Section 15 - Network Attacks Flashcards
What is a port?
A logical communication endpoint that exists on a computer or server
They are classified as inbound or outbound.
What is an inbound port?
Used when your computer or server is listening for a connection
*** the web server had port 80 open, that’s an inbound port. It’s just waiting for somebody to come along and connect to it.
What is an outbound port?
This is opened by a computer whenever it wants to connect to a server
*** If my computer is attempting to make a connection to your web server over port 80, my computer is going to open up a random high number port such as 52363 and it’s going to make an outbound request to that web server.
In addition to ports being called inbound and outbound, the ports are also going to be assigned a…?
Number that can be anywhere between 0 to 65,535. This large range is divided into three smaller groups.
What are the three port range numbered groups?
Well-Known ports
Registered ports
Dynamic or Private Ports
What is a Well-Known port?
Ports 0 to 1023 are considered well known and are assigned by the Internet Assigned Numbers Authority (IANA)
What is a Registered port?
Ports 1024 to 49,151 are considered registered and are usually assigned to proprietary protocols
** These are used by vendors for their own proprietary protocols and each vendor is going to register them with IANA prior to using them.
What is a Dynamic/Private port?
Ports 49,152 to 65,535 can be used by any application without being registered with IANA
*** This range is usually used by your client whenever it picks a random high number port for its application. Anytime it wants to have a temporary outbound connection, this is the range that it’s going to use. This is used commonly in gaming, as well as instant message and chat.
Give the answer for the following information:
Port Number - 21
Protocol -
TCP/UDP -
Port Number - 21
Protocol - (FTP) File Transfer Protocol is used to transfer files from host to host
TCP/UDP - TCP
Give the answer for the following information:
Port Number - 22
Protocol -
TCP/UDP -
Port Number - 22
Protocol - (SSH, SCP, SFTP) Secure Shell is used to remotely administer network devices and systems.
SCP is used for secure copy and SFTP for secure FTP.
TCP/UDP -UDP
Give the answer for the following information:
Port Number - 23
Protocol -
TCP/UDP -
Port Number - 23
Protocol - Telnet is unencrypted method to remotely administer network devices (should not be used)
TCP/UDP - Both
Give the answer for the following information:
Port Number - 25
Protocol -
TCP/UDP -
Port Number - 25
Protocol - (SMTP) Simple Mail Transfer Protocol is used to send email over the internet
TCP/UDP - TCP
Give the answer for the following information:
Port Number - 53
Protocol -
TCP/UDP -
Port Number - 53
Protocol - (DNS) Domain Name Service is used to resolve hostnames to IPs and IPs to hostnames
TCP/UDP - Both
Give the answer for the following information:
Port Number - 69
Protocol -
TCP/UDP -
Port Number - 69
Protocol - (TFTP) Trivial FTP is used as a simplified version of FTP to put a file on a remote host, or get a file from a remote host
TCP/UDP - UDP
Give the answer for the following information:
Port Number - 80
Protocol -
TCP/UDP -
Port Number - 80
Protocol - (HTTP) Hyper Text Transfer Protocol is used to transmit web page data to a client for unsecured web browsing
TCP/UDP -TCP
Give the answer for the following information:
Port Number - 88
Protocol -
TCP/UDP -
Port Number - 88
Protocol - Kerberos is used for network authentication using a system of tickets within a windows domain
TCP/UDP - Both
Give the answer for the following information:
Port Number - 110
Protocol -
TCP/UDP -
Port Number - 110
Protocol - (POP3) Post Office Protocol v3 is used to receive email from a mail server
TCP/UDP - TCP
Give the answer for the following information:
Port Number - 119
Protocol -
TCP/UDP -
Port Number - 119
Protocol - (NNTP) Network News Transfer Protocol is used to transport usenet articles
TCP/UDP -TCP
Give the answer for the following information:
Port Number - 135
Protocol -
TCP/UDP -
Port Number - 135
Protocol - (RPC/DCOM-scm) Remote Procedure Call is used to locate DCOM ports to request a service from a program on another computer on the network
TCP/UDP - Both
Give the answer for the following information:
Port Number - 137-139
Protocol -
TCP/UDP -
Port Number - 137-139
Protocol - NetBIOS is used to conduct name querying, sending of data, and other functions over a NetBIOS connection
TCP/UDP - Both
Give the answer for the following information:
Port Number - 143
Protocol -
TCP/UDP -
Port Number - 143
Protocol - (IMAP) Internet Message Access Protocol is used to receive email from a mail server with more features than POP3
TCP/UDP - TCP
Give the answer for the following information:
Port Number - 161
Protocol -
TCP/UDP -
Port Number - 161
Protocol - (SNMP) Simple Network Management Protocol is used to remotely monitor network devices
TCP/UDP - UDP
Give the answer for the following information:
Port Number - 162
Protocol -
TCP/UDP -
Port Number - 162
Protocol - SNMPTRAP is used to send trap and informrequests to the SNMP manager on a network
TCP/UDP -Both
Give the answer for the following information:
Port Number - 389
Protocol -
TCP/UDP -
Port Number - 389
Protocol - (LDAP) Lightweight Directory Access Protocol is used to maintain directories of users and other objects
TCP/UDP - Both