seattle‐ops‐301d10: Read 02 - thierrytuantran/CF_ops301d10_Notes GitHub Wiki

What is a port? Describe it with an analogy that would help a family member understand.

• A port is like a mailbox that networking communication is delivered to, similar to how mail is delivered to a mailbox at a house.

What does a port scanner send to a port to check the current status?

• A port scanner sends a TCP or UDP packet to ask the port about its current status.

When a port scanner sends a request to connect, what are the three possible responses? Describe them.

• The three possible responses are: Open (port is listening and ready to communicate), Closed (port is not available), and Filtered (no response from the port).

What is the difference between TCP and UDP?

• TCP has error checking and ensures ordered, reliable delivery while UDP does not check for errors but is faster.

Common Ports

• Telnet: Telnet provides remote console access over TCP port 23 but sends data unencrypted.

• SSH: SSH (Secure Shell) provides encrypted remote console access over TCP port 22 for secure communications.

• DNS: DNS (Domain Name System) typically uses UDP port 53 for name resolution to convert domain names to IP addresses.

• SMTP: SMTP (Simple Mail Transfer Protocol) commonly uses TCP port 25 for sending email messages unencrypted or port 587 over TLS for encrypted mail delivery.

• HTTP: HTTP (Hypertext Transfer Protocol) allows web access over TCP port 80 but does not encrypt communications.

• HTTPS: HTTPS provides encrypted web access using HTTP over TLS/SSL, typically via TCP port 443.

• RDP: RDP (Remote Desktop Protocol) enables remote desktop access to Windows systems over TCP port 3389.

• Ping: Ping uses ICMP to check if a host is reachable on the network.