Ports & Protocols Flashcards
Port
Virtual entry / exit point for communications used by software applications to exchange information; #0 through 65,535
Protocol
set of rules & conventions for data exchange between network devices
Well Known Ports
0 through 1,023; FTP, SMTP, HTTP, HTTPS
Registered Ports
1,024 through 49,151; Used by users and systems through the Internet Assigned Numbers Authority (IANA)
Ephemeral Ports
49,152 through 65,535; Also known as dynamic ports; temporary ports that allow client applications to communicate with servers
Communication Flow
Source IP & Port initiate communication; Data is transmitted; Port is closed when task is complete
TCP
Transmission Control Protocol - Governs data exchange over the internet at the transport layer; Ensures reliable delivery of packets
TCP - Error Checking
Uses sequence numbers & acknowledgement messages; Detects & retransmits lost or corrupted packets
TCP - Flow Control
Prevents overwhelming the receiver; Windowing - controls amount of data sent at a time (Bigger window = More data allowed = Possibility of more errors)
Three-Way Handshake
Initiated to establish a connection between 2 systems; Ensures readiness for secure data transmission
- SYN (Synchronize)
- SYN-ACK (Synchronize & Acknowledge)
- ACK (Acknowledge)
UDP
User Datagram Protocol; Communication protocol used for time-sensitive transmissions; Ideal for applications prioritizing speed over error checks; Operates at the transport layer; Used in live broadcasts, online gaming, and VoIP (simple request / response communications)
Datagrams
Data packets in UDP; Contains source / destination port numbers, length field, and checksum; Sent without prior setup of transmission channels (unsecure)
ICMP
Internet Control Message Protocol; Operates at the Network layer; Diagnoses network communication issues; Not for data transmission; No guaranteed delivery, ordering, or error connection; Made for speed & simplicity
Ping Utility
Uses ICMP to test host reachability on an IP network; Measures roundtrip time (latency) for network connection
Messages
Used for indicating host or service unreachability, expired time to live, & router buffer issues
Message Structure
Header –> Type of ICMP message (1 byte) –> Code; additional context about type (1 byte) –> Checksum; used for error checking the message header and data
ICMP Security
Concerns: ICMP Flood Attack - overwhelm target with echo request packets, leading to DoS attack, can be amplified to DDoS; Ping of Death - older system exploit;
Network admins can block ICMP traffic, but face troubleshooting issues
Port 80
HTTP (Hypertext Transfer Protocol); Application Layer; Lacks security
Port 443
HTTPS (Hypertext Transfer Protocol Secure); Application Layer; Adds encryption via SSL / TLS
Port 25
SMTP (Simple Mail Transfer Protocol); Application Layer; Used for SENDING emails; Unsecure
Port 465
SMTPS (Simple Mail Transfer Protocol Secure); Application Layer; Used for SENDING emails; Secure with TLS Protocol
Port 110
POP3 (Post Office Protocol version 3); Application Layer; Used for RECEIVING emails; Unsecure
Port 995
POP3S (Post Office Protocol version 3 Secure; Application Layer; Used for RECEIVING emails; Secure over TLS/SSL
Port 143
IMAP (Internet Message Access Protocol); Application Layer; Used for RECEIVING emails; Unsecure