Ports & Protocols Flashcards
Port
Virtual entry / exit point for communications used by software applications to exchange information; #0 through 65,535
Protocol
set of rules & conventions for data exchange between network devices
Well Known Ports
0 through 1,023; FTP, SMTP, HTTP, HTTPS
Registered Ports
1,024 through 49,151; Used by users and systems through the Internet Assigned Numbers Authority (IANA)
Ephemeral Ports
49,152 through 65,535; Also known as dynamic ports; temporary ports that allow client applications to communicate with servers
Communication Flow
Source IP & Port initiate communication; Data is transmitted; Port is closed when task is complete
TCP
Transmission Control Protocol - Governs data exchange over the internet at the transport layer; Ensures reliable delivery of packets
TCP - Error Checking
Uses sequence numbers & acknowledgement messages; Detects & retransmits lost or corrupted packets
TCP - Flow Control
Prevents overwhelming the receiver; Windowing - controls amount of data sent at a time (Bigger window = More data allowed = Possibility of more errors)
Three-Way Handshake
Initiated to establish a connection between 2 systems; Ensures readiness for secure data transmission
- SYN (Synchronize)
- SYN-ACK (Synchronize & Acknowledge)
- ACK (Acknowledge)
UDP
User Datagram Protocol; Communication protocol used for time-sensitive transmissions; Ideal for applications prioritizing speed over error checks; Operates at the transport layer; Used in live broadcasts, online gaming, and VoIP (simple request / response communications)
Datagrams
Data packets in UDP; Contains source / destination port numbers, length field, and checksum; Sent without prior setup of transmission channels (unsecure)
ICMP
Internet Control Message Protocol; Operates at the Network layer; Diagnoses network communication issues; Not for data transmission; No guaranteed delivery, ordering, or error connection; Made for speed & simplicity
Ping Utility
Uses ICMP to test host reachability on an IP network; Measures roundtrip time (latency) for network connection
Messages
Used for indicating host or service unreachability, expired time to live, & router buffer issues
Message Structure
Header –> Type of ICMP message (1 byte) –> Code; additional context about type (1 byte) –> Checksum; used for error checking the message header and data
ICMP Security
Concerns: ICMP Flood Attack - overwhelm target with echo request packets, leading to DoS attack, can be amplified to DDoS; Ping of Death - older system exploit;
Network admins can block ICMP traffic, but face troubleshooting issues
Port 80
HTTP (Hypertext Transfer Protocol); Application Layer; Lacks security
Port 443
HTTPS (Hypertext Transfer Protocol Secure); Application Layer; Adds encryption via SSL / TLS
Port 25
SMTP (Simple Mail Transfer Protocol); Application Layer; Used for SENDING emails; Unsecure
Port 465
SMTPS (Simple Mail Transfer Protocol Secure); Application Layer; Used for SENDING emails; Secure with TLS Protocol
Port 110
POP3 (Post Office Protocol version 3); Application Layer; Used for RECEIVING emails; Unsecure
Port 995
POP3S (Post Office Protocol version 3 Secure; Application Layer; Used for RECEIVING emails; Secure over TLS/SSL
Port 143
IMAP (Internet Message Access Protocol); Application Layer; Used for RECEIVING emails; Unsecure
Port 993
IMAPS (Internet Message Access Protocol Secure); Application Layer; Used for RECEIVING emails; Secure over TLS/SSL
Port 20
FTP (File Transfer Protocol); Data transfer
Port 21
FTP (File Transfer Protocol); Control commands
Port 22
SSH (Secure Shell), SFTP (Secure File Transfer Protocol); Encrypts data for file transmissions
Port 69
TFTP (Trivial File Transfer Protocol); For sending files when minimal security is sufficient
Port 445
SMB (Server Message Block), AD (Active Directory); Network file sharing protocol that allows applications to read & write to files & request services from the server programs
Port 23
Telnet; Unencrypted text communications; replaced by SSH
Port 3389
RDP (Remote Desktop Protocol); Allows remote access to a Windows system; Supports data encryption, smart card authentication, & bandwidth reduction
Port 67
DHCP (Dynamic Host Configuration Protocol); UDP; Listens for client requests; Automates the assignment of IP addresses & networking parameters
Port 68
DHCP (Dynamic Host Configuration Protocol); UDP; Responds to client requests; Automates the assignment of IP addresses & networking parameters
Port 1433
Microsoft SQL Server
Port 3306
MySQL Server
Port 161
SNMP (Simple Network Management Protocol); UDP; For polling; Used for collecting information and configuration; Crucial for network diagnostics & performance monitoring
Port 162
SNMP (Simple Network Management Protocol); UDP; For unsolicited trap messages; Used for collecting information and configuration; Crucial for network diagnostics & performance monitoring
Port 514
SYSLOG (System Logging); UDP by default, can use TCP for reliability; Standard for message logging allowing devices to send event messages across IP networks
Port 123
NTP (Network Time Protocol); UDP; Used to sync clocks of computers over a network; Vital for time-dependent processes, timestamping events, transaction logging, & security protocols
Port 5060
SIP (Session Initiation Protocol); UDP / TCP (unencrypted); Initiates, maintains, & terminates real-time sessions for voice, video, & messaging
Port 5061
SIP (Session Initiation Protocol); TCP w/ TLS (encrypted); Initiates, maintains, & terminates real-time sessions for voice, video, & messaging
Port 389
LDAP (Lightweight Directory Access Protocol); UDP/TCP (unsecure); Protocol for accessing & maintaining directory information services over an IP network; Used to look up personal information in email programs
Port 636
LDAPS (Lightweight Directory Access Protocol Secure); TCP (secure with SSL or TLS); Protocol for accessing & maintaining directory information services over an IP network; Used to look up personal information in email programs
