Key Concepts of Host-to-Host Protocols have been reviewed in our last part, but like me some of you may be more visually oriented, so here you are:
…and just one more for you…
Now, Port Numbers are of great importance for both understanding and troubleshooting purposes. You can find lists of Port Numbers for various applications, but for the CCENT/CCNA study purposes what follows should be sufficient.
Below is a rather extensive listing, but not all-inclusive, for the TCP/UDP Port Numbers. It will be helpful in the big picture, but the above picture views will be more than sufficient for anyone testing out.
port / protocol | service name | common UNIX daemon(s) | additional remarks |
20/tcp and 21/tcp | ftp (file transfer protocol) data and login control | in.ftpd,wu.ftpd,proftpd; launched by inetd | obsolete:insecure, because unencrypted and difficult to harden service, please use sshd and scp or sftp instead (see below) |
22/tcp | ssh (Secure SHell) | sshd | secure, because fully encrypted remote login (ssh) and copy (scp and sftp) service, please use exclusively this full substitute instead of the obsolete ftp, telnet, rlogin, rsh, rcp and so on! |
23/tcp | telnet (remote login) | in.telnetd, launched by inetd | obsolete: unencrypted login, use sshd and ssh instead, see above |
25/tcp | smtp (simple mail transfer protocol) | sendmail, postfix, qmail, etc. | standard mail protocol since 30 years, only way to communicate world wide with messages without http measures, for your privacy you need to encrypt mails preferably with the free PGP (pretty good privacy) |
53/udp and 53/tcp | DNS (domain name system) | bind (Berkeley Internet Name Domain) | the name service of the Internet, used by http, smtp and all others to resolve symbolic names into the IP layer addresses, name resolution is done via udp, zone transfers between several name servers via tcp |
80/tcp | http (Hyper Text Transfer Protocol) = www (World Wide Web) | httpd (= apache, A PAtCHy [web] sErver) | the Internet/web service, unencrypted port (see below, 443, for encrypted counterpart) for standard data transfer from web servers to user agents (browsers, robots, download tools) |
88/tcp | kerberos | krshd | high security special purpose protocol with ticket system and so on |
110/tcp | pop3 (Post Office Protocol version 3) | popper, launched by inetd | post retrieval service of storing mail servers with encryption possibilities |
111/udp | (sun)rpc (remote procedure call) | rpc.statd, rpc.rusersd,rpc.walld | insecure remote calls of special information services |
119/tcp | nntp (Network News Transfer Protocol) | leafnode | the internet news server query service |
123/udp | ntp (Network Time Protocol) | (x)ntpd | modern world wide time service for synchronisation with nuclear clock driven time standard |
137/udp | netbios-ns (NETBIOS Name Service) | nmbd | special name service for a still too widespread proprietary OS and its SMB (Server Message Block) system, needed in union with the following service |
139/tcp | netbios-ssn (NETBIOS Session Service Network) | smbd (Samba daemon) | special session service for that proprietary OS and its SMB (Server Message Block) system, works together with immediately above service |
143/tcp | imap2 (Internet Message Access Protocol version 2) | imapd (Interactive Mail Access Protocol Daemon), launched by inetd | rather insecure and therefore only locally suitable mail retrieval service, for non-local purposes prefer pop3 (see above) |
161/tcp | snmp (Simple Network Management Protocol) | snmpd | base of communication between very different technical units (not only computers), they have to share the network capability and these protocol rules only: CAUTION: very insecure (no limiting of allowed requesting IP addresses possible) |
194/tcp | irc (Internet Relay Chat) | ircd | the Internet chat service |
220/tcp | imap3 (Interactive Mail Access Protocol version 3) | imapd | modern mail retrieval service, successor of imap2 (see above), but still pop3 may the better alternative (see above too) |
389/tcp | ldap (Lightweight Directory Access Protocol) | ldapd | network distributed, domain organized directory service, connection part, see also immediately below |
389/udp | ldap (Lightweight Directory Access Protocol) | slapd (Standalone Lightweight Access Protocol Daemon | network distributed, domain organized directory service, listener/contoller part, see also immediately above |
443/tcp | https (HyperText Transfer Protocol Secure) | httpd (= apache) | encrypted (via TLS/SSL) counterpart to above http/80 entry, the only acceptable way, to do online credit card transactions |
514/udp | system log listener | syslogd | always active to log other hosts informations, because otherwise the daemon won’t start |
515/tcp | print spooler | lpd (Line Printer Daemon) | network printer queue |
554/tcp | rtsp (Real Time Stream Protocol) | rsvpd (Resource reSerVations Protocol Daemon) | used by Real Media for video and audio streaming |
631/tcp | ipp (Internet Printing Protocol) | cupsd — CUPS (Common Unix Printing System) Daemon | unencrypted port for (local) printer access via browser and CUPS client |
744/udp | flexlm (FLEXible License Manager) | lmgrd (License ManaGeR Daemon) | network bound license evaluation system |
901/tcp | swat (Samba Web Administration Tool) | swat, launched by inetd | browser/web bound Samba administration (see above, 137/nmbd and 139/smbd), use with care: it’s not encrypted without additional measures |
993/tcp | imaps (Interactive Mail Access Protocol Secure version 4) | imapd, launched by inetd | TLS/SSL encrypted mail retrieval system (see also imap above) |
994/tcp | ircs (Internet Relay Chat Secure) | ircd | the Internet chat system TLS/SSL encrypted, see also irc above |
995/tcp | pop3s (Post Office Protocol Secure version 3) | popper, launched by inetd | TLS/SSL encrypted mail retrieval system (see also pop3 above) |
2049/tcp | NFS (Network File System by Sun) | nfsd, rpc.nfsd, needs (sun)rpc and portmap too | network sharing of filesystems, only suitable for local networks |
2049/udp | NFS (Network File System by Sun) | rpc.mountd needs (sun)rpc and portmap too | network sharing of filesystems, only suitable for local networks |
2401/tcp | cvspserver (Concurrent Version System Password server) | cvs, launched by inetd (alternatively by sshd, see above) | RCS (revision control system) based network version control, suitable even for Internet cooperation, but than usage via ssh (see above) is recommended, because this pserver protocol does only a not really secure scrambling of passwords (only suitable for anonymous checkout otherwise) |
6000/tcp (–6063/tcp) | x11 | X (X window system server) | standard GUI base server of the X/Open Group, the ports above 6000 up to 6063 are addressed via display (variable: upper case) setting to 1, 2 and so on, instead of 0, for the ports 6001, 6002 and so on instead of 6000 (display number part 1 = port offset) |
8080/tcp | http-alt (alternative http) | httpd (= apache) | see http above: usually privately=non-public used http port |
Important TCP/UDP Port Numbers
Port 21 –> TCP –> FTP (File Transfer Protocol)
Port 22 –> TCP/UDP –> SSH (ssh,scp copy or sftp)
Port 23 –> TCP/UDP –> Telnet
Port 25 –> TCP/UDP –> SMTP (for sending outgoing emails)
Port 43 –> TCP –> WHOIS function
Port 53 –> TCP/UDP –> DNS Server (DNS lookup uses UDP and Zone transfers use TCP)
Port 70 –> TCP –> Gopher Protocol
Port 79 –> TCP –> Finger protocol
Port 110 –> TCP –> POP3 (for receiving email)
Port 119 –> TCP –> NNTP (Network News Transfer Protocol)
Port 143 –> TCP/UDP –> IMAP4 Protocol (for email service)
Port 194 –> TCP –> IRC
Port 389 –> TCP/UDP –> LDAP (light weight directory access)
Port 443 –> TCP –> Secure HTTP over SSL (https)
Port 465 –> TCP –> Secure SMTP (email) using SSL
Port 990 –> TCP/UDP –> Secure FTP using SSL
Port 993 –> TCP –> Secure IMAP protocol over SSL (for emails)
Port 1433 –> TCP/UDP –> Microsoft SQL server port
Port 2082 –> TCP –> CPanel default port
Port 2083 –> TCP –> CPanel over SSL
Port 2086 –> TCP –> CPanel Webhost Manager (default)
Port 2087 –> TCP –> CPanel Webhost Manager (with https)
Port 2095 –> TCP –> CPanel Webmail
Port 2096 –> TCP –> Cpanel secure webmail over SSL
Port 2222 –> TCP –> DirectAdmin Server Control Panel
Port 3306 –> TCP/UDP –> MySQL Database Server
Port 4643 –> TCP –> Virtuosso Power Panel
Port 5432 –> TCP –> PostgreSQL Database Server
Port 8080 –> TCP –> HTTP port (alternative one for port 80)
Port 8087 –> TCP –> Plesk Control Panel Port (default)
Port 8443 –> TCP –> Plesk Server Control Panel over SSL
Port 9999 –> TCP –> Urchin Web Analytics
Port 10000 –> TCP –> Webmin Server Control Panel
Port 19638 –> TCP –> Ensim Server Control Panel
Each and every listing of Port Numbers is in-fact, an important list to someone in some fashion or form. The reason being is that each list has some meaning for all of the applications that someone is dealing with in the specific system infrastructure that they have to work with. So, do not limit yourself by having just one list at your fingertips. It will be helpful to have many and use your search engine to your benefit!
See also: Part 1, Part 2, Part 3, Part 4
Works Cited
Lammle, T. (2007). CCNA Cisco Certified Network Associate Study Guide. Indianapolis: Wiley Publishing, Inc.
Odom, W. (2012). Official Cert Guide ICND1 640-822. Indianapolis, IN: Cisco Press.
Odom, W. (2011). Official Cert Guide ICND2 640-816. Indianapolis, IN: Cisco Press.
http://www.lb.shuttle.de/apastron/ports.htm
http://corpocrat.com/2009/03/10/important-tcpudp-port-numbers/
Reblogged this on emegaspot2.
I appreciate and thank you for using my study material!