Networking 101: Ports, Protocols, TCP and UDP

 What is up guys!

In this blog, I'm going to talk about What are ports? What are Protocols? What is TCP? What is UDP? etc.

A Port is a place in the computer, which it uses to communicate and host various processes.

We can easily relate this theory of Ports to a shopping mall.

Imagine that you visit a shopping mall. What do you see there? A lot of shops right?

Now, when you look at a centralized map of the mall, you'll notice the shop and its floor and number, etc.

Thus each shop has it's own shop number and each shop provides some product to you. 

Another example can be your own body itself!!

If you want to speak, there's a particular place reserved for it, if you want to see things, there's a special place reserved for it, if you want to hear, there is a special place reserved for it and the list goes on.

In the above examples, you can assume your body and the shopping mall as a computer system and the special places and the shops as ports.

Similarly in computers, there are various services and processes present eg. HTTP, SMTP, DNS, etc. All these services have their special ports through which they operate!

A computer has 65536 ports for both TCP and UDP sides.

Here is a list of some common protocols and the ports occupied by them.


                                           TCP


         PROTOCOLS                                     PORTS


•        FTP                                                          21

•        SSH                                                   22

•        TELNET                                                 23

•        SMTP                                                      25

•        DNS                                                        53

•        HTTP                                                      80

•        HTTPS                                                   443

•        POP3                                                      110

•        SMB                                                   139+445

•        IMAP                                                     143


                                           UDP


         PROTOCOLS                                     PORTS

•        DNS                                                         53

•        DHCP                                                 67,68

•        TFTP                                                      69

•        SNMP                                                    161


Let me walk you through some of these protocols briefly.
For TCP,
• FTP stands for File Transfer Protocol and it is basically used for file transfer purposes. If the port pertaining to FTP is open, then you can connect to the system and transfer files to the server as well as copy the files of the server to your system as well.
• SSH stands for Secure Shell and is used to login into a system remotely and this is an encrypted process when it comes to SSH.
• TELNET stands for Telecommunication Network and is used to login into a system remotely but unlike SSH, encryption is not present over here so everything is in cleartext.
• SMTP (Simple Mail Transfer Protocol), POP3 (Post Office Protocol), and IMAP (Internet Message Access Protocol) are all related to mail service.
• DNS (Domain Name System) does the work of translating IP Addresses into names. It is both a TCP as well as UDP class protocol.
• HTTP (Hypertext Transfer Protocol) and HTTPS (Hypertext Transfer Protocol Secure) are used for website purposes. Remember that HTTP is unencrypted whereas HTTPS is encrypted.
• SMB (Server Message Block) is used for file sharing. It is sometimes referred to as "samba" and initially, it used only port 139 but in the later version of windows port 445 was used as well.

For UDP,
•  DNS (Domain Name System) does the work of translating IP Addresses into names. It is both a TCP as well as UDP class protocol.
• DHCP (Dynamic Host Control Protocol) does the work of assigning you an IP address randomly from a predefined range once you connect to a network.
• TFTP (Trivial File Transfer Protocol ) is the UDP version of FTP.
• SNMP (Simple Network Management Protocol) is used for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.

That's all about Ports and Protocols.

Now, we are going to talk about some level 4 (Transport Layer) concepts.

Let's have a look at TCP and UDP

TCP

TCP stands for TRANSMISSION CONTROL PROTOCOL.
It is a connection-oriented protocol.
Now, you might be wondering what this connection-oriented thing means...
In simpler terms connection-oriented means that before transmitting the data, a connection has to be established
Since TCP is connection-orientation, it is a reliable protocol so it is used in websites(HTTP & HTTPS), FTP, SSH, etc.

TCP works on the 3-way handshake rule
This rule works as follows.
Firstly the sender sends a SYN packet
After this, the receiver sends the SYN+ACK packet (Here the connection is established)
Finally, the sender sends the ACK packet

In layman's language,
The sender asks for permission to send the data. (SYN packet)
The receiver acknowledges the request (SYN+ACK packet) and here the connection is established between the sender and the receiver
After the receiver gives a thumbs-up to the data transfer, the sender sends the data (ACK packet)



UDP  

UDP stands for USER DATAGRAM PROTOCOL.
It is a connectionless protocol.
It is evident from the word itself that it doesn't need to establish a connection as in TCP and the data is sent directly
Since it is a connectionless protocol, data frames if lost, do not make any significant impact. Hence, it is used in VOIP, Streaming services, DNS, etc.


Here is a picture that will make you understand TCP and UDP




If you like the content then do consider connecting with me and pour your knowledge into my DM!!😇 

Instagram: bhavak_29

LinkedIn: https://www.linkedin.com/in/bhavak-kotak-3b6b071b1/

:NOTE:

All the images belong to their respective owners.

I am a learner so I learn things from different sources and I DO NOT claim that any of the content(if it does) belonging to someone else as mine.

Also a huge thanks to Heath Adams(AKA The Cyber Mentor). It is because of his course that I am motivated to put this content here and I have taken inspiration from his videos to a considerable amount of extent and tried to convey what I understood in the best way possible.



 

Comments

Post a Comment

Popular posts from this blog

Defeating RootME

Image
Hello hackers, Recently I started practicing on  Tryhackme  and came across this easy yet interesting machine named RootME by  ReddyyZ . I strongly recommend the beginners to try this machine out as it would clear the following several concepts of yours one of them being how to bypass file upload functionality and gain a reverse shell on the target system. Not only that, but you'll also have a basic idea about how privilege escalation works. So without taking up any more time of yours, let's jump into the walkthrough.                                                                                        : TASK 1 : Deploying the machine😅 While some of you might think what madness this is we already know that!! My dear friend, you're free to skip this portion then😊😌. Step 1: Connect to OpenVPN [Check the OpenVPN room so that you have an idea] Command used: openvpn {your openvpn file}   Step 2: Click on Start Machine or Start Attack Box. [ I think you can do this:) ] Step
Read more

TCS HACKQUEST PLAYGROUND WALKTHROUGH

Image
Hello Hackers! I hope you're doing well. This blog is a part of KeyCybr Internship. Recently I came across the TCS Hackquest Playground, and here I'll be giving an insight into the solution for the same. The link to register for the same is  https://play.tcshackquest.com/register   This playground is like a warm-up before the actual TCS Hackquest, which is probably scheduled for January 2022. Let's dive into the challenges. Challenge 1: Time to play with J.S.   As you click on "Link here" you'll be redirected to a page that looks like  You'll have to enter the value here to get the flag. Now, since there's nothing visible on the page, the fundamental thing that should strike you must be viewing the page source! As you visit the page source, you'll see The variable contains a base 64 string. On decoding it with the base 64 decoder You'll get submitthis: {text_to_be_submitted} As you submit the text and click on Retrieve the Flag, you'll rece
Read more

Networking 101: The OSI Model

Image
 In the last couple of writeups, we talked about various things related to protocols, IP addresses, MAC Addresses, etc. We used the term layers and we talked about various layers like layer 2, layer 3, etc for various terms and protocols and addresses. Here's where all these layers lie and it is the model that comprises of and gives information about these layers. We are going to talk about the OSI Model. OSI stands for Open System Interconnection and as the name suggests OSI model sets standards for the systems that are open to communicating with other systems. Sometimes during technical discussions, a switch may be referred to as layer 2 or a router as layer 3 so it is extremely important to have a good idea about the OSI model. The OSI model comprises 7 layers. An easy way to remember them is a sentence that goes like A P enguin S aid T hat N obody D rinks P epsi. (Top to bottom order) (If you're a Pepsi lover please don't get offended this is just for the sake of reme
Read more