“MMaybe I can’t read your servers’ minds, but the port numbers actually speak to me!
Because I told you. To joke. The problem with ports is that they are usually associated with specific use cases. In fact, they are sometimes reserved and must be chosen for a specific use case (service) to work.
Now, if you scan a system and find that port 80 is open and active, you know that machine is running a page that anyone can access. Perfect, we could start hacking there. Port 22 used? Someone is accessing the CLI and performing administrative activities? Port 443? It runs a protected website. Must be important. I smell a possible treasure. Port 2525? He sends letters. Maybe I can just respectfully email on his behalf. You had the idea.
Of course, it is not easy to track all these ports and you can search for them. Or maybe just bookmark this page and you’ll have an overview at your fingertips. Enjoy:
Staging..
In the modern (cyber) world, to find someone or something, you usually need an FQDN or an IP address to find it. There could be other ways, but that’s irrelevant now.
Wait, there’s more! Usually, if you want to talk to a service, you specify an IP address and a port number! (e.g. 127.123..::80; format:
Human readable example
In the real world, this is basically having a street name (IP) and a house number (port) to find the location of a house.
Local host as an example
IP 127.0.0.1 is the localhost. By entering this in your browser it will try to talk to your own computer as it is associated as a localhost. Now what to look for? If you add ::80 to the IP address, your browser knows that you are looking for exactly this port, regardless of the service offered. Usually, HTTP is associated with port 80. It is the protocol used to present a page without any authentication required. If you configure a service such as a web service on that specific port, the browser will actually open the page on the computer.
(this list will grow over time)
(use the browsers search to find the one you are looking for)
(Here is a simplified overview: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers)
Telnet, FTP, SMTP, HTTP, DNS, IMAP, POP3, PTP, SSH,
net: Used to interact with the remote control computers. Port 23.
FTP: File Transfer Protocol — used for transfer files from a server to a client. Usually the port 20 or 21.
HTTP: hypertext transfer protocol — used for or hypermedia transmission documents, such as HTML. It was designed for communication between web browsers and web server. Harbor 80
HTTPS: Same as HTTP, but with security extension (TLS). Port 443
DNS: Domain Name System — hierarchical and decentralized naming system used to identify computers and name resolution accessible via the internet. Harbor 53
SMTP: Simple Mail Transfer Protocol — used for send emails. Usually explicit SSL/TLS ports 587/2525; Implicit SS/TLS port 465; SMTP Relay port 25;
IMAP: Internet Message Access Protocol, used to receive emails — Port 143/993
POP3: Post Office Protocol — one-way client-server protocol in which e-mail is received and stored on the mail server. The client only downloads a copy, but is not the recipient. Port 110/995
SSH: Secure Shell Protocol — a cryptographic network protocol for remote login and command line execution. Port 22
PTP: Precision Time Protocol (PTP) – used to synchronize clocks through a computer network. Port 319/320
UDP, TCP
Ethernet, Token Ring, PPP, FDDI/ATM IEEE 802.3/802.11
JThanks for skimming over my blog post. If you’re wondering which ones you should learn and know by heart, here’s a recommendation: don’t force it. Keep your eyes peeled as you review technical details. The more often you see a port, the more relevant it is. Then try to remember it. You will associate them with an experience and you will remember them all your life. Health, peace OUT.
Source: Trust me on this one. I studied for the Data and Network Security exam in the MSc Applied IT Security program at RUB