Protocols and Port Numbers

Question 1

NetBios

Answer 1

A standard communication protocol that does two things: File/folder/printer sharing, and also handles naming of users, computers, and groups.

Uses TCP and UDP ports 137, 138, and 139

Question 2

SMB over TCP-IP

Answer 2

445

This is the newer replacement for NetBIOS.

It either uses the NetBIOS port numbers (TCP and UDP ports 137, 138, and 139), or could be configured to use port 445 instead.

Sometimes known as CIFS (Common Internet File System)

Question 3

FTP

Answer 3

20, 21

Question 4

TFTP

Answer 4

UDP 69 - insecure! (no authentication)

Question 5

SSH

Answer 5

22

Question 6

Telnet

Answer 6

TCP 23

Question 7

DNS - Zone Transfers

Answer 7

TCP 53 for zone transfers

Question 8

HTTP

Answer 8

80, 81, 8080

Question 9

HTTPS

Answer 9

443

Question 10

Kerberos

Answer 10

88

Uses DES or AES for encryption

Question 11

SMTP

Answer 11

25

Question 12

POP3

Answer 12

110

Question 13

NTP

Answer 13

UDP 123 - Network Time Protocol: synchonizes the time on your devices

Question 14

SNMP

Answer 14

UDP 161

SNMPv3 is secure (authentication & encryption). You can further secure it with IP filtering: only allow the Admin’s IP to talk to the SNMP port on the target device. Often used in a SIEM (Security Information and Event Monitoring) system.

Question 15

Syslog

Answer 15

UDP 514

Question 16

RDP

Answer 16

3389

Question 17

LDAP

Answer 17

389

Question 18

Secure LDAP

Answer 18

636 (LDAP over SSL)

Question 19

SQL Server

Answer 19

1433 & 1434

Question 20

DNS - Individual Queries

Answer 20

UDP 53 for individual queries

Question 21

NetBios - File and Print Sharing

Answer 21

TCP 139

Standard communication protocol. Can use port 139 for file and printer sharing.

Question 22

Windows Printing Service

Answer 22

TCP 515

Question 23

Mac OS X Printer Sharing Printing Service

Answer 23

TCP 631

Question 24

HP JetDirect

Answer 24

9100