Ports Flashcards
FTP
20/21
File Transfer Protocol
• tcp/20 (active mode data), tcp/21 (control)
• Transfers files between systems
• Authenticates with a username and password
• Some systems use a generic/anonymous login
• Full-featured functionality
• List, add, delete, etc.
SSH
22
Secure Shell
• Encrypted communication link - tcp/22
• Looks and acts the same as Telnet
Telnet
23
- Telnet – Telecommunication Network - tcp/23
- Login to devices remotely
- Console access
- In-the-clear communication
- Not the best choice for production systems
SMTP
25
Simple Mail Transfer Protocol
• Server to server email transfer - tcp/25
• Also used to send mail from a device to a mail server
• Commonly configured on mobile devices
and email clients
• Other protocols are used for clients to receive email
• IMAP, POP3
DNS
53
Domain Name System
• Converts names to IP addresses - udp/53
• www.professormesser.com = 162.159.246.164
• These are very critical resources
• Usually multiple DNS servers are in production
HTTP
80
Hypertext Transfer Protocol - tcp/80
• Communication in the browser
• And by other applications
HTTPS
443
Hypertext Transfer Protocol Secure
• Encrypted - HTTPS - tcp/443
• Supported by nearly all web servers and clients
POP3
110
- POP3 - Post office Protocol version 3 - tcp/110
- Basic mail transfer functionality
- Receive emails from an email server
- Authenticate and transfer
IMAP4
143
Internet Message Access Protocol v4 - tcp/143
• Includes management of email inbox from multiple clients
RDP
3389
Remote Desktop Protocol
• Share a desktop from a remote location over tcp/3389
• Remote Desktop Services on many Windows versions
• Can connect to an entire desktop or just an application
• Clients for Windows, macOS, Linux, Unix,
iPhone, Android, and others
NETBIOS
137, 138, 139
Server Message Block
• Protocol used by Microsoft Windows
• File sharing, printer sharing
• Also called CIFS (Common Internet File System)
• Using NetBIOS over TCP/IP
• udp/137 - NetBIOS name services (nbname)
• udp/138 - NetBIOS datagram service (nbdatagram)
• tcp/139 - NetBIOS session service (nbsession)
AFP
548
Apple Filing Protocol • File services in macOS • tcp/548 • Works with SLP (Service Location Protocol) • tcp/427 and udp/427 • Populates the list of available devices • File management • Copy, move, delete files
DHCP
67, 68
Dynamic Host Configuration Protocol
• Automated configuration of IP address, subnet mask
and other options
• udp/67, udp/68
• Requires a DHCP server
• Server, appliance, integrated into a SOHO router, etc.
• Dynamic / pooled
• IP addresses are assigned in real-time from a pool
• Each system is given a lease and must renew
at set intervals
• DHCP reservation
• Addresses are assigned by MAC address
in the DHCP server
• Quickly manage addresses from one location
LDAP
389
Lightweight Directory Access Protocol
• tcp/389
• Store and retrieve information in a network directory
• Commonly used in Microsoft Active Directory
SNMP
161, 162
Simple Network Management Protocol • Gather statistics from network devices • Queries: udp/161 • Traps: udp/162 • v1 – The original • Structured tables, in-the-clear • v2 – A good step ahead • Data type enhancements • Bulk transfers, still in-the-clear • v3 – A secure standard • Message integrity • Authentication, encryption
20/21
FTP
File Transfer Protocol
• tcp/20 (active mode data), tcp/21 (control)
• Transfers files between systems
• Authenticates with a username and password
• Some systems use a generic/anonymous login
• Full-featured functionality
• List, add, delete, etc.
22
SSH
Secure Shell
• Encrypted communication link - tcp/22
• Looks and acts the same as Telnet
23
Telnet
- Telnet – Telecommunication Network - tcp/23
- Login to devices remotely
- Console access
- In-the-clear communication
- Not the best choice for production systems
25
SMTP
Simple Mail Transfer Protocol
• Server to server email transfer - tcp/25
• Also used to send mail from a device to a mail server
• Commonly configured on mobile devices
and email clients
• Other protocols are used for clients to receive email
• IMAP, POP3
53
DNS
Domain Name System
• Converts names to IP addresses - udp/53
• www.professormesser.com = 162.159.246.164
• These are very critical resources
• Usually multiple DNS servers are in production
80
HTTP
Hypertext Transfer Protocol - tcp/80
• Communication in the browser
• And by other applications
110
POP3
- Post office Protocol version 3 - tcp/110
- Basic mail transfer functionality
- Receive emails from an email server
- Authenticate and transfer
143
IMAP
Internet Message Access Protocol v4 - tcp/143
• Includes management of email inbox from multiple clients
443
HTTPS
Hypertext Transfer Protocol Secure
• Encrypted - HTTPS - tcp/443
• Supported by nearly all web servers and clients
3389
RDP
Remote Desktop Protocol
• Share a desktop from a remote location over tcp/3389
• Remote Desktop Services on many Windows versions
• Can connect to an entire desktop or just an application
• Clients for Windows, macOS, Linux, Unix, iPhone, Android, and others
137–139
NETBIOS
- Protocol used by Microsoft Windows
- File sharing, printer sharing
- Also called CIFS (Common Internet File System)
- Using NetBIOS over TCP/IP
- udp/137 - NetBIOS name services (nbname)
- udp/138 - NetBIOS datagram service (nbdatagram)
- tcp/139 - NetBIOS session service (nbsession)
445
SMB/CIFS
CIFS
Common Internet File System (CIFS) is a Microsoft-developed enhancement of the SMB protocol, which was also developed by Microsoft. The intent behind CIFS is that it can be used to share files and printers between computers, regardless of the operating system that they run. It’s been the default file and print sharing protocol on Windows-based computers since Windows 2000.
SMB
Server Message Block (SMB) is a protocol originally developed by IBM but then enhanced by Microsoft, IBM, Intel, and others. It’s used to provide shared access to files, printers, and other network resources and is primarily implemented by Microsoft systems. In a way, it can function a bit like FTP only with a few more options, such as the ability to connect to printers, and more management commands. It’s also known for its ability to make network resources easily visible through various Windows network apps (such as Network in File Explorer).
427
SLP
The Service Location Protocol (SLP) is a non-proprietary protocol designed to help locate resources on a network. Without protocols such as SLP (and SMB), users wanting to access networked resources need to enter the hostname or IP address of the machine that provides the resource. SLP makes the resources visible and therefore easy to connect to.
SLP was developed by the Internet Engineering Task Force (IETF), so it’s considered an industry standard. The advantage is that it can be used with non-Microsoft operating systems, such as macOS and Linux.
548
AFP
Apple Filing Protocol • File services in macOS • tcp/548 • Works with SLP (Service Location Protocol) • tcp/427 and udp/427 • Populates the list of available devices • File management • Copy, move, delete files
67/68
DHCP
Dynamic Host Configuration Protocol
• Automated configuration of IP address, subnet mask
and other options
• udp/67, udp/68
• Requires a DHCP server
• Server, appliance, integrated into a SOHO router, etc.
• Dynamic / pooled
• IP addresses are assigned in real-time from a pool
• Each system is given a lease and must renew
at set intervals
• DHCP reservation
• Addresses are assigned by MAC address
in the DHCP server
• Quickly manage addresses from one location
389
LDAP
Lightweight Directory Access Protocol
• tcp/389
• Store and retrieve information in a network directory
• Commonly used in Microsoft Active Directory
161/162
SNMP
Simple Network Management Protocol • Gather statistics from network devices • Queries: udp/161 • Traps: udp/162 • v1 – The original • Structured tables, in-the-clear • v2 – A good step ahead • Data type enhancements • Bulk transfers, still in-the-clear • v3 – A secure standard • Message integrity • Authentication, encryption
POP3S
995
POP3 over a secure channel - TCP port 995.
995
POP3
over a secure channel - TCP port 995.
IMAPS
993
IMAP over secure socket layer encryption using TCP 993 to perform IMAPS communication.
993
IMAPS
IMAP over secure socket layer encryption using TCP 993 to perform IMAPS communication.
587
authentication for SMTP is going to run over TCP port 587
SMTPS
587
authentication for SMTP is going to run over TCP port 587
S/MIME
Stands for Secure Multipurpose Internet Mail Extensions. This allows you to both encrypt and digitally sign the messages that you’re sending and receiving from Microsoft Exchange.
SMB/CIFS
445
SMB/CIFS
CIFS
Common Internet File System (CIFS) is a Microsoft-developed enhancement of the SMB protocol, which was also developed by Microsoft. The intent behind CIFS is that it can be used to share files and printers between computers, regardless of the operating system that they run. It’s been the default file and print sharing protocol on Windows-based computers since Windows 2000.
SMB
Server Message Block (SMB) is a protocol originally developed by IBM but then enhanced by Microsoft, IBM, Intel, and others. It’s used to provide shared access to files, printers, and other network resources and is primarily implemented by Microsoft systems. In a way, it can function a bit like FTP only with a few more options, such as the ability to connect to printers, and more management commands. It’s also known for its ability to make network resources easily visible through various Windows network apps (such as Network in File Explorer).
