Learning all them darn ports!
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Learning all them darn ports!

  1. #1

    Question Learning all them darn ports!

    Okay guys, I'm still a bit green and need to be pointed in a direction...

    I'm eagerly trying to learn security, and I've gotten pretty good with firewalls and other little security toys, but I just have no clue when it comes to ports. Everywhere I go, I read "block this port" and "look at that port" and of course everyone but stupid me is lightyears ahead and knows what all these ports are.

    So where do I start with learning about ports? Are there any good places to go to that any of you can recommend? I know this is very fundamental and vital to fully protecting a system, so please...teach me your ways!

    With humble thanks,
    James

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Heres a list of all know port numbers and what they are associated with.
    http://www.iana.org/assignments/port-numbers

    What I would suggest you do, is find the port that you are looking for on that list then go to www.google.com and do a search on what the service that runs on that port does.

    Heres another site that migh be helpful.
    http://www.iss.net/security_center/a...ts/default.htm

    Actually, thats a pretty good site there. Just click on the port number and it takes to links that explains what that ports used for.
    =

  3. #3
    Banned
    Join Date
    Jul 2002
    Posts
    877
    80 is http, 25 is mail, 6667 is normally IRC, 8080 often proxy, & blah blah... But its really the programs that use 'em that you need to worry about. As for ports each of them can be used for very little or a large number of things... deppending on which one though. You could however find 6667 and say, hey that looks like one of my users is into IRC... due to the fact that its a common port for services like that, but just by seeing that its open doesn't actually mean thats what is actually going on though... Hell you can do alot of stuff VIA: (some randomly chosen port).

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    So where do I start with learning about ports? Are there any good places to go to that any of you can recommend?
    If you really want to learn about networking and security I recommend you pick up a good book. Almost every security book goes over in great detail what ports do what and why you should block them/how to protect yourself. You learn the good and the bad.

    Some books that I'd recommend that cover all the basics along with various operating systems are:

    Hack attacks revealed . It is a couple of years old, but still has great info.

    Hacking exposed . This one is updated a lot more and they have a great "hacking series" Such titles include Hacking 2000 exposed, hacking linux exposed and hacking web apps.

    The hacking exposed series even offers a hackers challenge series after you have learned a bit about security to test your skills at forensics. Forensics is a whole other topic... but in security it is very important that you know both. At least you'll get the basics and the money is well worth it. You don't have to spend ages looking for what you want... it is all in front of your face.

  5. #5
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    Just minor correction Specialist, Imsure its an oversight, 21 is not mail,,,
    mail is 25 outgoing 110 incoming....21 is asociated with FTP

    cheers

  6. #6
    Banned
    Join Date
    Jul 2002
    Posts
    877
    Opps typo... ???

    Bleh... whatever... I've had enought cool-aid and booz for one night.

  7. #7
    Senior Member
    Join Date
    Aug 2002
    Posts
    239
    Yeh, there are only several *key* ports you're gonna have to know.

    Kurt Seifried has compiled a HUGE database of ports (I think 8,547 of them, to be exact), including general firewall rules. Check him out here: http://www.seifried.org/security/ports/
    It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.

    Hit it!

  8. #8
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    AngelicKnight,

    Heres a simple overview of what ports are all about to help you get started...I recommend you follow up with reading material others have provided.

    1) They are only associated with the TCP/IP protocol stack.

    2) There are a maximum of 65535 available within TCP/IP stack...

    3) Ports are nothing more than a fancy name for TCP/IP applications or process .

    4) Ports are always associated with using either TCP or UDP transport protocols. (think of TCP and UDP as "trucks" that carry your applications)

    5) Ports 0-1023 are what's referred to as well known ports. This means you cannot write your own application/socket and assign it a number within that range.

    Some of the popular ports that you use every day fall within this range. They include:

    20/21- FTP which uses TCP
    23- Telnet which uses TCP
    80-HTTP which uses TCP
    53-DNS Which uses UDP
    25-SMTP which uses TCP (outgoing mail)
    110-POP3 which uses TCP (incoming mail)
    69-DHCP which uses UDP




    The last thing you need to know is:

    If you have a port open or what they refer to as listening, it means you are running that application. For example if you have port 80 open, it means you are a web server and are accepting connections.

    Anytime a device is running an application, meaning a port is listening, there will always be some risk/vulnerability to someone finding an exploit to compromising that system..


    I hope this helped you a bit...
    Good luck

    cheers...

  9. #9
    Junior Member
    Join Date
    Sep 2003
    Posts
    9
    if you have ever herd of STC (Simple Tool Kit) that has quite a good application on it that tell you what ports have what service. Stc 4 is the current version.

    i hope this helps
    the tallest blade of grass is first to be cut by the lawnmower

  10. #10
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    gunit0072003: Good post. Something to help visualize it is a 15min animation called "warriors of the net". It is pretty good. I think it was made by erricson a while back. It is available for free and in various quality ratings.

    It is an animatation that shows what exactly happens when you click on a hyperlink. It takes all the steps that take less than seconds, and streaches them out into about 15min. It helped people in my cisco classes understand exactly what was going on.

    Whoever has not seen this animation... I recommend you download it right now. It is quite large. It is about 121mb for the highest quality, 80mb for the other one.

    There is a 5mb sample trailer if you want to see if this is really for you or not.

    http://www.warriorsofthe.net/movie.html
    Make sure your right click on a video link and save target, or it'll try to play in a media player.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •