SFTPSecure File Transfer ProtocolWhat port does SFTP use?22What port number does SSH and SFTP share?22Telnet23TelnetProvides a virtual terminal or remote login across the network that is connection-based. The remote server must be running a Telnet service for clients to connect. Similar to SSH but is insecure.What port uses Telnet?23SMTP (Simple Mail Transfer Protocol)25SMTP (Simple Mail Transfer Protocol)A communications protocol that enables sending email from a client to a server or between servers.SMTPSimple Mail Transfer ProtocolWhat port uses SMTP?25DNS (Domain Name System)53DNS (Domain Name System)The service that translates URLs to IP addresses.DNSDomain Name SystemWhat port uses DNS?53DHCP (Dynamic Host Configuration Protocol)67, 68DHCP (Dynamic Host Configuration Protocol)A network service that provides automatic
assignment of IP addresses and other TCP /IP configuration information.DHCPDynamic Host Configuration ProtocolWhat ports are used for DHCP?67, 68TFTP (Trivial File Transfer Protocol)69TFTP (Trivial File Transfer Protocol)A simple version of FTP that uses UDP as the transport protocol, and does not require a logon to the remote host.TFTPTrivial File Transfer ProtocolWhat port uses TFTP?69HTTP (Hypertext Transfer Protocol)80HTTP (Hypertext Transfer Protocol)the protocol used for transmitting web pages over the Internet, unsecuredHTTPHypertext Transfer ProtocolPort 80 is used forHTTPPOP3 (Post Office Protocol version 3)110POP3 (Post Office Protocol version 3)A protocol used from retrieving email from a mailbox on the mail server.POP3Post Office Protocol 3Port 110 is the well-known port used by:POP3NTP (Network Time Protocol)123NTP (Network Time Protocol)An Internet protocol that enables synchronization of computer clock times in a network of computers by exchanging time signals.NTPNetwork Time ProtocolPort 123, Protocol for clock synchronization between computer systems over packet-switched, variable-latency data networksNTPNetBIOS (Network Basic Input/Output System)137, 138, 139NetBIOS (Network Basic Input/Output System)An older transport protocol used by Microsoft Windows systems for allowing applications (printing and file sharing) on separate computers to communicate over a LAN.Ports 137-139NetBIOSIMAP (Internet Message Access Protocol)143IMAP (Internet Message Access Protocol)a common protocol for retrieving email messages via the InternetIMAPInternet Message Access ProtocolPort 143, Management of electronic mail messages on a serverIMAPSNMP (Simple Network Management Protocol)161, 162SNMP (Simple Network Management Protocol)An Application-layer protocol used to exchange information between network devices.SNMPSimple Network Management ProtocolPorts 161 and 162SNMPLDAP (Lightweight Directory Access Protocol)389LDAP (Lightweight Directory Access Protocol)A communications protocol that defines how a client can access information, perform operations, and share directory data on a server.LDAPLightweight Directory Access ProtocolPort 389LDAPHTTPS (Hypertext Transfer Protocol Secure)443HTTPS (Hypertext Transfer Protocol Secure)An encrypted version of HTTP. It uses port 443.HTTPSHypertext Transfer Protocol SecurePort 443HTTPSSMB (Server Message Block)445SMB (Server Message Block)A protocol that works on the Application layer and is used to share files, serial ports, printers, and communications
devices, including mail slots and named pipes, between computers.SMBServer Message BlockPort 445 is used by:SMBSyslog514SyslogUsed to send logging data back to a centralized serverPort 514 is used forSyslogSMTP TLS/SSL587SMTP TLS/SSLSecured and encrypted way to send emails.SMTP TLS/SSLSimple Mail Transfer Protocol Transport Layer SecurityPort 587:SMTP TLS/SSLLDAPS (Lightweight Directory Access Protocol Secure)636LDAPS (Lightweight Directory Access Protocol Secure)Secured open, vendor-neutral industry standard for accessing and maintaining distributed directory information services.IMAP SSL/TLS993IMAP SSL/TLSSecure and encrypted way to receive emails.IMAP SSL/TLSInternet Message Access Protocol over SSLPort 993IMAP SSL/TLSPOP3 SSL/TLS995POP3 SSL/TLSSecure and encrypted way to receive emailsPOP3 SSL/TLSPost Office Protocol Version 3 over SSLPort 995POP3 SSL/TLSSQL (Structured Query Language)1433SQL (Structured Query Language)an international standard language for processing a databaseSQLStructured Query LanguagePort 1433SQLSQLnet1521SQLnetUsed for communication from a client to an Oracle databasePort 1521SQLnetMySQL3306MySQLUsed for communication from a client to the MySQL database enginePort 3306MySQLRDP (Remote Desktop Protocol)3389RDP (Remote Desktop Protocol)A proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection.RDPRemote Desktop ProtocolPort 3389RDP (Remote Desktop Protocol)SIP (Session Initiation Protocol)5060, 5061SIP (Session Initiation Protocol)A set of Application layer signaling and control protocols for multiservice, packet-based networks. SIP is used to make an initial connection between hosts for transferring multimedia data. VOIP and Instant MessagingSIPSession Initiation ProtocolPorts 5060 and 5061SIPICMP (Internet Control Message Protocol)A network layer Internet
protocol that is used to communicate information about network connectivity issues back to the sender. Used by technicians during troubleshooting . Used by attackers to conduct ping scans and network mapping.GRE (Generic Routing Encapsulation)A tunneling protocol developed by Cisco to encapsulate a wide variety of network layer protocols insider a virtual point-to-point or point-to-multipoint link over an IP network. Doesn't provide encryption. Need to set a small maximum MTU size on tunnel.IPSec (Internet Protocol Security)A set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet through data authentication and encryption.Authentication Header (AH)An IPsec protocol that authenticates that packets received were sent from the source identified in the header of the packet.Encapsulating Security Payload (ESP)An IPsec protocol that provides authentication, integrity, and encryption services.