Port
Ports are often described as sub-addresses. Let's visualize our IP Address as the address of an office. Suppose a letter arrives at that office address; it's necessary to distinguish which person or department the letter should go to. This allows us to know whether the letter is for HR, Admin, or other sectors.
So, a port performs the function of further classifying a packet that arrives at a specific address to determine which sector it belongs to. Ports are also like the windows of a building. They can be used to provide services through those windows, and the windows of rooms that aren't providing services can be closed.
Ports are designated and used with numbers, and there are a total of 216 ports, from Port 0 to 65535 (65,536 Ports). (This is because a 16-bit number is used, so it's 216. The base 2 is due to the nature of binary.)
Port zero (0) is an invalid or reserved port that is not used in practice, so the actual ports used are from 1 to 65535. (Some people who read "The First Step Towards Hacking" ask where the number "all ports 1-65535" comes from in the chapter on Port Scanning. After reading this book, they won't need to ask.)
Ports can also be used by services installed on the system. Among these are well-known ports that are used by prominent software/services. This means that some software/services use specific ports by default.
Well-Known Ports
| Service | Port |
|---|---|
| FTP | 21 |
| SSH | 22 |
| Telnet | 23 |
| SMTP | 25 |
| DNS | 53 |
| TFTP | 69 |
| HTTP | 80 |
| Kerberos | 88 |
| POP3 | 110 |
| NTP | 123 |
| Microsoft (RPC) | 135 |
| Net-BIOS | 137-139 |
| IMAP | 143 |
| SNMP | 161 |
| LDAP | 389 |
| HTTPS | 443 |
| SMB | 445 |
| MySQL | 3306 |
| RDP | 3389 |
These are some of the default ports for commonly used services (or) software. Some people change and configure these default ports to confuse hackers.
To use a service, you need to open the corresponding port for it to work. Hackers use a port scanner like nmap to discover which ports are open and what services are being used. (Detailed practical steps regarding Port Scanning are extensively explained in "The First Step Towards Hacking." Since this is not a book that discusses hacking, it will not be included here.)
There are also TCP Ports and UDP Ports. The "P" in TCP, UDP, and IP stands for Protocol. Therefore, I want to briefly explain what a Protocol is.
Whether you're a hacker or a network administrator, you should know these things, so it's essential to read this entire chapter carefully.
Protocol
In networking, a protocol is an agreed-upon method for two things to communicate with each other. To make this easier to understand, think of it this way: most people in our area will only understand us if we speak in Burmese. So, the method of speaking and communicating in Burmese is our communication method. This is a protocol. When we establish a protocol to communicate in Burmese, people won't come and speak to us in Japanese, Korean, or Chinese. They will come and speak in Burmese (or bring an interpreter if they can't). This way, both sides can understand each other, and there will be no communication errors.
So, you can simply remember that a protocol is a set of rules that defines how communication will happen. These rules are established by the Request for Comments (RFC). There are many protocols, such as TCP, UDP, HTTP, SMTP, and so on. Each of these protocols has its own set of rules. So, when you want to communicate with them, you can do so according to the rules they have set.
0 Comments