To Memorize Flashcards
SSH
port 22 Secure Shell
Protocol allows secure remote admin of Linux servers and network equipment through text console. Uses public key cryptography. Pw and transmissions after login are encrypted.
TELNET
23, TELNET TCP
Legacy protocol being replaced by SSH. Allows remote admin of network devices through a text-based console. No encryption. Server/device listens for connection on port 23.
DNS
53 Domain Name Service
Used in translating fully qualified domain names to IP addresses. Decentralized hierarchical database used for resolving fully qualified domain names to IP addresses.
SMTP
Simple Mail Transport Protocol (tcp 25)
Protocol used to deliver emails to a destination mail server.
SFTP
22, Secure File Transfer Protocol, tcp
File transfer protocol that uses SSH. When SSH is installed on Linux, SFTP is automatically enabled to transfer files. Command is often scp (secure copy protocol). Since it uses SSH it awaits incoming connections on port 22.
FTP
File Transfer Protocol-20, 21 (tcp)
Legacy file-sharing protocol still commonly used. Being replaced with SFTP; SFTP offers encryption.
- Control Channel/Data Channel.
- Active Mode/Passive mode
- Control Channel listens for requests on TCP port 21.
- Sends data on port 20.
- Can cause issues at client firewall/NAT because server sends to port above 1023, from port 20….passive mode alleviates.
TFTP
69-Trivial File Transfer Protocol
TFTP server listens for requests on 69. Used to boot computers over the network with the Preboot Execution Environment (PXE). Also used to transfer software images for network devices (routers, switches) during software upgrades. No security, authentication.
DHCP
(67, 68) Dynamic Host Configuration Protocol UDP
Provides automatic configuration of IP addresses, subnet masks, and options such as Domain Name Server (DNS) servers and the remote gateway to network devices.
- operates in connectionless state.
- DHCP server listens for client requests on 67.
- CLIENTS send initial request FROM 68.
- SERVER responds, it to client port 68 from server port 67.
HTTP
80, Hyper Text Transfer Prot. TCP
Web page requests, web element requests. Web crawlers and mobile apps use 80 and http. Server listens on port 80.
Port 80
HTTP, Hyper Text Transfer Prot. TCP
Web page requests, web element requests. Web crawlers and mobile apps use 80 and http. Server listens on port 80.
HTTPS
Hyptertext Transfer Protocol. 443.
Provides same functionality as HTTP but also allows for the encryption of these transfers via a Secure Socket Layer.
Private key must be imported into the web server from a mutually trusted source.
Port 443
HTTPS, Hyptertext Transfer Protocol. TCP
Functionality of HTTP but also allows for encryption with Secure Socket Layer.
Private key must be imported into the web server from a mutually trusted source.
SNMP
161, Simple Network Management Prot
Used for the management of servers and network devices. Can collect data on memory, CPU, and bandwidth. Works with NMS network management station.
Port 161
SNMP, Simple Network Management Prot
Used for the management of servers and network devices. Can collect data on memory, CPU, and bandwidth. Works with NMS network management station.
What application uses tcp/3389?
RDP, Remote Desktop Protocol
MS protocol used for connecting to another Microsoft computer or server for remote admin.
RDP
3389, Remote Desktop Protocol, tcp
MS protocol used for connecting to another Microsoft computer or server for remote admin.
NTP
Network Time Protocol, 123, udp
Optimized for synchronizing clocks between computers over the Internet.
What is on udp/123?
NTP Network Time Protocol
Synchronizes clocks between devices
Automatic updates
What applications uses tcp/5060 and tcp/5061?
SIP Session Initiation Protocol. Used for VoIP service.
POP3 protocol?
TCP/110
Tcp/110
POP3
IMAP4 protcol?
143 tcp
What app uses tcp/143?
IMAP4
What is LDAP?
Lightweight Directory Access protocol
Store and retrieve network info.
Whats on tcp/389?
LDAP
What protcol does h.323 use?
tcp/1720
What is on tcp/1720?
h.323
ITU telecom
Setup and manages voip sessions
What does the session layer do?
The Session layer provides the mechanism for opening, closing, and managing a session between end-user application processes. Communication sessions consist of requests and responses that occur between applications.
What does the presentation layer do?
The presentation layer is responsible for the delivery and formatting of information to the application layer for further processing or display. It relieves the application layer of concern regarding syntactical differences in data representation within the end-user systems.
the Application layer of the OSI model in action.
Service Host: Network Services in Windows Task Manger.
All of those services run just below web browseres, email apps, etc. and represent the app layer of the OSI.
SMB
Server Message Block, TCP Port 445. SMB is a file and print sharing protocol that allows applications on a computer to read and write to files, and to request services from servers in a computer network.
When using the SMB protocol, an application (or the user of an application) can access folders, files, printers and other resources at a remote server.
What is RDP?
Remote Desktop Protocol (RDP) is a client-server based protocol that provides a user with a graphical user interface (GUI) to connect to another computer over a network connection. RDP is designed for secure communications between Windows Terminal Services Client and Windows Terminal Services Server. This protocol supports devices connected to the whole range of network sizes - from a WAN (such as over the Internet) on one end to a LAN (within an enterprise network) on the other. RDP uses port 3389 by default.
port 22
SSH Secure Shell AND SFTP
Protocol allows secure remote admin of Linux servers and network equipment through text console.
Uses public key cryptography. Pw and transmissions after login are encrypted.
22, Secure File Transfer Protocol, tcp
Since it uses SSH it awaits incoming connections on port 22.
port 53
DNS Domain Name Service
Used in translating fully qualified domain names to IP addresses.
port 25
SMTP Simple Mail Transport Protocol
Protocol used to deliver emails to a destination mail server. TCP.
port 69
TFTP, Trivial File Transfer Protocol
TFTP server listens for requests on 69. Used to boot computers over the network with the Preboot Execution Environment (PXE). Also used to transfer software images for network devices (routers, switches) during software upgrades. No security, authentication.
port 23
TELNET TCP
Legacy protocol being replaced by SSH. Allows remote admin of network devices through a text-based console. No encryption. Server/device listens for connection on port 23.
port 123
NTP. Network Time Protocol, 123, udp
Optimized for synchronizing clocks between computers over the Internet.
SIP
(5060, 5061), Session Initiation Protocol
Communications protocol for the setup and signaling of VoIP calls. Does not transport the media stream-assists in setting up the media stream for the sess. Can be encrypted by using TLS on UDP port 5061. ALso used in SIP trunk which connects VoIP PBX to PSTN.
5060, 5061
SIP, Session Initiation Protocol.
Communications protocol for the setup and signaling of VoIP calls. Does not transport the media stream-assists in setting up the media stream for the sess. Can be encrypted by using TLS on UDP port 5061. ALso used in SIP trunk which connects VoIP PBX to PSTN.
SMB
445, Server Message Block.
Common network file and printer sharing protocol that is used with MS products.
445
SMB, Server Message Block.
Common network file and printer sharing protocol that is used with MS products.
POP
110, Post Office Protocol. TCP
Allows email clients to log in and retrieve email.
110
POP, Post Office Protocol.
Allows email clients to log in and retrieve email.
IMAP
143, Internet Message Access Proto.
Used to allow email clients to retrieve and read email on the server. IMAP over SSL operates on 993.
143
IMAP, Internet Message Access Proto.
Used to allow email clients to retrieve and read email on the server. IMAP over SSL operates on 993.
LDAP
389, Lightweight Directory Access Proto.
Application protocol that can search a directory service for objects. MS AD is an example of a directory service that uses LDAP to locate objects. AD uses directory services to locate objects such as domain controllers (DCs), user objects for Group Policy (GP) application.
389
LDAPS, Lightweight Directory Access Proto.
Application protocol that can search a directory service for objects. MS AD is an example of a directory service that uses LDAP to locate objects. AD uses directory services to locate objects such as domain controllers (DCs), user objects for Group Policy (GP) application.
LDAPS
636, LDAP over SSL.
By installing an SSL certificate into AD, you can enable the LDAPS protocol.
H.323
1720, H.232
Telco standard for comms over the Internet. H.232 encompasses all of the communications technologies used by VoIP and videoconferencing.
ICMP
Internet Control Message Protocol. A support protocol for TCP/IP that operates alongside of the IP protocol on the network layer. ping, tracert, etc. Used by devices (routers) to identify operation problems, such as a a gateway that is no longer responsive. ICMP has bigger role with IPv6. There it also does Neighbor Discovery Protocol (NDP), which is like ARP in IPv4.
UDP
User Datagram Protocol. Connectionless transport layer protocol. Data passed from one IP addy to the next. Sender doesn’t know if anyone listening. No receipt acknowledgments. Data blocks sent unsequenced. But it’s fast. NTP uses it for “what time is it?” queries. Good for fast easy transmissions too. UDP can work with other protocols which may have tools it lacks.
TCP
Transmission Control Protocol. Connection oriented transport layer protocol. 3-way handshake, reliable comms, receipts. When sender receiver use syn/ack flags in tcpheader to negotiate window size, connection established. FIN flag in tcp header breaks connection at end.
IP
Internet Protocol. Allows for the logical addressing of networks and hosts. UDP and TCP protocols function on top of the IP protocol. UDP/TCP handle data for the applications. IP protocol is responsible for encapsulating these protocols and delivering them to the appropriate address.
568a Wiring
GrW, Gr, Ow, Bl, Blw, O, BrW, Br
568b Wiring
Ow, O, GrW, BlW, Bl, Gr, BrW, Br
A
Address record. A records allow a host to resolve a FQDN to an IPv4 address.
AAAA
Quad A Record. AAAA records allow a host to resolve a FQDN to an IPv6 address.
TXT
Used for:
Allows text to be queried via DNS.
Proof of ownership of a domain.
Management of search engine crawling.
SRV
Service Locator Records used to locate services like LDAP.
MX
Mail Exchanger.
If you want to receive mail from other mail servers you must publish an MX record for your mail server.
MX records assist a mail server in identifying the mail server for your domain.
CNAME
Canonical name record allows a FQDN to resolve to an A record.
Handy when you have one host with multiple names.
SOA
Start of authority. Defines a zone file, and allow secondary DNS servers to know when the zone file has changed.
PTR
Pointer record points the IP address to a FQDN.
