3. PORTS AND PROTOCOLS
2
Hardware Ports
a portserves as an interface between the computerand other computers
or peripheral devices.In computerterms, a port generally refers to
the female part of connection.Computerports have many uses, to connect
a monitor, webcam, speakers,or other peripheral devices.On the physical
layer, a computerport is a specialized outlet on a piece of equipmentto
which a plug or cable connects.
Typers of
ports
Hardware
ports
Software
ports
4. PORTS AND PROTOCOLS
3
Software ports
A software port (usually just called a 'port') is a virtual/logical data
connection that can be used by programs to exchange data directly.
The most commonof these are TCP and UDP ports, which are used to
exchange data between computers on the
Internet.
TCP :-
TCP is a connection-oriented protocol;it creates a virtual connection
between two TCPs to send data. In addition, TCP uses flow and error
control mechanisms at the transport level.
UDP :-
The User Datagram Protocol(UDP) is called a connectionless,unreliable
transport protocol.It does not add anything to the services of IP except to
provide process-to-processcommunicationinstead of host-to-host
communication.
5. PORTS AND PROTOCOLS
4
1-File Transfer Protocol (FTP)
• Port number (20-21)
• FTP stands for File Transfer Protocol
• Protocol for transferring files over a network. It supports
both anonymous and password-mediated access.
• FTP is one of the most commonly used file transfer
protocols on the Internet and within private networks. An
FTP server can easily be set up with little networking
knowledge and provides the ability to easily relocate files
from one system to another. FTP control is handled on TCP
port 21 and its data transfer can use TCP port 20 as well as
dynamic ports depending on the specific configuration.
6. PORTS AND PROTOCOLS
5
2- Secure Shell (SSH)
• Port number (22)
• SSH stands for Secure Shell
• Its an encrypted remote access tool. It supports file
transfers and encrypting other protocols.
• SSH is the primary method used to manage network
devices securely at the command level. It is typically used
as a secure alternative to Telnet which does not support
secure connections.
7. PORTS AND PROTOCOLS
6
3-Telnet
• Port number (23)
• It’s seldom used today, although its client program, telnet,
can be a useful network diagnostic tool.
• Telnet is the primary method used to manage network
devices at the command level. Unlike SSH which provides
a secure connection, Telnet does not, it simply provides a
basic unsecured connection. Many lower level network
devices support Telnet and not SSH as it required some
additional processing. Caution should be used when
connecting to a device using Telnet over a public network
as the login credentials will be transmitted in the clear.
8. PORTS AND PROTOCOLS
7
4-Simple Mail Transfer Protocol (SMTP)
• Port number (25)
• SMTP stands for Simple Mail Transfer Protocol
• Main protocol for moving email on the Internet. The sender
initiates SMTP transfers
• SMTP is used for two primary functions, it is used to
transfer mail (email) from source to destination between
mail servers and it is used by end users to send email to a
mail system.
9. PORTS AND PROTOCOLS
8
5-Domain Name System (DNS)
• Port number (53)
• DNS stands for Domain Name Service
• enables computers to look up an IP address by providing a
hostname, or vice-versa.
• The DNS is used widely on the public internet and on
private networks to translate domain names into IP
addresses, typically for network routing. DNS is hieratical
with main root servers that contain databases that list the
managers of high level Top Level Domains (TLD) (such as
.com). These different TLD managers then contain
information for the second level domains that are typically
used by individual users (for example, cisco.com). A DNS
server can also be set up within a private network to private
naming services between the hosts of the internal network
without being part of the global system.
10. PORTS AND PROTOCOLS
9
6-Dynamic Host Configuration Protocol (DHCP)
• Port number (67/68)
• DHCP stands for Dynamic Host Configuration Protocol
• DHCP is used on networks that do not use static IP address
assignment (almost all of them). A DHCP server can be set
up by an administrator or engineer with a poll of addresses
that are available for assignment. When a client device is
turned on it can request an IP address from the local DHCP
server, if there is an available address in the pool it can be
assigned to the device. This assignment is not permanent
and expires at a configurable interval; if an address renewal
is not requested and the lease expires the address will be
put back into the poll for assignment.
11. PORTS AND PROTOCOLS
10
7-Trivial File Transfer Protocol (TFTP)
• Port number (69)
• TFTP offers a method of file transfer without the session
establishment requirements that FTP uses. Because TFTP
uses UDP instead of TCP it has no way of ensuring the file
has been properly transferred, the end device must be able
to check the file to ensure proper transfer. TFTP is typically
used by devices to upgrade software and firmware; this
includes Cisco and other network vendors’ equipment.
12. PORTS AND PROTOCOLS
11
8-Finger
• Port number (79)
• Finger servers provide information about the users of their
computers by opening and listening for incoming TCP
connections on port 79. This information typically included
the user's full name, address, telephone number, title, job
name, office location, telephone extension, and so on.
9-Hypertext Transfer Protocol (HTTP)
• Port number(80)
• HTTP is one of the most commonly used protocols on most
networks. HTTP is the main protocol that is used by web
browsers and is thus used by any client that uses files
located on these servers.
13. PORTS AND PROTOCOLS
12
10-Post Office Protocol (POP) version 2-3
• Port number (109–110)
• POP stands for Post Office Protocol
• It enables a recipient to initiate an email transfer, it’s often
used as the last leg in email delivery, from a server to the
recipient.
• POP version 3 is one of the two main protocols used to
retrieve mail from a server. POP was designed to be very
simple by allowing a client to retrieve the complete
contents of a server mailbox and then deleting the contents
from the server.
14. PORTS AND PROTOCOLS
13
11-Structured Query Language(SQL)
• Port number (118)
• SQL stands for Structured Query Language
• Its a network-enabled database interface language. If you
run an SQL server on your network, client computers can
access and modify that database.
12-Network Time Protocol (NTP)
• Port number(123)
• One of the most overlooked protocols is NTP. NTP is used
to synchronize the devices on the Internet. Even most
modern operating systems support NTP as a basis for
keeping an accurate clock. The use of NTP is vital on
networking systems as it provides an ability to easily
interrelate troubles from one device to another as the clocks
are precisely accurate.
15. PORTS AND PROTOCOLS
14
13-DCOM-SCM
• Port number(135)
• DCOM Service Control Manager
• The SCM server running on the user's computer opens port
135 and listens for incoming requests from clients wishing
to locate the ports where DCOM services can be found on
that machine
14-NetBIOS
• Port number(137/138/139)
• NetBIOS itself is not a protocol but is typically used in
combination with IP with the NetBIOS over TCP/IP (NBT)
protocol. NBT has long been the central protocol used to
interconnect Microsoft Windows machines.
16. PORTS AND PROTOCOLS
15
15-Internet Message Access Protocol (IMAP)
• Port number (143)
• IMAP stands for Internet Message Access Protocol
• Its another recipient-initiated email transfer protocol,
similar to POP. IMAP makes it easier for recipients to
permanently store and manage email on the server
computer, though.
• IMAP version3 is the second of the main protocols used to
retrieve mail from a server. While POP has wider support,
IMAP supports a wider array of remote mailbox operations
which can be helpful to users.
17. PORTS AND PROTOCOLS
16
16-Simple Network Management Protocol
(SNMP)
• Port number (161/162)
• SNMP is used by network administrators as a method of
network management. SNMP has a number of different
abilities including the ability to monitor, configure and
control network devices. SNMP traps can also be
configured on network devices to notify a central server
when specific actions are occurring. Typically, these are
configured to be used when an alerting condition is
happening. In this situation, the device will send a trap to
network management stating that an event has occurred and
that the device should be looked at further for a source to
the event.
18. PORTS AND PROTOCOLS
17
17-Border Gateway Protocol (BGP)
• Port number (179)
• BGP version 4 is widely used on the public internet and by
Internet Service Providers (ISP) to maintain very large
routing tables and traffic processing. BGP is one of the few
protocols that have been designed to deal with the
astronomically large routing tables that must exist on the
public Internet
19. PORTS AND PROTOCOLS
18
18-Lightweight Directory Access Protocol
(LDAP)
• Port number (389)
• LDAP stands for Lightweight Directory Access Protocol
• A network protocol for accessing directories, which in this
context are a type of database.
• LDAP provides a mechanism of accessing and maintaining
distributed directory information. LDAP is based on the
ITU-T X.500 standard but has been simplified and altered
to work over TCP/IP networks.
20. PORTS AND PROTOCOLS
19
19-Hypertext Transfer Protocol over SSL/TLS
(HTTPS)
• Port number (443)
• HTTPS is used in conjunction with HTTP to provide the
same services but doing it using a secure connection which
is provided by either SSL or TLS.
20-Lightweight Directory Access Protocol over
TLS/SSL (LDAPS)
• Port number (636)
• Just like HTTPS, LDAPS provides the same function as
LDAP but over a secure connection which is provided by
either SSL or TLS
21. PORTS AND PROTOCOLS
20
21-Simple Network Paging Protocol (SNPP)
• Port number (444)
• Simple Network Paging Protocol (SNPP) is a protocol
that defines a method by which a pager can receive a
message over the Internet. It is supported by most major
paging providers, and serves as an alternative to the paging
modems used by many telecommunications services.
22-Routing Information Protocol
• Port number (520)
• The Routing Information Protocol (RIP) is one of the
oldest distance-vector routingprotocols which employ the
hop count as a routing metric. RIP prevents routing loops
by implementing a limit on the number of hops allowed in
a path from source to destination.
22. PORTS AND PROTOCOLS
21
23-Dynamic Host Configuration Protocol
(DHCP)
• Port number (546/547)
• Dynamic Host Configuration Protocol (DHCP) is a
network protocol that enables a server to automatically
assign an IP address to a computer from a defined range of
numbers (i.e., a scope) configured for a given network
24-MS-SQL-S
• Port number (1433)
• Microsoft-SQL-Server
• Microsoft's SQL Server, including the desktop editions that
are often silently installed with other Microsoft
applications, opens and services queries delivered over
incoming TCP connections through this port.
23. PORTS AND PROTOCOLS
22
25-MS-SQL-M
• Port number (1434)
• Microsoft-SQL-Monitor
• Microsoft's SQL Server, including the desktop editions that
are often silently installed with other Microsoft
applications, opens and services queries delivered over
incoming UDP connections through this port.
26- Simple Service Discovery Protocol (SSDP)
• Port number (1900)
• UPnP Simple Service Discovery Protocol
• This UDP port is opened and used by Universal Plug N'
Play (UPnP) devices to receive broadcasted messages from
other UPnP devices. UPnP devices broadcast subnet-wide
messages to simultaneously reach all other UPnP devices.
24. PORTS AND PROTOCOLS
23
27-Network File System
• Port number (2049)
• NFS stands form Network File System
• A protocol, and a server of the same name, for file sharing
between Unix and Unix-like OSs
28-MySQL
• Port number (3306)
Used as a database. MySQL is a database system used on
the web.
MySQL is a database system that runs on a server
25. PORTS AND PROTOCOLS
24
28-Remote Desktop Protocol(RDP)
• Port number (3389)
• Remote Desktop Protocol (RDP) is a proprietary protocol
developed by Microsoft, which provides a user with a
graphical interface to connect to another computer over a
network connection. The user employs RDP client software
for this purpose, while the other computer must
run RDP server software
26. PORTS AND PROTOCOLS
25
29-Virtual Network Computing
• Port number (5900)
• This port (and port 5800) are opened by the VNC system
allowing remote multi-platform console access.
30-WHOIS
• Port number (43)
• WHOIS is a query and response protocol that is widely
used for querying databases that store the registered users
or assignees of an Internet resource, such as a domain
name, an IP address block, or an autonomous system, but is
also used for a wider range of other information.