Know your protocols – Protocols, ports and their magical usage // In the context of cybersecurity. | by Reza Asif | Jul 2022

picture by Michel Dziedzic on Unsplash

“MMaybe I can’t read your servers’ minds, but the port numbers actually speak to me!

picture by girl in red hat on Unsplash

Because I told you. To joke. The problem with ports is that they are usually associated with specific use cases. In fact, they are sometimes reserved and must be chosen for a specific use case (service) to work.

Now, if you scan a system and find that port 80 is open and active, you know that machine is running a page that anyone can access. Perfect, we could start hacking there. Port 22 used? Someone is accessing the CLI and performing administrative activities? Port 443? It runs a protected website. Must be important. I smell a possible treasure. Port 2525? He sends letters. Maybe I can just respectfully email on his behalf. You had the idea.

Of course, it is not easy to track all these ports and you can search for them. Or maybe just bookmark this page and you’ll have an overview at your fingertips. Enjoy:

Staging..

In the modern (cyber) world, to find someone or something, you usually need an FQDN or an IP address to find it. There could be other ways, but that’s irrelevant now.

Wait, there’s more! Usually, if you want to talk to a service, you specify an IP address and a port number! (e.g. 127.123..::80; format: ::

Human readable example

In the real world, this is basically having a street name (IP) and a house number (port) to find the location of a house.

Local host as an example

picture by Marcus Winkler on Unsplash

IP 127.0.0.1 is the localhost. By entering this in your browser it will try to talk to your own computer as it is associated as a localhost. Now what to look for? If you add ::80 to the IP address, your browser knows that you are looking for exactly this port, regardless of the service offered. Usually, HTTP is associated with port 80. It is the protocol used to present a page without any authentication required. If you configure a service such as a web service on that specific port, the browser will actually open the page on the computer.

(this list will grow over time)
(use the browsers search to find the one you are looking for)

(Here is a simplified overview: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers)

picture by Farhan Azam on Unsplash

Telnet, FTP, SMTP, HTTP, DNS, IMAP, POP3, PTP, SSH,

net: Used to interact with the remote control computers. Port 23.

FTP: File Transfer Protocol — used for transfer files from a server to a client. Usually the port 20 or 21.

HTTP: hypertext transfer protocol — used for or hypermedia transmission documents, such as HTML. It was designed for communication between web browsers and web server. Harbor 80

HTTPS: Same as HTTP, but with security extension (TLS). Port 443

DNS: Domain Name System — hierarchical and decentralized naming system used to identify computers and name resolution accessible via the internet. Harbor 53

SMTP: Simple Mail Transfer Protocol — used for send emails. Usually explicit SSL/TLS ports 587/2525; Implicit SS/TLS port 465; SMTP Relay port 25;

IMAP: Internet Message Access Protocol, used to receive emailsPort 143/993

POP3: Post Office Protocol — one-way client-server protocol in which e-mail is received and stored on the mail server. The client only downloads a copy, but is not the recipient. Port 110/995

SSH: Secure Shell Protocol — a cryptographic network protocol for remote login and command line execution. Port 22

PTP: Precision Time Protocol (PTP) – used to synchronize clocks through a computer network. Port 319/320

UDP, TCP

Ethernet, Token Ring, PPP, FDDI/ATM IEEE 802.3/802.11

picture by Terry Vlisidis on Unsplash

JThanks for skimming over my blog post. If you’re wondering which ones you should learn and know by heart, here’s a recommendation: don’t force it. Keep your eyes peeled as you review technical details. The more often you see a port, the more relevant it is. Then try to remember it. You will associate them with an experience and you will remember them all your life. Health, peace OUT.

Source: Trust me on this one. I studied for the Data and Network Security exam in the MSc Applied IT Security program at RUB


Source link