1.0 Networking Fundamentals
1.5 Common Ports and Protocols, and their Encrypted Alternatives
Ports Protocols
20/21 File Transfer Protocol (FTP) - File transfer functionality, unencrypted
22 Secure Shell (SSH) - Telecommunication network, encrypted
22 Secure File Transfer Protocol (SFTP) - File transfer functionality, encrypted
23 Telnet - Telecommunication network, unencrypted traffic
25 Simple Mail Transfer Protocol (SMTP) - Server to Server email, unencrypted
53 Domain Name System (DNS) - IP Address translation service
67/68 Dynamic Host Configuration Protocol (DHCP) - Automated configuration of IP Address service
69 Trivial File Transfer Protocol (TFTP) - Simple file transfer, UDP
80 Hypertext Transfer Protocol (HTTP) - Web data, unencrypted
110 Post Office Protocol v3 (POP3) - Receive email from an email server
123 Network Time Protocol (NTP) - Synchronizes the clocks between network devices, UDP
143 Internet Message Access Protocol (IMAP) - Receive email from an email server
161/162 Simple Network Management Protocol (SNMP) - Gathers data/stats from network devices. V1, v2 are unencrypted, V3 is encrypted.
389 Lightweight Directory Access Protocol (LDAP) - Network Directory data, unencrypted
443 Hypertext Transfer Protocol Secure (HTTPS) [Secure Socket Layer (SSL)] - Web data, encrypted
443 HTTPS [Transport Layer Security (TLS)] - Web data, encrypted, TLS is stronger than SSL
445 Server Message Block (SMB) - Windows file sharing, also goes by CIFS (Common Internet File System), TCP
514 Syslog - Log data, usually integrated into a SIEM, requires large disk space to database logs.
587 SMTP TLS - Server to Server email, encrypted
636 Lightweight Directory Access Protocol (Over SSL) (LDAPS) - Network Directory data, encrypted
993 IMAP over SSL - Email data, encrypted
995 POP3 over SSL - Email data, encrypted
1433 Structured Query Language (SQL) Server - Microsoft SQL database data
1521 SQLnet - Oracle SQL *Net, Oracle Net, Net8 data
3306 MySQL - Free and Open-source database data, acquired by Oracle
3389 Remote Desktop Protocol (RDP) - Connect to a device remotely
5060/5061 Session Initiation Protocol (SIP) - Manages VoIP (Voice over IP) signals and sessions.
IP Protocol Types
Internet Control Message Protocol (ICMP) - Messaging between network devices
TCP - Transmission Control Protocol, Connection-oriented (opens/closes a session) with built in reliability, packets are verified and acknowledged when received. Also has data flow control.
UDP - User Datagram Protocol, Connectionless (no session), no data flow control or packet verification/acknowledgement packets were received. Sends the packet and forgets.
Generic Routing Encapsulation (GRE) - Creates a tunnel between two endpoints, unencrypted without added built-in encryption.
Internet Protocol Security (IPsec) - OSI layer 3 security, packet authentication and encryption, common VPN protocol
Authentication Header (AH) - Provides data origin authentication, data integrity, and replay protection, unencrypted
Encapsulating Security Payload (ESP) - Provides data origin authentication, data integrity, and replay protection, encrypted
Connectionless vs Connection-Oriented
Connectionless - Does not establish a connection session.
Connection-Oriented - Establishes a (handshake) connection session.