Ports And Protocols Flashcards
What is a port in networking?
A virtual entry or exit point used by applications to exchange information, identified by numerical values (e.g., Port 443 for secure web traffic).
What is a protocol in networking?
A set of rules for data exchange between network devices, ensuring structured and predictable transmission (e.g., TCP, IP).
What are the three port range categories?
- Well-Known Ports (0–1023) – Reserved for common services (e.g., HTTP 80, HTTPS 443).
- Registered Ports (1024–49,151) – Assigned to specific applications (e.g., SQL Server 1433).
- Dynamic/Private Ports (49,152–65,535) – Used temporarily by applications for communication.
What port does HTTP use?
Port 80 (Unsecured web traffic).
What port does HTTPS use?
Port 443 (Secured web traffic using encryption).
What ports does SMTP use?
Port 25 (Unsecured), Port 587 (Secure SMTP).
What port does POP3 use?
Port 110 (Retrieve email from the server).
What port does IMAP use?
Port 143 (Retrieve and manage emails on the server).
What ports does FTP use?
Port 20 (Data transfer), Port 21 (Control commands).
What port does SFTP use?
Port 22 (Secure data transfer using SSH).
What port does TFTP use?
Port 69 (Simple file transfer with no authentication).
What port does SSH use?
Port 22 (Secure remote access).
What port does Telnet use?
Port 23 (Unencrypted remote access, not secure).
What port does RDP use?
Port 3389 (Remote desktop connections for Windows).
What port does DNS use?
Port 53 (Resolves domain names to IP addresses).
What ports does DHCP use?
Port 67 (Server), Port 68 (Client).
What port does SQL Server use?
Port 1433.
What ports does SNMP use?
Port 161 (Queries), Port 162 (Traps/Notifications).
What port does Syslog use?
Port 514 (Log collection).
What port does NTP use?
Port 123 (Time synchronization).
What ports does SIP use?
Port 5060 (Unsecured), Port 5061 (Secured).
What ports does LDAP use?
Port 389 (Unsecured), Port 636 (Secure LDAPS).
What is TCP?
A connection-oriented protocol that ensures reliable, ordered, and error-checked data transmission.
What are the steps in the Three-Way Handshake?
- SYN – Client sends a synchronization request.
- SYN-ACK – Server acknowledges and responds.
- ACK – Client confirms, establishing a connection.
What mechanisms does TCP use for reliability?
Error checking, flow control (windowing), and packet retransmission.
How does UDP differ from TCP?
- Connectionless (no handshake).
- Faster but unreliable (no retransmissions).
- Used in real-time applications like streaming and VoIP.
What are some common UDP-based applications?
- Streaming media (YouTube, Netflix).
- Online gaming (low latency).
- VoIP calls.
- DNS lookups (Port 53).
What is ICMP used for?
Diagnosing network issues (e.g., Ping, Traceroute).
What are some ICMP vulnerabilities?
- ICMP Flood Attack – Overwhelms a system with echo requests.
- Ping of Death – Sends oversized packets, crashing a system.
What is Nmap used for?
Scanning and identifying open ports and active services on a network.
What is Zenmap?
A GUI version of Nmap, useful for network analysis.
How can Nmap be used to scan a target system?
nmap -ss -O 10.0.2.6 (SYN scan for open ports and OS detection).
What are best security practices for ports?
- Limit open ports (close unused ones).
- Disable insecure services (e.g., replace Telnet with SSH).
- Use encrypted protocols (e.g., SFTP over FTP).
- Regularly scan networks for vulnerabilities.
