Ports and Protocols Flashcards
1.4
Port
Virtual entry/exit point for communications used by software applications to exchange information
A logical opening in a computer that represents a service or application
■ Identifies specific applications or services on a computer that represents
a service or application
■ Numbered from 0 to 65,535
Protocol
Set of rules and conventions for data exchange between network devices.
Well Known Ports
Numbered from 0 to 1,023 Ephemeral ports (49,152-65,535)
Examples
○ FTP (20, 21)
○ SMTP (25)
○ HTTP (80)
○ HTTPS (443)
Ephemeral Ports
● Temporary, short-lived ports for dynamic use
● Numbered from 49,152 to 65,535
● No registration is required and anyone can use them
Data Transfer Example
■ Client communicates with a website using IP addresses and ports
■ Client’s source IP and random ephemeral port connect to the website’s
destination IP and default port (e.g., 80)
Two-Way Communication
■ Web server responds using its well-known port (e.g., 80) back to the
client’s ephemeral port
■ Two-way communication is established between client (ephemeral port)
and web server (port 80)
○ Ephemeral ports opened for specific tasks and closed after data transmission.
○ In subsequent communications, the client uses the well-known port (e.g., 80) but
selects a new random ephemeral port
○ Communication Flow
■ Source IP and port initiate communication
■ Data is transmitted
■ Ports closed when the task is completed
Transmission Control Protocol (TCP)
■ Fundamental protocol in the Internet Protocol Suite that governs data
exchange over the internet
■ Ensures reliable delivery of packets
● Error checking
● Data sequencing
● Acknowledgment
■ Operates at the transport layer of the OSI model
■ Breaks down larger messages into smaller packets for efficient data
transfer and reassembles at the destination
○ Three-Way Handshake
■ Initiated to establish a connection between two systems
● SYN (Synchronize)
● SYN-ACK (Synchronize-Acknowledgement)
● ACK (Acknowledgement)
■ Ensures readiness for secure data transmission
○ Error Checking and Flow Control
■ Error checking
● Uses sequence numbers and acknowledgment messages
● Detects and retransmits lost or corrupted packets
■ Flow control
● Prevents overwhelming the receiver
● Windowing
○ Controls the amount of data sent at a time
○ Allows dynamic adjustment based on network conditions
Ports (In TCP)
○ Ports
■ Numerical identifiers for services or applications in TCP/IP suite
■ Distinguish between different services on the same server
■ Each connection identified by source and destination IP addresses and
ports
● e.g., secure websites use port 443 (HTTPS)
■ Enable multiple network applications on the same server
TCP’s Role in Internet Communication
■ Ensures reliability and ordered delivery between client and server
■ Operates at the transport layer of the OSI model
■ Utilizes packetization, acknowledgment, and error checking
■ Three-way handshake establishes a secure connection
■ Ports facilitate the logical differentiation of services on a single machine
User Datagram Protocol (UDP)
■ Communication protocol used for time-sensitive transmissions on the
internet
● Ideal for applications prioritizing speed over error checking
● Low latency and reduced processing overhead.
● Lacks error checking and recovery services like TCP
■ Operates at the transport layer, similar to TCP
■ Connectionless communication model
Packet Structure
Datagrams
● Term for data packets in UDP
● Sent without prior setup of transmission channels
● Contains source/destination port numbers, length field, and
checksum
● Smaller and simpler headers (8 bytes) compared to TCP (20-60
bytes)
UDP’s Stateless Nature
■ UDP does not maintain connection state or track packets
■ Often referred to as a “fire and forget” protocol
■ No waiting for acknowledgments, leading to faster transfer rates
Reliability Trade-off
■ UDP is less reliable due to lack of packet tracking
■ Suitable for scenarios where speed is crucial, and packet loss is
acceptable
Use Cases
■ Used in applications like live broadcasts, online gaming, and VoIP calls
■ Effective for simple request-response communications (e.g., DNS lookup)
○ UDP utilizes ports to differentiate between multiple services on the same
client/server
○ UDP relies on application-level error handling due to lack of built-in error
recovery
○ UDP contains a checksum in the header for minimal protection against data
corruption
○ UDP is not as robust as TCP in ensuring data integrity and delivery
ICMP
Internet Control Message Protocol (ICMP)
■ An integral part of the Internet Protocol Suite which is considered to be a
network layer protocol for diagnosing network communication issues
■ Not used for data transmission between systems unlike TCP and UDP
■ Operates at the network layer of the OSI model
ICMP Messages
■ Used for indicating host or service unreachability, expired time to live,
and router buffer issues
○ Ping Utility
■ Utilizes ICMP to test host reachability on an IP network
■ Measures roundtrip time (latency) for network connection
○ ICMP Message Structure
■ Header
● Type – indicates the type of ICMP message (1 byte)
● Code – provides additional context about the message type (1
byte)
● Checksum – used for error checking the message header and data
(2 bytes)
Port 80
● HTTP (Hypertext Transfer Protocol)
○ An application layer protocol. This designed to enable
communications between clients and servers
○ Uses port 80 by default
○ Foundation of data communication on the worldwide web
○ Requests and receives web content in plain text
● HTTP over Port 80 lacks security makes data vulnerable to
eavesdropping and attacks
Web Ports and Protocols
Web Ports and Protocols
■ Standardized rules and numerical gateways that govern data
transmission and communication on the internet for websites
Port 443
● HTTPS (Hypertext Transfer Protocol Secure)
○ Similar to HTTP but adds encryption via SSL/TLS
○ Uses port 443
○ Encrypts data, securing it from interception or tampering
○ Importance of HTTPS (Port 443)
■ Vital for websites handling sensitive data like banking, e-commerce, or
login pages
■ Automatic redirection from insecure HTTP (port 80) to secure HTTPS
■ Encryption ensures secure transmission of sensitive information
HTTPS vs HTTP
Key Differences between HTTP (Port 80) and HTTPS (Port 443)
■ Security and Encryption
● HTTP (port 80) – unencrypted, plain text
● HTTPS (port 443) – encrypted using SSL/TLS, more secure against
data breaches
■ Default Usage
● HTTP (port 80) – traditional, default for unsecured browsing
● HTTPS (port 443) – introduced later, became default for secure
browsing in recent years
■ Search Engine Optimization (SEO) and Trust
● HTTPS (port 443) – favored for increased security and ranked
higher by search engines due to user trust and encryption
SMTP
■ SMTP (Simple Mail Transfer Protocol)
● The standard protocol used for sending emails over the internet
● Operates over port 25
○ Default port used by email servers
○ Insecure because data is sent in plain text
● Only used for sending emails
SMTPS
● SMTPS (SMTP Secure)
○ A secure variant of SMTP
○ Not really a protocol itself, but a way to secure the SMTP
protocol by transporting it via the secure socket layer or
transport layer security protocols
○ Operates over ports 465 or port 587
POP3
POP3 (Post Office Protocol version 3)
● Used to retrieve emails from a remote server to a local client
● Operates over port 110
● Designed to download and delete messages from the server
● Transmits emails in plain text (insecure)
● POP3S (POP3 Secure)
○ A secure variant of POP3 that overcomes the limitations of
POP3
○ Operates over port 995 via SSL/TLS
IMAP
IMAP (Internet Message Access Protocol)
● Offers more flexibility than POP3
● Operates over port 143
● Allows managing emails directly on the server, synchronizing
across multiple devices
● Transmits emails in plain text (insecure)
IMAPS
(IMAP Secure)
○ A variant of IMAP that can provide a secure and encrypted
connection by transmitting data inside of an encrypted
SSL/TLS using the standard IMAP protocol
○ Operates over port 993
