Section 16 - Security Infrastructure Flashcards
What is the known ports, registered ports, unregistered ports?
Known ports - 1 to 1023
Registered ports - these are the port numbers that are normally assigned to proprietary application of different vendors
- Goes from 1024 to 49151
Ex - port 3389 for RDP
Unregistered ports - 59152 to 65535
What is SCP protocol and what is its port number?
TCP port 22
It is a protocol to securely copy data over the internet/network.
What port number is used by TFTP?
UDP 69
What port number is used by Kerberos?
UDP 88
What port number is used by NNTP?
NNTP stands for Network News Transfer Protocol
TCP port 119
What port number is used by RPC (Remote Procedure call)?
It runs on port number 135 and can use UDP or TCP.
It allows programs to execute code or make function calls on remote systems as it were a local call. It is often used as part of the Windows File sharing system.
What is NetBIOS and what port number does it use?
NetBIOS stands for Network Basic Input-Output.
Normally it is used by legacy systems for resolving names to IP addresses within the intranet. It can’t be used on the internet where we use DNS instead.
It uses port 137, 138, 139 (TCP or UDP)
What port number is used by SNMP (Simple Network Management Protocol)
SNMP uses UDP 161
SNMP trap uses UDP 162
What port number is used by LDAP?
LDAP uses TCP port 389
LDAP secure uses 636
What is SMB and what port number does it use?
It uses TCP port 445
It is used for file, printer sharing etc.
What port number is used by SMTP secure?
TCP port 587 or 465
What port number is used by syslog protocol?
UDP 514
Syslog protocol using TLS/SSL uses TCP port 6514
What port number is used by Microsoft SQL?
TCP port 1433
What port numbers are used by RADIUS server?
There are 4 ports it can use -
Ports 1645 and 1646 (TCP)
Ports 1812 and 1813 (UDP)
It is an 802.1X server.
What are different kinds of firewalls?
- Stateless Firewalls
- Statefull firewalls
- Proxy firewall - It is a firewall that makes connections on behalf of endpoints. These work at the network layer (often same as Stateful firewalls). Can be divided into 2 types -
- Layer 5 proxy firewall
- Application level
- Kernel Proxy firewall - NGFW - Next-generation firewall. It can perform deep inspection and can inspect at the application level and can differentiate between different kinds of data. It provides other additional security features.
- WAF - Web Application Firewall