Protocols and Ports

IMAP

The main protocol used by email clients in communicating with email servers.can be used on alot of devices ex phones, tablets, laptops etc. uses port 143

SMTP

The main protocol used to send electronic mail from server to server on the Internet. Uses port 25

SIP

The protocol used for VoIP sessions, uses port 5060-5061

SNMP

Used to collect system information from a remote computer on network nodes such as printer, routers, hosts etc. tcp/udp port 161,162

DNS

Used to resolve host names to IP addresses. is the primary name resolution service used on the Internet and is also used on internal networks. uses port 53. poisoning attempts to modify or corrupt cached results.

TFTP

Used to transfer small amounts of data with UDP port 69.

UDP

connectionless protocol that does not require a connection to send a packet and does not guarantee that the packet arrives at its destination. transport layer protocol

SSH

encrypts a wide variety of traffic such as Secure File Transfer Protocol (SFTP), Telnet, and Secure Copy (SCP). uses port 22.

Telnet

is inherently insecure because its communication is in plain text and is easily intercepted. It is used for remote login on port 23

H. 323

peer to peer, supports user to user communication without a centralized controlling entity unlike SIP which requires a proxy server. uses port 1720

HTTP

the protocol used for transmitting web pages over the Internet uses tcp port 80

RDP

used in tcp / udp Port 3389 to connect remotely to a desktop or other device

POP

used to retrieve email from a server.and responsible for managing the email (either saving or deleting) the default is delete. uses port 110

HTTPS

uses port tcp 443 . uses encryption protocols such as secure socket layer ssl/ transport layer security to secure traffic over the internet

LDAP

Language used to communicate with directories such as Microsoft's Active Directory. It provides a central location to manage user accounts and other directory objects. uses port 389 because unencrypted

NTP

An Internet protocol that enables synchronization of computer clock times in a network of computers by exchanging time signals. uses port 123

SFTP

An extension of Secure Shell (SSH) using SSH to transmit files in an encrypted format. transmits data using TCP port 22.

TCP

- provides reliable, ordered, and error-checked delivery of a stream of packets on the internet. .

LDAPS

. A protocol used to encrypt traffic with secure socket layer / transport layer security. uses port 636. used to communicate with directories

ICMP

. Used for diagnostics such as ping and trace. Many DoS attacks use ICMP. It is common to block ICMP at firewalls and routers. If ping fails, but other connectivity to a server succeeds, it indicates that ICMP is blocked. remember layer 3 network layer protocol

FTP

A format and set of rules for transferring files from a host to a remote computer.uses port TCP 20 to send files and port 21 to receive

DHCP

A service used to dynamically assign TCP/IP configuration information to clients. is often used to assign IP addresses, subnet masks, default gateways, DNS server addresses, and much more. uses UDP port 67 for server and UDP port 68 for client

IP

A set of rules for communicating over the internet.

connection-oriented protocol

A type of Transport layer protocol that requires the establishment of a connection between communicating nodes before it will transmit data. TCP is an example

connectionless protocol

A type of Transport layer protocol that services a request without requiring a verified session and without guaranteeing delivery of data.

SMB

Server Message Block. used in microsoft windows workgroup uses port 445 or port 137-138