Welcome back to Acing the A+, FSET’s introductory guide to CompTIA A+ Certification! Even if you’re not on the path to becoming an IT professional, this blog will provide you with a stronger understanding of the ins and outs of Information Technology. Today, we’ll be taking a look at common network ports.
Ports are used on networks – for example, the connection between your employer’s server and your work computer – to make sure data gets delivered to the right place. Both the server and the client (receiving end of the information) need to know specific port numbers, not to mention firewalls and other security measures that are designed to disallow unwanted traffic like a virus.
Many websites, programs and applications have their own designated port numbers, and if you’re planning on a career in the field, you’ll have no choice but to memorize a lot of them over the years. While this must seem daunting – especially considering port numbers can go as high as 65,535 – anyone who’s been doing it for long enough will tell you that it gets easier over time.
To get a leg up on remembering what’s what, it’s a good idea to start with the basic protocols and the port numbers they typically use. For example, file transfer protocol (FTP), which is used for transferring files from one device to another, will always use TCP port 20 for data transfer and TCP port 21 to control the transfer.
While FTP is generally understood as a generic means to transfer data, it does usually require authentication on one of the devices, which is usually done by entering a password. As a protocol, FTP also allows you to decide which files you do and don’t want to transfer before beginning the download. You can use FTP to add, delete and rename files, as well as perform other management functions as you see fit.
Sometimes remote devices need to be connected through a terminal or a command line front end. In these cases, you’ll likely use Secure Shell (SSH) to provide the connection, which usually communicates through TCP port 22. The protocol is named after how it transfers data, as even though you might see plain text on your screen during the setup, it will become encrypted as soon as it moves through the network.
Like SSH, Telnet (telecommunications network protocol) is used to connect a remote device using text on a console front end. As you might have guessed, Telnet uses TCP port 23 to communicate – however, unlike SSH, the data sent over the network will not be encrypted. This means that, generally, Telnet is vulnerable to threat actors who might be looking to steal usernames and passwords, and it’s for this reason that SSH should be used when and wherever possible for terminal communication.
Moving on, the millions upon millions of email servers housed on the Internet use the Simple Mail Transfer Protocol (SMTP) to communicate. SMTP usually uses TCP port 25 to send information, regardless of whether the email is going to or from a client or a server. Notably, receiving mail does not use SMTP, but instead, protocols such as Internet Message Access Protocol (IMAP), which uses TCP port 143, or Post Office Protocol (POP3), which uses TCP port 110.
To connect to a remote website, you usually just punch in something along the lines of vopqnafw4i-staging.onrocket.site and hit enter, but there’s a lot more going on behind the scenes. While websites like FSET have their own IP addresses, the devices you use to connect to them (initially) have no idea what they are. To figure them out, your system will use the domain name system (DNS) protocol, which commonly uses UDP port 53 to establish a connection. Basically, DNS does the dirty work of sorting out ports with different websites’ IP addresses – which themselves can change over time – for pain-free easy access.
Speaking of IP addresses, if you’ve ever connected to a public Wi-Fi network – say, at an airport or a coffee shop – than you’ve been automatically given an address using the Dynamic Host Configuration Protocol (DHCP), which often uses UDP ports 67 and 68 to connect. Nowadays, DHCP functionality is built into most devices, clients and servers. Notably, DHCP assigns devices addresses with a leasing system, meaning that access will typically expire after a certain amount of time. Once you’re no longer using a certain IP address to connect, the lease will expire and it will once again become available for someone else to connect to. DHCP can also be customized by network administrators to assign the same IP addresses to specific devices or programs, such as routers or firewalls, making the server a kind of ‘one stop shop’ for any and all necessary address changes on the network.
If you’ve web browsed, you’ve used hypertext transfer protocol (HTTP) and hypertext transfer protocol secure (HTTPS). HTTP, which is typically used for clear, non-encrypted communication over a network, usually uses TCP port 80. If the information you’re viewing or sending is encrypted, then you’ll be using HTTPS over TCP port 443.
In addition to web browsing, operating systems also have their protocols for communicating over networks. Microsoft Windows uses Server Message Block (SMB), also known as the Common Internet File System (CIFS), which means everything from file transfers to printer jobs are handled through TCP port 445. If you’re using a newer Windows machine to communicate with an older one, the newer SMB will probably interface with the older Network Basic Input Output System (NetBIOS), which uses UDP port 137 to find devices on the network and UDP port 139 to transfer data between them.
It’s also wise to brush up on your knowledge about the Simple Network Management Protocol (SNMP), which uses UDP port 161 to communicate. SNMP tracks devices attached to the network, querying performance metrics in real-time to optimize functionality and ensure everything is running smoothly (or exactly you so desire). If SNMP detects a device exceeding a metric, it will send an alert – also known as a trap – through UCP port 162. Notably, there are three different versions of SNMP, but only the newest SNMP v3 is able to send encrypted data.
When it comes to network directories, Lightweight Directory Access Protocol (LDAP) is the most commonly used protocol, which often communicates over TCP port 389. On Windows devices, you’ll probably use Microsoft’s Active Directory to perform domain management, which incorporates LDAP as a part of its functionality.
Last but not least, Remote Desktop Protocol (RDP) is the most commonly used protocol for accessing user devices remotely. Using TCP port 3389, RDP is a go-to for help desk and system administrators to login to and update others’ devices on work networks. RDP can be used to install and run singular applications or control entire systems.
While RDP runs on Windows only, there are applications available on other operating systems that will enable cross-system compatibility and integration – which, owing to the prevalence of iOS and Android devices in the field, is a practical necessity.