Ports and Protocols
A free video tutorial from Jason Dion • 200,000+ Students Worldwide
CISSP, CEH, Pentest+, CySA+, Sec+, Net+, A+, PRINCE2, ITIL
4.6 instructor rating • 23 courses • 219,691 students
In this lesson, we will discuss ports and protocols used in our networks.
Learn more from the full courseCompTIA Network+ (N10-007) Full Course & Practice Exam
CompTIA Network+ (N10-007) Bootcamp - Certification preparation course on the most popular networking certification!
14:29:51 of on-demand video • Updated June 2020
- Passing the Network+ certification exam with confidence
- Understanding computer networks, their functions, and their components
- Subnetting networks
- Performing basic network configurations
- Becoming an effective networking technician in a small-to-medium sized business environment
English -: Ports and protocols. Now as we get started in the ports and protocols lesson, I first want to tell you that I'm sorry, this is going to be a long lesson, because it really does have a lot of information you need to know. And even though it's long, I want you to go through this lesson at least two or three times, because the information in this particular lesson is really, really important for the exam. I'm going to tell you, you're probably going to see five or 10 questions on your test that tie back to this lesson. It's that important. So really, please take a lot of notes on this, watch it a couple of times and really learn this information. If there are any of these lectures that you're going to memorize, this is going to be the one. All right with that warning out of the way, let's get started talking about ports and protocols. I'm going to go through each of the different ports and protocols that you need to be aware of, and each one has a specific port number that is associated with it. If you remember we talked about layer four that with those ports, as we talked about that inside layer four of the OSI model. So let's go ahead and get started. And I want to tell you what you need to remember. For each thing I'm going to give you, you need to remember the name, what it does, and where it operates. So for example, File Transfer Protocol is FTP. It operates on ports 20 and 21. And based on the name, you guessed it, it transfers files. It's used for file sharing. So what do you need to know about FTP for the exam? You should know that it's FTP means File Transfer Protocol. You should know the port number, in this case 20 and 21. And you should know basically what it does. In this case, File Transfer Protocol is going to allow you to transfer files between a client and a server on a computer network. Now this is an unsecure method, and data is going to be transmitted in the clear, which means there is no encryption, and so it's not really safe for us to use anymore, and we don't use File Transfer Protocol for anything that should be confidential or encrypted. For the exam, remember, File Transfer Protocol transfers files over port 20 and 21. If you want to write something down for your notes, that's what you write down. File Transfer Protocol transfers files over port 20 and 21. That's what I mean by memorizing this information. That's the information you need to know. Next, we have Secure Shell, also known as SSH. This operates on port 22. What does SSH do? Well, it allows you to take remote control of another computer using a command shell. It is best known for remote logging capabilities, and it's going to give you a cryptographic network protocol, which means it does use encryption, so it's safe to use even over an unsecured network like the internet. If I wanted to log into your system and be able to change your files, and you gave me permission, I could do that using SSH. For example, I want to go and change the configuration of my web server. I can actually log in through SSH from my house in Maryland, to my file server sitting in California over the internet using SSH. And I'm assured that nobody can see my username, my password or the commands I'm doing because there's encryption on both ends of this creating a secure tunnel. Secure Shell is SSH, port 22, and it gives you secure remote control of another machine using a text based environment. That's your summary. Now the next one we have is Secure Shell File Transfer Protocol, also known as SFTP. Now another way to do file transfer is using SFTP. And instead of using FTP where it wasn't secure, we can use SFTP and do it securely. Essentially, we're going to operate on port 22, the same port we use for SSH, because honestly, all we're doing is tunneling the FTP protocol through the SSH tunnel that we created. And that gives us a file transfer capability using the encrypted method to keep it secure. Next, we have Telnet and it works a lot like SSH does. In fact, Telnet came out decades before SSH. The problem with Telnet though is it's very insecure. It provides bidirectional, interactive, text oriented communication using a virtual terminal connection, just like SSH does. But it doesn't use encryption. The whole lot of words I just said really tell you, you can do remote access via a command prompt, right? That's exactly what I said. The problem here is that everything is sent in the clear, which means it's not encrypted. Just like FTP, this is insecure. And so we don't want to use telnet. In fact, you should never, ever use telnet over an insecure network like the internet, because anyone can read your username, your password, and every single command and thing that you type into that terminal, just don't do it. In fact, these days here in 2020, most people will never use Telnet. But it still shows up on the exam, so you have to know it. Telnet is port 23, and it's an insecure remote access command prompt way. Next, we have the SMTP or Simple Mail Transfer Protocol. This operates over port 25. And it is the internet standard for sending electronic messages. It was founded way back in 1982 using the Request for Comments 821. You don't have to memorize that, it's just an interesting fact that email is really, really old. The current version of email came out in 2008. And it uses RFC 5321. Now again, do you need to know these RFCs? No, don't worry about it. It's only here to give you an idea of just how long we've been using the stuff, from 1982 all the way to 2008 to now 2020 and we're still using email. Now when you hear SMTP I want you to think of send mail. I'm sending mail out and I want to do it over port 25. That's your key here when you talk about SMTP. Send mail port 25. Next we want to talk about the Domain Name Service or DNS. This operates on port 53. Now DNS is what gives us a hierarchal decentralized naming system for computers, services and other resources connected to a private network or the internet. This is going to convert our domain names to IP addresses so our computers can access them. For example, if you go to my website at diontraining.com, that is a lot easier for you to remember then if I gave you my IP address of 18.104.22.168. That's a lot of numbers and it's hard for us to remember. Instead, it's easier to say go to diontraining.com, right? Or I might say go to wikipedia.org or go to cocacola.com. And that way you can always think about the name and it gets reassociated for you on the back end to a number and that's what DNS is going to do for you. We are going to go a lot more into DNS in a future lesson. But for right now, remember, DNS converts domain names to IP addresses or IP addresses to domain names and it does this over port 53. Next we have DHCP. DHCP is the Dynamic Host Control Protocol and it operates on ports 67 and 68. Now DHCP servers automatically assign IP addresses and other network configuration parameters to your network clients for you. This is going to allow your computers to get their IP addresses and network parameters automatically, which is really, really awesome and makes your life as a network administrator much, much easier. Now we're going to have a separate lesson on DHCP. We're going to talk all about the methods it uses to get that through the discover, offer request and acknowledge. So just hold on to that for right now. At this point, I just want you to remember DHCP is used to automatically assign IPs and it does this on port 67 and 68. If you remember that one sentence, you're going to be good for now and we'll talk more about DHCP later on as we move forward. The next one we have is known as TFTP, which is the Trivial File Transfer Protocol. And this is going to operate on port 69. This is going to transmit files in both directions from a client to a server to server to client using an application. It's used for booting things like operating systems of a network file server, and it doesn't provide any authentication or directory visibility. Basically, it's a really stripped down version of FTP. Now, where do we use something like trivial FTP? Usually in sending configuration files or requesting configuration files from a router or a switch, or like I said, booting up an operating system of a network drive. This is what you're going to use TFTP for. And again, TFTP is trivial FTP, and it's over port 69. Next, we have the HTTP or HyperText Transfer Protocol. This operates over port 80. This is the foundation of all data communication for the World Wide Web. It's designed for collaborative and hypermedia presentation across many different devices. When you hear port 80, I want you to think of HTTP, which is unsecured web browsing. We'll get back to secured web browsing in just a little bit when we get into the higher numbers. The next thing we need to talk about is POP3, which is Post Office Protocol version three. This is port 110. This is going to be used on port 110. It's used by local email clients to retrieve their emails from a remote server over a TCP connection. When you hear POP3, I want you to think about downloading email, because that's what it's used for. Your computer is going to go out to the server and download all those files onto your computer so you can read them offline. That's what POP3 does, and it does it over port 110. Next, we have Network Time Protocol or NTP. NTP operates over port one, two, three or 123. Now I like that because it's really easy to remember. Think about it, it's like you're counting one, two, three, like I'm watching time fly, ah, time, Network Time Protocol. That's right. Network Time Protocol is all about sending out the time over the network, and it uses 123. So our Network Time Protocol is going to provide you with a clock synchronization between different computer systems over packet switched, variable latency data networks. Again, that's a lot of words to say, we want to make sure we can synchronize our clocks. Now it was created all the way back in 1985. And it is one of the oldest internet protocols in use today. NTP or Network Time Protocol is really useful to be able to sync up all of our times for all of our systems across the network. In fact, your computer uses NTP all of the time, whether you know it or not. So again, NTP, port 123. Next, we have NetBIOS which is on port 139. NetBIOS is the Network Basic Input Output System. And it provides a service for allowing applications on separate computers to communicate over a local area network to share files and printers. If you use file or printer sharing in a Windows network, your port is 139, and it's probably going to be open because you're using that for NetBIOS. Now when we have internet mail, we have two different ways to receive it. We already talked about POP3, back when we talked about port 110. Now here at port 143, we have IMAP, which is the Internet Mail Application Protocol. It operates over port 143, like I just said, and it's going to provide email clients with the ability to retrieve their email messages from a mail server over a TCP connection. Now, it's going to allow the end user to view and manipulate the messages as if they were stored locally on their machine while still leaving them over on the remote system. With POP3, if I log in from my laptop and my tablet, it would actually show unread on one and read on the other because I only read it on one of them. But with IMAP, it keeps all of my devices synchronized and so it is much better for modern email communication. If you're using email, you're most likely using IMAP these days and not POP3. Although some people are still using POP3, and a lot of server to server email communications do still use POP3, so it is still valid. Again when we talk about port 143, we are talking about the Internet Mail Application Protocol, which is a way to receive emails, right? Receiving emails is POP3 or IMAP. Sending emails is over port 25 using SMTP. The next one we have is the Simple Network Management Protocol, or SNMP, which operates over port 161. Don't get this confused with SMTP, the Send Mail Transfer Protocol, they sound a lot alike but they're not. Simple Network Management Protocol is going to provide you with a collection and organization of information about the managed devices on your IP networks. This is things like your routers and your switches and other devices. It can modify the information by changing the device's behavior, and it's commonly used with all different types of network devices. When we talk about SNMP much later in this course, we are going to talk about it in several different lectures as we go through and talk about the importance of network management. And that's much more towards the end of this course. So we will get there, I promise. Next, we have the Lightweight Directory Access Protocol, or LDAP, L-D-A-P. Now this operates on port 389. This is an open, vendor neutral, industry standard for accessing and maintaining a distributed directory of information services. So with LDAP and Active Directory, they both use this port of port 389. So when you go to your email program like Microsoft Outlook at work, and you try to look up somebody's name in the address book, you're actually using LDAP, the L-D-A-P, the Lightweight Directory Access Protocol. So when we talked about LDAP, remember, its port 389, and it's a directory like a phonebook. Next, we're going to talk about secure web browsing. We talked about HTTP over port 80 being unsecure. Well, now we are here with HTTPS, the Hypertext Transfer Protocol Secure. And this is going to use either TLS or SSL to encrypt your connection and allow you to do things like e-commerce, and logging in with your username and password over a website securely. It's designed to add the security layer to the insecure HTTP protocol. And by doing that, HTTPS operates on port 443. Now, the way I keep these straight in my head is HTTP has only four letters, so it's less than the five letters in HTTPS. So it has the lower number, port 80 for HTTP, port 443 for HTTPS. Next, we have the Server Message Block, which is SMB and it operates over port 445. Server Message Block is going to provide you with shared access to files, printers and other types of communication devices on your network. It operates a lot like NetBIOS that used port 139. And in conjunction with each other using both NetBIOS and Server Message Block, we can do that file transfer that we need. NetBIOS is going to be more focused on the authentication, while Server Message Block is actually going to hand out passing those files to you, and they do work together. Generally, you're going to see port 139 and port 445 both open if you have Windows File Sharing. NetBIOS at port 139 for the authentication and Server Message Block here at port 445, for sending out those files to you. Next, we have LDAP Secure. Just like most things, we have a secure and an insecure version of LDAP. With the insecure version of LDAP, we were at port 389. But with the secure version, adding that S, brings our numbers up and we're going to be at port 636. Again, it's going to operate just like LDAP did, you can have Active Directory operating on it and it's going to be that directory structure or that phonebook for you. Just here we're going to add a layer of TLS or SSL to give you that encryption layer and make it more secure. And by doing that we raise the port to 636. Next we have the Remote Desktop Protocol or RDP. It operates over port 3389. Now, be really, really careful here. You'll notice that 3389 looks a lot like 389. When we had 389, we were dealing with LDAP. With 3389, we're dealing with RDP. And because they're so similar, you only have to have the same letters and three of the same numbers, you will see on the exam where they try to trick you and give you both options in a question. So be careful not to mix these up. RDP is a proprietary protocol that was developed by Microsoft, it allows a user to have a graphical user interface, and be able to remotely control another computer over the network. So with SSH or Telnet, we had a command line way that we can log into a computer and do things. But with RDP, I can actually look at the screen and control it with my mouse and keyboard, just as if I was sitting in front of that computer. And so it's really, really helpful. As you can see here, I have an Android phone that's actually RDPing through a web browser and is able to see this Windows machine and control it remotely. This allows users with an RDP client to able to access their computer from anywhere in the world over the internet or within their network over port 3389. Remember, RDP is 3389. Next we have the Session Initiation Protocol or SIP, S-I-P. Now SIP operates on 5060 and 5061. This is going to provide signaling and controlling for media communication sessions for different applications. Generally, you're going to see SIP use for VoIP, which is Voice over IP, making phone calls, video calls, voice calls, as well as some instant messaging. If you're using something like Skype or a VoIP phone in your work, you're probably using SIP to initiate that communication. And again, SIP has two ports associated with it 5060 and 5061. Now on the screen, you're going to have all of your services, a short description of what they are and the port number. And as you can see here, you can go from FTP down to POP3 using ports 20 down to 110. And then as we go to the next screen, I have NTP through SIP, which is ports 123 down to 5061. If you can remember both of these screens of information, that is going to be a great summary of this lesson, and it is in your study guide in your notes. This is going to help you get a lot of points when it comes test day, and help you get through some of those troubleshooting questions too, because they're not just going to ask you what port is FTP, and you need to answer 21. But they might have something like you blocked port 21 in the firewall, and now something is not working. What is that thing? And then you'll have to figure out that oh, port 21 means file sharing. So now I can't share files. And that's why that file is not being shared. So sometimes you have to do a little more application, but having this information down and knowing what the thing is, what the protocol is and what the port number is, is really going to be the basis for answering a lot of those questions come test day. Again, feel free to watch this lesson as many times as you need, print out those study guides, and go through and study them because it is really, really important you get this down.