Ports & Protocols Flashcards
SSH
Secure Shell
22
- used to administer Linux server remotely
- uses public key cryptography to authenticate & encrypt network access remotely; passwords cannot be seen in clear text
- used by cloud providers to authenticate admins; done by providing them with one private key from the pair
DNS
Domain Name Server
53
- has a records of all domains
- translates URLs into IP addresses and vice versa; this is called reverse lookup
SMTP
Simple Mail Transport Protocol
25
- delivers emails to a destinan email server
SFTP
Secure File Transfer
22
- transfers files using SSH
- SCP (Secure Copy Protocol) is used on many systems
FTP
File Transfer Protocol
20, 21
- legacy file-sharing protocol
- has 2 modes: active and passive
- active: control channel listens for request on port 21 on the server while the data channel sends information to client from port 20 on the server to a destination port about 1023
- passive: control channel listens for request on port 21 on the server while the data channel sends information to client from port above 1023 on the server to a destination port above 1023
- active modes causes an issue on firewalled networks because the computer is waiting on a incoming request on a different port than a initially communicated on
TFTP
Trivial File Transfer Protocol
69
- provides no security and is simplistic in its operation
- designed to boot computers over a network using the Preboot Execution Environment (PXE)
- used to transport software images over a network
- used to backup and restore configurations on network devices
Telnet
23
- legacy protocol that is slowly being replaced with SSH
- allows for remote admin of network devices through a text based console
- has a lack of encryption
DHCP
Dynamic Host Configuration Protocol
67, 68
- provides automatic IP address, subnet masks, DNS, and remote gateways for new devices on the network
- client sends and receives requests on port 68
- server sends and receives requests on port 67
HTTP
Hypertext Transfer Protocol
80
- when a webpage is requested from the web server, a request is made for the HTML (Hypertext Markup Language) page
HTTPS
Hypertext Transfer Protocol over SSL
443
- provides same function as HTTP but also encrypts the data in the process via SSL (Secure Socket Layer)
SNMP
Single Network Management Protocol
161
- used to collect data from servers and network devices (memory, CPU, and bandwidth)
- data is read from a centralized Network Management System (NMS)
- NMS organizes data into a graph
- can be used in a trap configuration (when device goes over certain threshold, this agent send a trap message to the NMS)
- these messages can be sent out to help reconfigure network equipment
RDP
Remote Desktop Protocol
3389
- used for connection to a computer or server for remote admin
NTP
Network Time Protocol
123
- syncs the time clock on computers across the internet
SIP
Session Initiation Protocol
5060, 5061
- used to setup VoIP calls
- doesn’t actually transport the media stream, rather it helps set it up
SMB
Server Message Block
445
- common network file and printer sharing protocol used with MS products
- also known as CIFS (Common Internet File System)
- supports RDMA (Remote Direct Memory Access)
- support AES (Advanced Encryption Standard) encryption
