We know that our applications
communicate across the network using well-known port numbers. And in this video,
we'll look at some of the most common ports that
are used by these applications. Telnet stands for
telecommunication network. It uses TCP port 23 as it's
well-known port number. Telnet is a way to be able
to log in to devices remotely and be able to access them
from this text-based console. It's a way to communicate to
servers, routers, switches, and other infrastructure
devices to be able to administer those machines. But all of this
Telnet communication is sent in a non-encrypted form. Your username and your
password are sent in-the-clear across the network. If anyone happens
to be listening in, or can gather those
packets, then they'll be able to find all
of your usernames and all of your passwords. And that's why most
people will not use Telnet as a way to
manage these devices on a modern network. As an alternative to Telnet,
most system administrators will use SSH, or Secure Shell. SSH uses TCP port 22 as
its well-known port number. And it uses this port number
to send encrypted communication back and forth to these
infrastructure devices. It has the same look and
feel as the Telnet console, but an SSH console is
sending all communication as encrypted data,
including your username and your password. DNS is the Domain Name System. And it's a protocol that
most people don't even realize is going
over their network, because all of the communication
happens behind the scenes. One of the primary
roles of DNS is to convert the names that
we use, for instance, inside of a browser, to something
that the network can use, such as an IP address. So if you're in
a browser and you type in www.professormesser.com,
your machine goes out to a DNS
server to request the IP address of my device. And it may return an IP
address, such as this one. It's using UDP port 53
to be able to perform that communication. These are obviously
very critical resources. We don't commonly remember
the IP address of a server that we might be using. So instead, we use
our DNS servers to take the name that we
can remember, and convert it to an IP address that can
be used across the network. Another popular protocol
on our networks is SMTP. This is the Simple
Mail Transfer Protocol. And it uses port
25 over TCP to be able to send mail
communications from one mail server to another. We also commonly use SMTP to
send mail from our devices to a mail server
for outgoing mail. So you may commonly configure
an SMTP in your mail client or on your mobile device
to be able to send that outgoing mail. Other protocols are commonly
used for incoming mail. And you may see protocols,
such as IMAP or POP3, used for all of your
incoming mail communication. There are many different ways to
send files across our network. One of these methods uses
a protocol named SFTP. That stands for Secure
File Transfer Protocol. And it uses SSH as the
underlying protocol to make this happen. So it uses exactly the same port
number as SSH, or TCP port 22. SFTP is also a full-featured
file transfer protocol. It can not only
transfer the files, but it can resume if
the transfer happens to be interrupted, it can
provide you with the directory listing, it can do remote
file removals, and much more. And, of course, since we're
using the encrypted SSH protocol as the
underlying communication, we know that all of this
file transfer information will be encrypted
across the network. If you don't need encrypted
communication for your file transfers, you may want to
use FTP, or the File Transfer Protocol. FTP may use two
different protocols to be able to transfer files. It may use TCP port 20 to
provide an active mode data transfer, and it may use
port 21 as the control information between the
client and the server. FTP is going to
transfer these files, and it's going to require
some type of authentication with a username and
password to be able to log in to the FTP server. This also has a full set of
features similar to SFTP, allowing you to list the files
that are available on a device. You can add other files, rename
files, and delete any files from the file system. If you need a very simple
form of file transfer, then you may want to use TFTP. That stands for Trivial
File Transfer Protocol. And it uses UDP port 69. It's a very simple
way to communicate because it doesn't require
any type of authentication. So you won't need a
username and password to be able to
transfer these files. Since there's no authentication
and no encryption used for TFTP, it's
not something that would be used for
important data, or used on production systems. When you start
your computer, it's able to get an IP address
automatically using DHCP, or the Dynamic Host
Configuration Protocol. This is an automated
process that assigns your IP address,
your subnet mask, your DNS settings, and many other options
within your IP configuration. It uses UDP port 67 and
UDP port 68 to communicate. And you also, somewhere on your
network, need a DHCP server. This might be a
standalone server, or it might be a service that's
integrated into the router that you use on your
wireless network. DHCP commonly has a pool of
IP addresses configured inside of the DHCP server. And as devices connect
to the network, they're given whatever might be
available inside of that pool. There's also a lease
time associated with these IP addresses. So the device either has to
re-lease the same IP address, or once that lease expires
the IP address then becomes available for
someone else on the network. You can also
configure reservations within the DHCP server so that
certain devices will always get the same IP addresses. It's common to do
that with servers and other
infrastructure devices. This also makes it
very easy if you need to change the IP addresses
on a number of devices. Instead of going to
each individual device, you simply log in
to your DHCP server, and you change the DHCP
reservations there. Two of the most
popular protocols you'll find on your
network is HTTP and HTTPS. This stands for Hypertext
Transfer Protocol and Hypertext Transfer Protocol Secure. These are two protocols that are
commonly used by our browsers. Other applications may
also use HTTP and HTTPS, even if they're
applications that don't run inside of a browser. Traffic that is sent through TCP
port 80 is commonly using HTTP, and is sending the web server
communication in the clear. If someone's using
HTTPS, then they're communicating through TCP port
443, and all of that traffic will be encrypted. If you're in charge of managing
servers, switches, routers, and other
infrastructure devices, you may want to gather
metrics from those devices. One way to do this
is to use SNMP. This is the Simple Network
Management Protocol, and it uses UDP port 161 to be
able to query and receive data from these
infrastructure devices. There are different
versions of SNMP. Version 1 was the
original that used a very set of structured
tables and sent these requests and
these responses across the network in
a non-encrypted form. Version 2 of SNMP allowed us
to do bulk transfers of data so we could request
a lot of information and receive a lot of
information very easily. But all of that communication
was sent in the clear. If we wanted an
encrypted communication for our management
protocol, then we'd want to use SNMP version 3. This provides message integrity,
authentication, and encryption, so that nobody can
see what you're requesting from
that device, or what the response was from these
infrastructure devices. If you work in a
help desk, or you do any type of remote
administration of devices, then you're probably familiar
with RDP, or the Remote Desktop Protocol. This allows you to
see the screen that is on a remote device and share
the keyboard and the mouse on that device using TCP
over port number 3389. It's common to see
remote desktop being used on many types of
Windows Operating Systems, and RDP allows you to either
connect to the entire desktop that someone may be
using, or to simply connect to an application that
is available on that device. There are also remote
desktop clients available for other
operating systems. So you can use your Mac
OS or your Linux desktop to be able to remotely connect
and administer these Windows devices using RDP. We have many different
devices on our networks. We have our desktop computers,
our laptop computers, servers. We have tablets
and mobile devices. And all of those devices
have a clock inside of them. They all know the
time and the date. And they're able
to determine what that is by using NTP, or
the Network Time Protocol, that communicates
over UDP port 123. It becomes critical to
synchronize the clock across all of these
different devices, not only to synchronize
log information, but some of these devices
must be well synced to be able to authenticate
properly to each other. This means that
everybody's going to know exactly what the proper
date and the proper time is. And you, as the
administrator, get to determine exactly
the frequency that NTP will use to be able
to provide the synchronization. This is a very accurate way
of synchronizing the clocks. And on a local network,
you can get accuracy better than one millisecond
across all of the devices using the Network Time Protocol. If you've used a
voice over IP device, then you've probably used SIP,
this is the Session Initiation Protocol, and it commonly
uses TCP port number 5060 and TCP port 5061. This is the protocol that's
used for setting up calls, for ringing the phone
on the other side, and for hanging up the
call once the call is over. It also extends your
voice communication by adding video conferencing,
instant messaging, file transfer, and many
other applications using this Session
Initiation Protocol. Microsoft uses SMB to transfer
files between Windows devices. This is Server Message Block. You may also hear this
referred to as CIFS, or Common Internet
File System, and it's what Windows uses
to transfer files, or to share printers
between Windows systems. SMB commonly uses
TCP port 445 to be able to send SMB communication
directly between devices using the IP protocol. We learned earlier that sending
emails from your device uses SMTP. But receiving emails uses
a completely different set of protocols. You may be using
POP, or you may be using IMAP to be able to
authenticate and transfer email messages to your device. POP3 is Post Office
Protocol version 3, and it uses TCP port 110 to be
able to perform that function. POP3 is considered to be a basic
mail transfer functionality. For most of our mobile
devices we use today, we're using IMAP4. This is Internet Message
Access Protocol version 4, and it uses TCP port 143. This allows us to use multiple
clients to access our inbox, so we can see exactly the same
mailbox from our mobile device as we do from our
desktop system. All of the users,
devices, and printers are probably stored in a large
database in your environment. And it's usually accessed
through a protocol such as LDAP. LDAP is the Lightweight
Directory Access Protocol, and it uses TCP port
389 to allow your client to communicate to
an LDAP server. There is also an encrypted
form of LDAP, called LDAPS. And that stands for LDAP Secure. This uses SSL to be able
to encrypt this LDAP communication, and
it uses TCP port 636 to be able to send that data. SIP is not the only voice over
IP control protocol out there. You may also use H.323 on
your voice over IP devices, and it uses TCP port 1720. Similar to SIP, H.323 allows
us to set up phone calls, be able to ring the
phone on the other side, and hang up the call
when the call is over. This is one of the earliest
voice over IP protocols. And many voice over
IP applications will still use H.323 as its
primary signaling protocol.
