Knowledge Base
Getting Started
This will help you along your journey towards IT Success
Common Ports and Protocol
Common Port Numbers to remember
Web Services
Security protocols
File transfer
Email
Network services
Network management
Transport protocols
Control protocols
The TCP/IP (frequently referred to as the internet protocol suite) is the most widely used protocol suite. They developed it to work independently of the physical network architecture. You can use a wide variety of architectures with the TCP/IP protocol suite.
The following table lists protocols in the TCP/IP protocol suite:
Web services:
-
Hypertext Transfer Protocol (HTTP) 80
Used by browsers and web servers to exchange files (such as web pages) through the world wide web and intranets. HTTP is an information requesting and responding protocol.
It is typically used to request and send web documents, but can also be used as the protocol for communication between agents that employ different TCP/IP protocols.
-
HTTP over SSL (HTTPS) 443
Is a secure form of HTTP that uses SSL to encrypt data before we transmit it across the network.
-
Structured Query Language (SQL) 1433
Is a language designed specifically to request data from a database. Requests take the form of a query (basically a question) that asks the database to provide specific information.
-
SQLnet 1521
Uses Oracle's Transparent Network Substrate. This technology is a foundation that provides a generic interface for network protocols to connect to a network of applications.
Both the client and the server communicate with each other using SQLnet, which serves as an interpreter between the two.
-
MySQL 3306
Is an open-source relational database management system (RDBMS). This means that MySQL organizes data into tables by data type to help structure the data.
MySQL is used to create, change, and extract
Security Protocols
Secure Sockets Layer (SSL)
Secures messages being transmitted on the internet. It uses RSA for authentication and encryption. Web browsers use SSL to ensure safe web transactions.
URLs that begin with HTTPS:// trigger your web browser to use SSL.
Transport Layer Security (TLS)
Ensures that messages being transmitted on the internet are private and tamper-proof. We implement TLS through two protocols:
• TLS Record can provide connection security with encryption (for example, with DES).
• TLS Handshake provides mutual authentication and choice of encryption method.
TLS version 1.2 (TLS1.2) is an updated version that improves security flaws found in TLS 1.0 and 1.1
File transfer
File Transfer Protocol (FTP) 20/21
-
Provides a generic method for transferring files. It can protect access to files by requiring usernames and passwords. It allows file transfer between dissimilar computer systems.
-
FTP can transfer both binary and text files, including HTML, to another host. FTP URLs are preceded by ftp:// followed by the DNS name of the FTP server.
-
To log in to an FTP server, enter ftp:// username@servername.
-
The FTP protocol does not use encryption. All data, including user names, passwords, and files, are sent over the network as clear text.
Trivial File Transfer Protocol (TFTP) 69
-
Is like FTP. It lets you transfer files between a host and an FTP server. However, it does not provide user authentication or error detection.
-
We often used TFTP when files need to be transferred between systems quickly. Because it does not perform error detection, TFTP is faster than FTP but is susceptible to transmission errors.
Secure File Transfer Protocol (SFTP) 22
-
Uses Secure Shell (SSH) to secure data transfers. SSH ensures that SFTP transmissions use encrypted commands and data, which prevents clear-text data transmissions.
Secure Copy (SCP)
-
Used to transfer files securely between systems. Like SFTP, SCP relies on SSH to ensure that it does not transmit data and passwords over the network in clear text.
Simple Mail Transfer Protocol (SMTP) 25
Used to route electronic mail through the inter-network. SMTP is the protocol used:
-
Between mail servers for sending and relaying mail.
-
By all email, clients to send mail.
-
Some email client programs, such as Microsoft Outlook, receive mail from an exchange server.
You can make SMTP more secure by adding an encryption protocol, such as TLS (SMTPS). The port for SMTPS is 587.
Post Office Protocol 3 (POP3) 110
Used to retrieve email from a remote server and download it to a local client over a TCP/IP connection. You can make POP3 a more secure protocol by adding SSL. In this case, use the port number 995.
An email client that uses POP3 for receiving mail uses SMTP for sending mail.
Internet Message Access Protocol version 4 (IMAP4) 143
Is an email retrieval protocol designed to enable users to access email from various locations without the need to transfer messages or files back and forth between computers.
Messages remain on the remote mail server and are not automatically downloaded to a client system. You can make IMAP a more secure protocol by adding SSL. If that is the case, use port number 993.
An email client that uses IMAP4 for receiving mail uses SMTP for sending mail.
Network services
Dynamic Host Configuration Protocol (DHCP) 67/68
Used to assign addresses automatically and other configuration parameters to network hosts. Using a DHCP server, hosts receive configuration information at startup. This reduces the amount of manual configuration required for each host.
Domain Name System (DNS) 53
Is a distributed system throughout the inter-network that provides address and name resolution. For example, it maps www.mydomain.com to a specific IP address.
Network Time Protocol (NTP) 123
Used to communicate time synchronization information between systems on a network.
Lightweight Directory Access Protocol (LDAP) 389
-
Used to search, retrieve data from, and update a directory service. The LDAP protocol follows a client/server model.
-
One or more LDAP servers contain the directory data. The LDAP client connects to an LDAP server to make a directory service request. By default, LDAP traffic is transmitted as unsecured.
Secure Lightweight Directory Access Protocol (LDAPS) 636
Is the lightweight directory access protocol over TLS/SSL Using LDAPS makes LDAP traffic confidential and secure. LDAPS uses TCP port 636.
Network management
Simple Network Management Protocol (SNMP) 161/162
-
Simple Network Management Protocol is designed for managing complex networks. SNMP lets network hosts exchange configuration and status information.
-
The information can be gathered by management software and used to monitor and manage the network.
Remote Terminal Emulation (Telnet) 23
-
Allows a computer to remotely access the console of a computer system located somewhere else in the network. At one time, Telnet was widely used for remote management tasks, but it is rarely used today.
-
Because Telnet does not use encryption, it is recommended that you use a secure alternative to Telnet (such as SSH) for remote management tasks.
Secure Shell (SSH) 22
-
Allows for secure interactive control of remote systems. SSH uses RSA public key cryptography for both connection and authentication.
-
SSH uses the IDEA algorithm for encryption by default, but it can use Blowfish and DES. SSH is a secure and preferred alternative to Telnet.
Syslog 514
-
Is a standard for managing and sending log messages from one computer system to another. The Syslog process controls the distribution of logging messages to various destinations depending on the configuration.
-
For example, messages can be sent to memory, to a file, or to a Syslog server. On some devices, such as switches and routers, it can:
• Display log messages on the screen.
• Analyze messages.
• Notify administrators about problems and performance.
Remote Desktop Protocol (RDP) 3389
Used to manage devices without being physically present at the console. A remote desktop connection has three components.
• The target.
• The remote desktop client.
• A remote desktop protocol that specifies how information is passed between the target and the client.
For Windows, the Remote Desktop Protocol (RDP) from Microsoft is widely used. Versions for Mac OS and Linux are also available
Transport protocols
Transmission Control Protocol (TCP)
Provides services that ensure accurate and timely delivery of network communications between two hosts. TCP provides the following services to ensure message delivery.
-
Sequencing of data packets.
-
Flow control.
-
Error checking.
-
Acknowledgement of packets sent.
-
Retransmission of lost packets.
User Datagram Protocol (UDP)
-
Is a host-to-host protocol like TCP, but it does not acknowledge each packet transmitted, nor does it allow for retransmission of lost packets.
-
The reduced overhead allows for faster communications. It makes UDP ideal for applications like streaming audio and video. However, this speed comes at the expense of possible errors or data loss.
Session Initiation Protocol (SIP) 5060/5061
-
Is an open source VoIP protocol. While many manufacturers like to use their own protocols, most major manufacturers make SIP-compatible phones and phone systems.
-
Smaller manufacturers almost exclusively use SIP because it's so prevalent.
Control protocols
Internet Control Message Protocol (ICMP) 7
Works closely with IP to prevent errors and control information by allowing hosts to exchange packet status information. Two common management utilities, ping and traceroute, use ICMP messages to check network connectivity.
ICMP also works with IP to send notices for the following:
-
When destinations are unreachable.
-
Which route and hops a packet takes through the network.
-
Whether devices can communicate across the network.
Internet Group Management Protocol (IGMP) 2
-
IGMP defines host groups. All group members can receive broadcast messages (multicasts) intended for the group.
-
Multicast groups can be composed of devices within the same network or across networks (connected with a router).
Click here >> for a list of common port numbers and services