Ports and Protocols Flashcards

1.4

1
Q

Port

A

Virtual entry/exit point for communications used by software applications to exchange information

A logical opening in a computer that represents a service or application

■ Identifies specific applications or services on a computer that represents
a service or application
■ Numbered from 0 to 65,535

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Protocol

A

Set of rules and conventions for data exchange between network devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Well Known Ports

A

Numbered from 0 to 1,023 Ephemeral ports (49,152-65,535)

Examples
○ FTP (20, 21)
○ SMTP (25)
○ HTTP (80)
○ HTTPS (443)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Ephemeral Ports

A

● Temporary, short-lived ports for dynamic use
● Numbered from 49,152 to 65,535
● No registration is required and anyone can use them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data Transfer Example

A

■ Client communicates with a website using IP addresses and ports
■ Client’s source IP and random ephemeral port connect to the website’s
destination IP and default port (e.g., 80)

Two-Way Communication
■ Web server responds using its well-known port (e.g., 80) back to the
client’s ephemeral port
■ Two-way communication is established between client (ephemeral port)
and web server (port 80)

○ Ephemeral ports opened for specific tasks and closed after data transmission.
○ In subsequent communications, the client uses the well-known port (e.g., 80) but
selects a new random ephemeral port
○ Communication Flow
■ Source IP and port initiate communication
■ Data is transmitted
■ Ports closed when the task is completed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Transmission Control Protocol (TCP)

A

■ Fundamental protocol in the Internet Protocol Suite that governs data
exchange over the internet
■ Ensures reliable delivery of packets
● Error checking
● Data sequencing
● Acknowledgment
■ Operates at the transport layer of the OSI model
■ Breaks down larger messages into smaller packets for efficient data
transfer and reassembles at the destination

○ Three-Way Handshake
■ Initiated to establish a connection between two systems
● SYN (Synchronize)

● SYN-ACK (Synchronize-Acknowledgement)
● ACK (Acknowledgement)
■ Ensures readiness for secure data transmission
○ Error Checking and Flow Control
■ Error checking
● Uses sequence numbers and acknowledgment messages
● Detects and retransmits lost or corrupted packets
■ Flow control
● Prevents overwhelming the receiver
● Windowing
○ Controls the amount of data sent at a time
○ Allows dynamic adjustment based on network conditions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Ports (In TCP)

A

○ Ports
■ Numerical identifiers for services or applications in TCP/IP suite
■ Distinguish between different services on the same server
■ Each connection identified by source and destination IP addresses and
ports
● e.g., secure websites use port 443 (HTTPS)
■ Enable multiple network applications on the same server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

TCP’s Role in Internet Communication

A

■ Ensures reliability and ordered delivery between client and server
■ Operates at the transport layer of the OSI model

■ Utilizes packetization, acknowledgment, and error checking
■ Three-way handshake establishes a secure connection
■ Ports facilitate the logical differentiation of services on a single machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

User Datagram Protocol (UDP)

A

■ Communication protocol used for time-sensitive transmissions on the
internet
● Ideal for applications prioritizing speed over error checking
● Low latency and reduced processing overhead.
● Lacks error checking and recovery services like TCP
■ Operates at the transport layer, similar to TCP
■ Connectionless communication model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Packet Structure

A

Datagrams
● Term for data packets in UDP
● Sent without prior setup of transmission channels
● Contains source/destination port numbers, length field, and
checksum
● Smaller and simpler headers (8 bytes) compared to TCP (20-60
bytes)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

UDP’s Stateless Nature

A

■ UDP does not maintain connection state or track packets
■ Often referred to as a “fire and forget” protocol
■ No waiting for acknowledgments, leading to faster transfer rates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Reliability Trade-off

A

■ UDP is less reliable due to lack of packet tracking
■ Suitable for scenarios where speed is crucial, and packet loss is
acceptable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Use Cases

A

■ Used in applications like live broadcasts, online gaming, and VoIP calls
■ Effective for simple request-response communications (e.g., DNS lookup)
○ UDP utilizes ports to differentiate between multiple services on the same
client/server
○ UDP relies on application-level error handling due to lack of built-in error
recovery
○ UDP contains a checksum in the header for minimal protection against data
corruption
○ UDP is not as robust as TCP in ensuring data integrity and delivery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ICMP

A

Internet Control Message Protocol (ICMP)
■ An integral part of the Internet Protocol Suite which is considered to be a
network layer protocol for diagnosing network communication issues
■ Not used for data transmission between systems unlike TCP and UDP
■ Operates at the network layer of the OSI model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

ICMP Messages

A

■ Used for indicating host or service unreachability, expired time to live,
and router buffer issues

○ Ping Utility
■ Utilizes ICMP to test host reachability on an IP network
■ Measures roundtrip time (latency) for network connection

○ ICMP Message Structure
■ Header
● Type – indicates the type of ICMP message (1 byte)
● Code – provides additional context about the message type (1
byte)
● Checksum – used for error checking the message header and data
(2 bytes)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Port 80

A

● HTTP (Hypertext Transfer Protocol)
○ An application layer protocol. This designed to enable
communications between clients and servers
○ Uses port 80 by default
○ Foundation of data communication on the worldwide web
○ Requests and receives web content in plain text
● HTTP over Port 80 lacks security makes data vulnerable to
eavesdropping and attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Web Ports and Protocols

A

Web Ports and Protocols
■ Standardized rules and numerical gateways that govern data
transmission and communication on the internet for websites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Port 443

A

● HTTPS (Hypertext Transfer Protocol Secure)
○ Similar to HTTP but adds encryption via SSL/TLS
○ Uses port 443
○ Encrypts data, securing it from interception or tampering
○ Importance of HTTPS (Port 443)
■ Vital for websites handling sensitive data like banking, e-commerce, or
login pages
■ Automatic redirection from insecure HTTP (port 80) to secure HTTPS
■ Encryption ensures secure transmission of sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

HTTPS vs HTTP

A

Key Differences between HTTP (Port 80) and HTTPS (Port 443)
■ Security and Encryption
● HTTP (port 80) – unencrypted, plain text
● HTTPS (port 443) – encrypted using SSL/TLS, more secure against
data breaches

■ Default Usage
● HTTP (port 80) – traditional, default for unsecured browsing
● HTTPS (port 443) – introduced later, became default for secure
browsing in recent years
■ Search Engine Optimization (SEO) and Trust
● HTTPS (port 443) – favored for increased security and ranked
higher by search engines due to user trust and encryption

20
Q

SMTP

A

■ SMTP (Simple Mail Transfer Protocol)

● The standard protocol used for sending emails over the internet
● Operates over port 25
○ Default port used by email servers
○ Insecure because data is sent in plain text
● Only used for sending emails

21
Q

SMTPS

A

● SMTPS (SMTP Secure)

○ A secure variant of SMTP
○ Not really a protocol itself, but a way to secure the SMTP
protocol by transporting it via the secure socket layer or
transport layer security protocols
○ Operates over ports 465 or port 587

22
Q

POP3

A

POP3 (Post Office Protocol version 3)
● Used to retrieve emails from a remote server to a local client
● Operates over port 110
● Designed to download and delete messages from the server
● Transmits emails in plain text (insecure)
● POP3S (POP3 Secure)
○ A secure variant of POP3 that overcomes the limitations of
POP3
○ Operates over port 995 via SSL/TLS

23
Q

IMAP

A

IMAP (Internet Message Access Protocol)
● Offers more flexibility than POP3
● Operates over port 143
● Allows managing emails directly on the server, synchronizing
across multiple devices
● Transmits emails in plain text (insecure)

24
Q

IMAPS

A

(IMAP Secure)
○ A variant of IMAP that can provide a secure and encrypted
connection by transmitting data inside of an encrypted
SSL/TLS using the standard IMAP protocol
○ Operates over port 993

25
Q

More on Email Ports & Protocol

A

○ SMTP and SMTPS are used for sending emails
○ POP3 and IMAP are both used for receiving emails
■ IMAP offers more sophisticated email management
○ Understanding protocols ensures secure and efficient email communication
○ Configure systems with secure variants to protect against security threats

26
Q

File Transfer Protocols

A

■ Specialized rules and procedures that are utilized for the transmission of
files across networks

27
Q

FTP

A

File Transfer Protocol
■ Ports:
● Port 20 – actual data transfer
● Port 21 – sending control commands
■ Lack of encryption poses security risks
■ Transmissions are sent in plain text
■ Widely used for its simplicity across platforms

28
Q

SFTP (Secure File Transfer Protocol)

A

■ Addresses FTP security concerns
■ Also stands for SSH File Transfer Protocol
■ Operates on port 22 – standard port for SSH connections
■ Encrypts data for secure file transmissions

29
Q

TFTP (Trivial File Transfer Protocol)

A

■ Basic version of FTP that lacks authentication and directory browsing
■ Operates on port 69
■ Designed for sending files when minimal security is sufficient

30
Q

SMB (Server Message Block)

A

■ A network file sharing protocol that allows applications to read and write
to files and request services from the server programs

■ Operates on port 445
■ Predominantly used for Windows file sharing

■ Samba
● A cross-platform version of SMB that exists on Linux systems
■ Almost exclusively used inside of LANs and it is not a protocol to send
data across the Internet

31
Q

File Protocol Cheat Sheet

A

● FTP – basic transfers (ports 20, 21)
● SFTP – secure transfers (port 22)
● TFTP – simple, unsecured transfers (port 69)
● SMB – Windows file sharing in LANs (port 445)

32
Q

SSH (Secure Shell)

A

● Protocol for secure remote login and network services over an
unsecure network
● Operates on port 22
● Provides a secure channel, strong authentication, and encrypted
data communication
● Used by network administrators for remote control of web and
server applications

33
Q

Telnet

A

● Early remote log-in protocol
● Operates on port 23
● Allows remote login to another computer on the same network
● Transfers data in plain text, making it susceptible to eavesdropping
and on-path attacks
● Replaced by SSH due to lack of encryption

34
Q

RDP (Remote Desktop Protocol)

A

● Proprietary protocol by Microsoft for graphical user interface
remote connection
● Operates on port 3389
● Allows remote access to a window system, supporting different
network topologies
● Supports data encryption, smart card authentication, and
bandwidth reduction

35
Q

Remote Access Cheat Sheet

A

■ SSH is recommended for secure command-line management.
■ Telnet should be avoided due to its lack of encryption
■ RDP is essential for secure graphical access to Windows-based systems

36
Q

Network Services, Ports, and Protocols

A

■ Fundamental services for smooth digital communication and network
management
■ Different services that ensure that the network devices can discover each
other, communicate efficiently, and relay important system information to
each other

37
Q

DNS (Domain Name System)

A

■ Used for translating human-friendly domain names to IP addresses
■ Operates on ports 53 (UDP by default) for queries and responses
■ Uses TCP for larger messages

38
Q

DHCP

A

(Dynamic Host Configuration Protocol)
■ Automates the assignment of IP addresses and networking parameters to
client devices
■ Listens on port 67 (UDP) for client requests
■ Responds on port 68 (UDP)

39
Q

SQL Services

A

■ Refers to protocols used by database servers for managing queries
■ Microsoft SQL Server operates on port 1433
■ MySQL Server on port 3306

40
Q

SNMP (Simple Network Management Protocol)

A

■ Used for collecting information and configuring network devices
■ Operates on port 161 (UDP) for polling
■ Operates on port 162 (UDP) for unsolicited trap messages
■ Crucial for network diagnostics and performance monitoring

41
Q

Syslog (System Logging)

A

■ Standard for message logging allowing devices to send event messages
across IP networks
● Syslog Server
○ Event message collector where syslog messages are sent to
■ Operates on port 514
● Uses UDP by default
● Can use TCP for reliability

42
Q

Network Service Protocols Cheat sheet

A

Other Network Service Ports and Protocols
■ Refers to different network, service, ports, and protocols that play a
pivotal role in the network, time synchronization, and the establishment
of communication sessions, as well as directory services
■ Crucial for organizing and providing access to distributed information
located all across the network

43
Q

Session Initiation Protocol (SIP)

A

■ Initiates, maintains, and terminates real-time sessions for voice, video,
and messaging
● Common usage includes Voiceover IP applications for internet
phone calls
■ Operates over port 5060 (traditionally) on both UDP and TCP for
unencrypted signaling
■ Uses port 5061 using TCP with TLS (Transport Layer Security) for
encrypted signaling

44
Q

Network Time Protocol (NTP)

A

Used to synchronize clocks f computers over a network.

■ Vital for time-dependent processes, timestamping events, transaction
logging, and security protocols
■ Operates over port 123 using the User Datagram Protocol (UDP)
■ Example
● Ensures consistency between server and client times, affecting
encryption and decryption functions

45
Q
A