOHO router, etc.
• Dynamic / pooled
• IP addresses are assigned in real-time from a pool
• Each system is given a lease and must renew
at set intervals
• DHCP reservation
• Addresses are assigned by MAC address
in the DHCP server
• Quickly manage addresses from one location

Question 14

LDAP

Answer 14

389

Lightweight Directory Access Protocol
• tcp/389
• Store and retrieve information in a network directory
• Commonly used in Microsoft Active Directory

Question 15

SNMP

Answer 15

161, 162

Simple Network Management Protocol
• Gather statistics from network devices
• Queries: udp/161
• Traps: udp/162
• v1 – The original
• Structured tables, in-the-clear
• v2 – A good step ahead
• Data type enhancements
• Bulk transfers, still in-the-clear
• v3 – A secure standard
• Message integrity
• Authentication, encryption

Question 16

20/21

Answer 16

FTP

File Transfer Protocol
• tcp/20 (active mode data), tcp/21 (control)
• Transfers files between systems
• Authenticates with a username and password
• Some systems use a generic/anonymous login
• Full-featured functionality
• List, add, delete, etc.

Question 17

22

Answer 17

SSH

Secure Shell
• Encrypted communication link - tcp/22
• Looks and acts the same as Telnet

Question 18

23

Answer 18

Telnet

• Telnet – Telecommunication Network - tcp/23
• Login to devices remotely
• Console access
• In-the-clear communication
• Not the best choice for production systems

Question 19

25

Answer 19

SMTP

Simple Mail Transfer Protocol
• Server to server email transfer - tcp/25
• Also used to send mail from a device to a mail server
• Commonly configured on mobile devices
and email clients
• Other protocols are used for clients to receive email
• IMAP, POP3

Question 20

53

Answer 20

DNS

Domain Name System
• Converts names to IP addresses - udp/53
• www.professormesser.com = 162.159.246.164
• These are very critical resources
• Usually multiple DNS servers are in production

Question 21

80

Answer 21

HTTP

Hypertext Transfer Protocol - tcp/80
• Communication in the browser
• And by other applications

Question 22

110

Answer 22

POP3

• Post office Protocol version 3 - tcp/110
• Basic mail transfer functionality
• Receive emails from an email server
• Authenticate and transfer

Question 23

143

Answer 23

IMAP

Internet Message Access Protocol v4 - tcp/143
• Includes management of email inbox from multiple clients

Question 24

443

Answer 24

HTTPS

Hypertext Transfer Protocol Secure
• Encrypted - HTTPS - tcp/443
• Supported by nearly all web servers and clients

Question 25

3389

Answer 25

RDP Remote Desktop Protocol • Share a desktop from a remote location over tcp/3389 • Remote Desktop Services on many Windows versions • Can connect to an entire desktop or just an application • Clients for Windows, macOS, Linux, Unix, iPhone, Android, and others

Question 26

137–139

Answer 26

NETBIOS * Protocol used by Microsoft Windows * File sharing, printer sharing * Also called CIFS (Common Internet File System) * Using NetBIOS over TCP/IP * udp/137 - NetBIOS name services (nbname) * udp/138 - NetBIOS datagram service (nbdatagram) * tcp/139 - NetBIOS session service (nbsession)

Question 27

445

Answer 27

SMB/CIFS CIFS Common Internet File System (CIFS) is a Microsoft-developed enhancement of the SMB protocol, which was also developed by Microsoft. The intent behind CIFS is that it can be used to share files and printers between computers, regardless of the operating system that they run. It’s been the default file and print sharing protocol on Windows-based computers since Windows 2000. SMB Server Message Block (SMB) is a protocol originally developed by IBM but then enhanced by Microsoft, IBM, Intel, and others. It’s used to provide shared access to files, printers, and other network resources and is primarily implemented by Microsoft systems. In a way, it can function a bit like FTP only with a few more options, such as the ability to connect to printers, and more management commands. It’s also known for its ability to make network resources easily visible through various Windows network apps (such as Network in File Explorer).

Question 28

427

Answer 28

SLP The Service Location Protocol (SLP) is a non-proprietary protocol designed to help locate resources on a network. Without protocols such as SLP (and SMB), users wanting to access networked resources need to enter the hostname or IP address of the machine that provides the resource. SLP makes the resources visible and therefore easy to connect to. SLP was developed by the Internet Engineering Task Force (IETF), so it’s considered an industry standard. The advantage is that it can be used with non-Microsoft operating systems, such as macOS and Linux.

Question 29

548

Answer 29

AFP ``` Apple Filing Protocol • File services in macOS • tcp/548 • Works with SLP (Service Location Protocol) • tcp/427 and udp/427 • Populates the list of available devices • File management • Copy, move, delete files ```

Question 30

67/68

Answer 30

DHCP Dynamic Host Configuration Protocol • Automated configuration of IP address, subnet mask and other options • udp/67, udp/68 • Requires a DHCP server • Server, appliance, integrated into a SOHO router, etc. • Dynamic / pooled • IP addresses are assigned in real-time from a pool • Each system is given a lease and must renew at set intervals • DHCP reservation • Addresses are assigned by MAC address in the DHCP server • Quickly manage addresses from one location

Question 31

389

Answer 31

LDAP Lightweight Directory Access Protocol • tcp/389 • Store and retrieve information in a network directory • Commonly used in Microsoft Active Directory

Question 32

161/162

Answer 32

SNMP ``` Simple Network Management Protocol • Gather statistics from network devices • Queries: udp/161 • Traps: udp/162 • v1 – The original • Structured tables, in-the-clear • v2 – A good step ahead • Data type enhancements • Bulk transfers, still in-the-clear • v3 – A secure standard • Message integrity • Authentication, encryption ```

Question 33

POP3S

Answer 33

995 POP3 over a secure channel - TCP port 995.

Question 34

995

Answer 34

POP3 over a secure channel - TCP port 995.

Question 35

IMAPS

Answer 35

993 IMAP over secure socket layer encryption using TCP 993 to perform IMAPS communication.

Question 36

993

Answer 36

IMAPS IMAP over secure socket layer encryption using TCP 993 to perform IMAPS communication.

Question 37

587

Answer 37

authentication for SMTP is going to run over TCP port 587

Question 38

SMTPS

Answer 38

587 authentication for SMTP is going to run over TCP port 587

Question 39

S/MIME

Answer 39

Stands for Secure Multipurpose Internet Mail Extensions. This allows you to both encrypt and digitally sign the messages that you’re sending and receiving from Microsoft Exchange.

Question 40

SMB/CIFS

Answer 40

445 SMB/CIFS CIFS Common Internet File System (CIFS) is a Microsoft-developed enhancement of the SMB protocol, which was also developed by Microsoft. The intent behind CIFS is that it can be used to share files and printers between computers, regardless of the operating system that they run. It’s been the default file and print sharing protocol on Windows-based computers since Windows 2000. SMB Server Message Block (SMB) is a protocol originally developed by IBM but then enhanced by Microsoft, IBM, Intel, and others. It’s used to provide shared access to files, printers, and other network resources and is primarily implemented by Microsoft systems. In a way, it can function a bit like FTP only with a few more options, such as the ability to connect to printers, and more management commands. It’s also known for its ability to make network resources easily visible through various Windows network apps (such as Network in File Explorer).