Exploring TCP/IP Ports 37
Exploring TCP/IP Ports
We can’t let you escape the fundamentals without touching on ports. Ports allow computers
to send data out the door while simultaneously identifying that data by category. What this
means is each of the common ports you use is associated with a particular protocol or
particular application. For example, sending data from port 21 signifies to the receiving
system that the traffic received is an FTP request because of the port it came from. Addi-
tionally, the response from the initially queried system will end up at the right location
because the port from which the traffic came has already been identified. This holds true
for web traffic, mail traffic, and so forth. Knowledge of these ports and their corresponding
protocols and applications becomes important when you’re scanning a system for specific
vulnerabilities. There will be more to come on that, but first let’s take a look at how these
ports are categorized and what the well-known ones mean to you:
■ Well-known ports are most common in daily operations and range from 1 to 1024.
Much of the initial portion of this range should be familiar to you. Refer to Table 2.2
for a list of the ports you need to know.■ Registered ports range from 1025 to 49151. Registered ports are those that have been
identified as usable by other applications running outside of the user’s present purview.
An example would be port 1512, which supports Windows Internet Name Service
(WINS) traffic. Take a look at Table 2.3 for a list of registered ports of interest.■ Dynamic ports range from 49152 to 65535. These are the free ports that are available
for any TCP or UDP request made by an application. They are available to support
application traffic that has not been officially registered in the previous range.tablE 2.2 Well-known ports
Port Use
20–21 FTP
22 SSH
23 Telne t
25 SMTP
42 WINS
53 DNS
80, 8080 HTTP