The knowledge of our application ports and protocols is important for network security and management. In this video, you’ll learn about the popular application ports and protocols on your network.
<< Previous: Common TCP and UDP PortsNext: Main Menu >>
You may use a number of different protocols on your network to be able to transfer files from one device to the other. One of the more popular file transfer protocols is called FTP, for File Transfer Protocol. It uses TCP port 20 and TCP port 21 to be able to accomplish this communication.
It allows you to authenticate people with a username and password. You can remove different folders, add different folders, rename, and all of the things that you’re accustomed to when you’re working with a file system.
Something that doesn’t have quite so many bells and whistles is the Trivial File Transfer Protocol. This uses UDP port 69. And it is a very simple file transfer protocol that’s used to read information from a server and write information to a server. There’s no authentication, so no username and password. And you don’t really have access to a lot of file system functions. It’s really designed just to transfer data from one device to another.
Here’s FileZilla. This is a graphical front end for the FTP protocol. It allows me to communicate from one device to another and drag and drop or copy files from one to the other. Because I’m using the FTP protocol, I can also delete files, change folders, and manipulate the file system that’s on that remote device.
SNMP is the Simple Network Management Protocol. This is used by your network management functions to query devices like your switches, routers, and firewalls to get information about how that device may be performing. It uses UDP port 161 to facilitate this communication.
There are many different versions of SNMP. SNMP version 1 was the original version. And it was one that had a very structured way of communicating to the device. And it transferred information over the network in-the-clear without any type of encryption.
We also have SNMP version 2. This was a good next step. It allowed for some bulk transfers. Instead of asking for only one thing at a time, we could ask for a large number of statistics and get them all at once. But it was still in-the-clear, or non-encrypted communication.
SNMP version 3 is the latest version of the SNMP protocol. And it’s the one that you usually want to run. Because it has authentication. It has message integrity. And all of the communication is encrypted.
If you’re managing a server or a switch or a firewall over the network, you may need to connect to that device on a terminal screen at the command line. One way to do this is by using Telnet. Telnet uses TCP port 23. And then it gives you this console access.
Here’s a screenshot from one of my Telnet sessions. But this communication and everything I type into this communication is non-encrypted. If I was to type in a username and password, anybody who’s capturing the packets between my device and this other server would be able to see all of my username and all of my password information being sent over the network.
Because of that, we don’t tend to use Telnet whenever we’re administering these devices on our network. In fact, these days we don’t tend to use Telnet for anything that we’re going to want to secure and keep secure.
Instead of using Telnet, we’ll use something that looks and feels exactly like Telnet, but the entire communication is encrypted. This is SSH, or Secure Shell. This uses TCP port 22 and gives you the same console screen you would have in Telnet. But the entire communication is encrypted.
DNS is Domain Name Services. And this uses UDP port 53 to do these name lookups that we use to convert a name to IP address or an IP address back to a name. We rely on these DNS servers for almost everything that we do.
We don’t memorize the IP address to google.com or yahoo.com. We simply type that into our browser. DNS performs the name resolution. And we’re able to communicate to those servers. Because of this, we tend to have many different DNS servers so that if one DNS server is having a problem, we can still perform the name resolution using those backup servers.
The Dynamic Host Configuration Protocol, or DHCP, is used to automatically configure an IP address on a device. It uses UDP port 67 and UDP port 68 to send this information. And we, of course, need a DHCP server out on the network to be able to perform this automatic configuration.
You may be receiving a dynamic IP address on your device, which means you’ll get one that’s pulled from a large pool of IP addresses on the DHCP server. Or you may have a static IP address assigned to you. Your DHCP server may have a list of Mac addresses and IP addresses. And when it sees your device enter the network, it will give you the appropriate IP address that’s been assigned specifically for you.
To transfer files or to print in Microsoft Windows, we use a protocol called Server Message Block, or SMB. You might also hear this referred to as CIFS, or Common Internet File System. SMB can be sent a number of different ways. It can be sent using a NetBIOS over TCP/IP.
UDP port 137 is used for the name services so that you can find devices on a Windows Network by name. UDP port 138 is to send connectionless traffic over UDP between devices. And TCP port 139 is to send this NetBIOS session in TCP or a connection-oriented protocol.
You can also communicate from one device to another without the need for any of this NetBIOS. You can use TCP port 445 to have this direct SMB communication over TCP.
If you’re working with many devices or at a help desk role, then you’re probably going to use RDP. This is the Remote Desktop Protocol. And it uses TCP port 3389 to be able to share information that might be on another device.
This is something called Remote Desktop Services on many versions of Windows. This allows you to share the entire screen of a remote device or to just share an application that’s still running on that remote device, but you’re able to view it on your desktop.
There are many different operating systems that have applications that can use RDP. And you’ll find clients and servers that run in Windows and Mac OS and Linux and Unix and iPhone and Android and many others.
So here’s a list of all of the port numbers from this video. Our File Transfer Protocols, or FTP, ports TCP 20 and 21. And TFTP uses UDP port 69. Our SNMP protocol for network management uses UDP port 161.
If we need to communicate to a remote device at the command line, we would use Telnet for non-encrypted communication over TCP port 23. But we’ll generally always use SSH, which is an encrypted connection, over TCP port 22.
Our DNS and name services run over UDP port 53. And our automatic IP addressing with Dynamic Host Configuration Protocol uses UDP port 67 and 68. To transfer files in Windows, we use SMB, or TCP port 445. And to do remote desktop communication, you’d use RDP over TCP port 3389.