Episode 24: Common Ports and Protocols — FTP, HTTP, DNS, RDP
Ports and protocols form the framework for communication between systems on a network. A protocol is a defined set of rules that two or more devices follow to exchange information in a consistent way, ensuring that data is interpreted correctly at both ends of the connection. Ports serve as numeric identifiers that direct network traffic to the correct application or service on a device, allowing many different services to operate at the same time without interfering with one another. For troubleshooting and configuration tasks on the A Plus exam, it is important to recognize the relationship between a protocol, its assigned port number, and the function it serves.
Transmission Control Protocol and User Datagram Protocol are the two main transport protocols used in computer networking. Port numbers range from zero through sixty five thousand five hundred thirty five, with the range from zero to one thousand twenty three reserved for well-known services. Each transport protocol maintains its own set of port numbers, which means that the same numeric port value can be assigned to different purposes depending on whether it is running over Transmission Control Protocol or over User Datagram Protocol. On the exam, you may be asked to distinguish not only the port number but also which transport protocol is being used.
The File Transfer Protocol operates over Transmission Control Protocol ports twenty and twenty one, using one port for the actual data transfer and the other for session control commands. It is used to move files between a client and a server, such as when uploading a website to a hosting provider or downloading content from a file repository. While it offers reliable delivery, the basic version of File Transfer Protocol sends data in clear text, which can be intercepted, so secure variants are preferred in sensitive environments.
Hypertext Transfer Protocol runs on Transmission Control Protocol port eighty and is the foundation of standard web browsing. It is considered stateless, meaning each request is handled independently without relying on previous exchanges. Although it is efficient for delivering web pages and other resources, it does not encrypt the information in transit, making it unsuitable for transmitting sensitive information.
Hypertext Transfer Protocol Secure uses Transmission Control Protocol port four hundred forty three to add encryption through Secure Sockets Layer or Transport Layer Security. This ensures that all data exchanged between the browser and the web server is encrypted, protecting sensitive information such as logins, payment details, and personal data from interception. Modern web browsers and websites generally use the secure version by default.
The Domain Name System is responsible for translating human-readable domain names into numerical Internet Protocol addresses. It primarily uses User Datagram Protocol port fifty three for quick request-response lookups, and it uses Transmission Control Protocol for operations that require reliable delivery, such as transferring large sets of records between servers. Without the Domain Name System, users would have to remember numeric addresses for every website and service they wish to access.
Simple Mail Transfer Protocol uses Transmission Control Protocol port twenty five for sending email between servers and from email clients to a mail server. In many modern implementations, this port requires authentication or the use of alternate ports to help prevent abuse by spammers. Understanding its role in the flow of email is important for both configuration and troubleshooting.
Post Office Protocol version three operates over Transmission Control Protocol port one hundred ten and is used to download messages from a server to a local email client, typically removing the messages from the server once downloaded. This method works well for single-device access but is less suited to users who need to keep messages synchronized across multiple devices.
Internet Message Access Protocol runs on Transmission Control Protocol port one hundred forty three and allows messages to remain stored on the server while being accessed from multiple clients. This supports synchronization of email status and folders across devices, which is standard practice for modern email use. On the exam, you may be asked to compare this approach to the simpler Post Office Protocol.
For more cyber related content and books, please check out cyber author dot me. Also, there are other prepcasts on Cybersecurity and more at Bare Metal Cyber dot com.
The Remote Desktop Protocol uses Transmission Control Protocol port three thousand three hundred eighty nine to provide remote graphical access to another computer. This allows a user to view and control the full desktop of the remote system as though they were sitting in front of it. It is widely used for system administration, remote technical support, and enabling employees to work on office systems from another location. On the exam, it is important to remember that this protocol carries not just files or commands, but the complete visual and input session over the network.
Secure Shell runs on Transmission Control Protocol port twenty two and provides encrypted remote terminal access. It is often used with Linux and Unix systems, as well as network devices like switches and routers, to perform configuration and management tasks securely. Unlike older methods, Secure Shell encrypts the session from start to finish, protecting both commands and output from interception.
Telnet operates over Transmission Control Protocol port twenty three and offers plaintext remote terminal access. While it was once a common way to configure devices or connect to remote systems, its lack of encryption makes it insecure on modern networks. Today, Telnet is generally used only in controlled or isolated environments, and the exam may expect you to identify it as a legacy protocol.
Dynamic Host Configuration Protocol uses User Datagram Protocol ports sixty seven and sixty eight to automatically assign Internet Protocol addresses, subnet masks, default gateways, and Domain Name System server information to devices. This removes the need for manual configuration and allows devices to join the network quickly and consistently. On the exam, recognizing its role is important when diagnosing addressing issues.
Lightweight Directory Access Protocol runs on Transmission Control Protocol port three hundred eighty nine and is used to query and manage directory services that store user and resource information. It is often integrated with enterprise login systems, allowing centralized authentication and authorization for large networks. You may encounter questions about its role in user management and policy enforcement.
The Simple Network Management Protocol uses User Datagram Protocol ports one hundred sixty one and one hundred sixty two to exchange performance and error information between managed devices and network monitoring systems. Switches, routers, and printers commonly use this protocol to report their status or respond to queries from management software. Understanding its role will help you identify monitoring and alerting processes.
NetBIOS over TCP/IP uses Transmission Control Protocol and User Datagram Protocol ports one hundred thirty seven through one hundred thirty nine to provide older Windows systems with name resolution and file sharing capabilities. While it is largely replaced by more modern protocols, it is still seen in legacy environments and may appear in scenario questions.
Server Message Block operates on Transmission Control Protocol port four hundred forty five and enables file and printer sharing across networks. It is deeply integrated into Windows systems, supporting network shares, mapped drives, and access to shared printers. On the exam, you may need to match this protocol to its function in a file-sharing scenario.
Service Location Protocol uses Transmission Control Protocol and User Datagram Protocol port four hundred twenty seven to help clients find available network services automatically. Apple Filing Protocol uses Transmission Control Protocol port five hundred forty eight to provide file sharing on macOS systems. While these are less common than Windows-based protocols, you may be tested on their identification in cross-platform support contexts.
For the A Plus certification, knowing ports and protocols is more than simple memorization. You will be expected to recognize them in troubleshooting output, configuration files, and multiple-choice scenarios. Whether configuring a firewall, setting up a new service, or identifying a communication failure, understanding the relationship between a service, its protocol, and its port number is an essential skill that directly applies both to the exam and to real-world technical work.
