S4-Ports and Protocols Flashcards
What is a Port?
A logical opening in a computer that represents a service or application.
What Are the 3 groups of ports and their numbered ranges?
-Well-known (0 to 1,023)
- registered (1,024 to 49,151)
- Ephemeral (49,152 to 65,535)
What is IANA
“Internet Assigned Numbers Authority”
Well known ports and Reserved ports are registered with IANA
Ephemeral Ports
Temporary ports that are opened for a small period of time within a predefined range of ports.
What are the sizes for TCP and UDP Packet headers?
UDP = 8b
TCP = 20-60b
TCP
“Transfer Control Protocol”
fundamental protocol that consists of a set of rules that govern data exchange
what is a DDoS attack?
“Distributed Denial of Service”
A network of compromised computers is used to generate a significant amount of traffic.
Ping of Death
An attacker exploits a vulnerability to send malformed or oversized packets using ICMP.
ICMP
“Internet Control Message Protocol”
network layer protocol used to diagnose network related issues and send information to a host about network problems.
What are times when ICMP can be used?
- Indicating when a host or service is unreachable
- Report when a packet’s time to live has expired
- Router Buffer issues
What is the Max size of an IP packet?
65,535 bytes
What protocol/service uses port 80?
“Hypertext Transfer Protocol”(HTTP)
What is HTTP
“Hypertext Transfer Protocol”(HTTP)
- web browsing protocol
- data is sent in plain text
- not secure
What protocol/service uses port 443?
“Hypertext Transfer Protocol Secure” (HTTPS)
What is HTTPS
secure web browsing protocol that encrypts data by sending it down an SSL or TLS tunnel.
What are the three Main email protocols?
- SMTP
- POP3
- IMAP
SMTP
“Simple mail transfer protocol”
- Standard email protocol
- operates over Port 25
- used to transmit outbound emails
- Send only
- insecure (plain text)
SMTPS
SMTP that uses SSL or TLS to encrypt sent data.
What protocol/service uses port 25?
SMTP
What protocol/service uses ports 465 or 587?
SMTPS
POP3
“Post Office Protocol”
- used to receive/download emails from server to client
- operates over Port 110
- insecure protocol
What protocol/service uses port 110?
POP3
What protocol/service uses port 995?
POP3S
IMAP
“Internet Message Access Protocol”
- Allows users to manage emails directly on the email server
- uses Port 143
- Receives emails
- Insecure
What protocol/service uses port 143?
IMAP
What protocol/service uses port 993?
IMAPS
What are the 4 File transfer protocols?
- FTP
- SFTP
- TFTP
- SMB
FTP
“File Transfer Protocol”
- used for file transfer between client and server
- operates over ports 20 & 21
- 20 actual data transfer
- 21 send control command
- not secure
- can be used over IP
SFTP
Secure version of FTP that uses SSH and operates over port 22
- can be used over IP
TFTP
“Trivial File Transfer Protocol”
- Simpler FTP
- uses Port 69
- used to send files with minimal security
SMB
“Server Message Block”
- Allows computer apps to read and write files, and request services from the server programs
- uses port 445
- exclusively used on a LAN
What protocol/service uses port 20/21?
FTP
What protocol/service uses port 22?
SFTP/SSH
What protocol/service uses port 69?
TFTP
What protocol/service uses port 445?
SMB
What are the 3 Remote Access Protocols?
- SSH
- Telnet
- RDP
SSH
“Secure Shell”
- provides a secure encrypted channel over an unsecure network
- uses port 22
- text based
Telnet
- uses port 23
- Allows a user on one computer to remotely login to another computer.
- insecure
- older protocol
- text based
RDP
“Remote Desktop Protocol”
- MS remote access protocol that has a GUI to windows based systems.
- uses port 3389 (TCP)
What protocol/service uses port 3389?
RDP
What protocol/service uses port 23?
Telnet
What are some key network service protocols?
- DNS
- DHCP
- SQL
- SNMP
- Syslog
DNS
“Domain Name System”
- Translates domain names to IP addresses and vice versa
- uses port 53
- operates on both TCP and UDP
- UDP for small messages, TCP for large messages
DHCP
“Dynamic Host Configuration Protocol”
- used to automate the assignment of IP addresses, subnets, mass gateways and other network params to a client device
- listens on port 67, responds on port 68 using UDP
SQL Services
Protocols used by database servers to manage queries and control operations from client applications requesting them.
What are the 2 most common SQL services and their ports?
- Microsoft SQL (Port 1433)
- MySQL (Port 3306)
SNMP
“Simple Network Management Protocol”
- used to configure and collect data from network devices like servers, printers, hubs, switches, and routers
- uses ports 161 and 162
- 161 for SNMP managers
- 162 for Agents
Syslog
“System Logging”
- message logging standard that allows for devices on a network to send event messages to an event message collector (Syslog Server)
- operates over port 514
- uses UDP or TCP
What protocol/service uses port 53?
DNS
What protocol/service uses ports 67/68?
DHCP
67- listening
68- Responding
What protocol/service uses port 1433?
Microsoft SQL
What protocol/service uses port 3306?
MySQL
What protocol/service uses port 161/162?
SNMP
161- Managers
162- Agents
What protocol/service uses port 514?
Syslog
NTP
“Network Time Protocol”
- Used to sync the clocks of a computer over a given network
- operates over port 123 using UDP
SIP
“Session Initiation Protocol”
- used to start, maintain and stop real-time sessions
- most commonly used with VoIP
- operates over ports 5060 and 5061
- 5060 for un-encrypted signals (TCP, UDP)
- 5061 for encrypted signals (TCP)
LDAP
“Lightweight Directory Access Protocol”
- Used for accessing and maintaining directory information services over an IP network.
- uses port 389 (TCP, UDP)
- insecure
LDAPS
Secure version of LDAP that uses SSL. Newer versions use TLS
- uses port 636 (TCP)
What protocol/service uses port 123?
NTP
What protocol/service uses ports 5060/5061?
SIP
5060 - unencrypted
5061 - encrypted
What protocol/service uses port
389?
LDAP
What protocol/service uses port 636?
LDAPS
