Is there a resource of RELEVANT port numbers for Sec+

mboycey

Ive been reading in here that having all the port numbers in a table and memorising them helps for the exam, but there are obviously many port numbers many of which are not needed for this cert and obviously way to many to remember. So i ask this, is there a single resource ie a table, that contains the essential port numbers for this cert?

Im sure someone out there has a resource they can either copy and paste or link to.

Im only after the ones that are essential to the exam.

Cheers

indubasu

sure, check this out
http://www.techexams.net/coexam/start.php?exam=secplusports

JLL

mboycey,

The ports I studied when passing the Sec+ cert are listed below. It may seem like a lot at first, but if you read them aloud every AM and memorize them in groups, you should be OK. This is definitely not a comprehensive list as you know, but as mentioned earlier, they helped me pass.

I feel they will allow you to either quickly answer a port-related question or really help you eliminate some answers.

Good Luck!

JLuna

20, 21 FTP
22 SSH
23 Telnet
25 SMTP
53 DNS
49 TACACS
67, 68 DHCP
69 TFTP
80 HTTP
109 POP v2
110 POP v3
119 NNTP
123 NTP
143 IMAP
161 SNMP
162 SNMP Trap
389 LDAP
443 HTTPS
1701 L2F
1723 PPTP

Ten9t6

looks like a good list.....Just know all the common ports and you will be fine. As you start doing this more, you will not be able to forget the port numbers......Ip addresses......old phone numbers.....old gym locker combo.....haha...please make the numbers go away!

Actually...do the port number quiz on this site and you should be good.

nachius

Be sure you know the following TCP ports as a minimum: 21, File Transfer Protocol (FTP) control; 20, FTP data; 22, Secure Shell (SSH); 23, Telnet; 25, Simple Mail Transfer Protocol (SMTP); 80, Hypertext Transfer Protocol (HTTP); 110, Post Office Protocol 3 (POP3); 119, Network News Transfer Protocol (NNTP); 143, Internet Message Access Protocol (IMAP4); 443, Secure Sockets Layer (SSL and HTTPS); 1812, Remote Authentication Dial-In User Service (RADIUS); and 3389, Microsoft Remote Desktop.


PORTS
1701 – L2TP
1723 – PPTP
162 – SNMP Trap
88 – Kerberos
69 – TFTP
Authentication Header (AH) IPSec 51
Encapsulation Security Payload (ESP) IPSec 50

Some of those may overlap, but that was the list I used, they are pulled from various sites and I added a few.

OpenSource

Actually, port 20 is FTP data, and port 21 is FTP control... In contrast to the above post by nachius. But anyway...

I put together a short comrehensive list of commonly used TCP/IP ports when working on some networking tasks. It's not meant to be an all inclusive list of course, as there are over 65,000 ports (though only a small percent of those 65,000 are actually regulated)... I hope this helps someone...

- Joey

TCP/IP Protocol Ports List:
(Commonly Used Protocols)

---

Port #7 -> ICMP - "Internet Control Message Protocol" (Packet information - Used w/ pings)

Port #7 -> Echo - (One way communication - Used w/ pings - "Half Duplex" - Used w/ ICMP)

Port #20 -> FTP - "File Transfer Protocol" (Data channel)

Port #21 -> FTP - "File Transfer Protocol" (Control channel)

Port #22 -> SSH - "Secure Shell" (Secure remote connections)

Port #23 -> Telnet - "Terminal Emulation" (Secure remote connections)

Port #25 -> SMTP - "Simple Mail Transfer Protocol" (E-mail)

Port #49 -> TACACS - "Terminal Access Controller Access Control System" (Secure remote Unix connections)

Port #50 -> ESP - "Encapsulation Security Payload" (IPSec)

Port #51 -> AH - "Authentication Header" (IPSec)

Port #53 -> DNS - "Domain Name System" (or Service or Server)

Port #67 -> DHCP - "Dynamic Host Configuration Protocol" (Dynamic IP assign)

Port #68 -> DHCP - "Dynamic Host Configuration Protocol" (Dynamic IP assign)

Port #69 -> TFTP - "Trivial File Transfer Protocol" (FTP w/ no security)

Port #79 -> Finger - (User Information Retrieval Protocol - Unix)

Port #80 -> HTTP - "HyperText Transfer Protocol" (Used w/ Internet)

Port #88 -> Kerberos (Secure network file transfer)

Port #109 -> POP v2 - "Post Office Protocol" (E-mail)

Port #110 -> POP v3 - "Post Office Protocol" (E-mail)

Port #111 -> DCOM - "Distributed Component Object Model" (Remote connections, like RPC)

Port #119 -> NNTP - "Network News Transfer Protocol" (Retrieve USENET messages)

Port #123 -> NTP - "Network Time Protocol" (Time synchronization)

Port #135 - RPC - "Remote Procedure Call" (Remote connections, like Telnet)

Port #137 -> NetBIOS - "Network Basic Input Output System" (NetBIOS transport layer)

Port #138 -> NetBIOS - "Network Basic Input Output System" (NetBIOS transport layer)

Port #139 -> NetBIOS SMB - "Network Basic Input Output System Server Message Block" (NetBIOS transport layer)

Port #143 -> IMAP - "Internet Message Access Protocol" (E-mail - POP w/ additional features)

Port #161 -> SNMP - "Simple Network Management Protocol" (Network management)

Port #162 -> SNMP Trap - "Simple Network Management Protocol" Trap (SNMP event notification)

Port #389 -> LDAP - "Lightweight Directory Access Protocol" (Information directory access)

Port #443 -> HTTPS (S-HTTP) - "Secure HyperText Transfer Protocol" (Secure internet)

Port #443 -> SSL - "Secure Sockets Layer" (Secure internet data transfer)

Port #445 -> SMB w/ IP - "Server Message Block" w/ "Internet Protocol" (Used w/ NetBIOS and Samba)

Port #636 -> LDAP w/ TLS - "Lightweight Directory Access Protocol" w/ "Transport Layer Security" (Secure information directory access)

Port #689 -> LDAP w/ SSL - "Lightweight Directory Access Protocol" w/ "Secure Sockets Layer" (Secure information directory access)

Port #1234 -> SubSeven - (Commonly Used "Backdoor Trojan Horse" Port - Unauthorized Access)

Port #12345 -> NetBus - (Commonly Used "Backdoor Trojan Horse" Port - Unauthorized Access)

Port #1701 -> L2F/L2TP - "Layer Two Tunneling Protocol" (Secure VPN)

Port #1723 -> PPTP - "Point-to-Point Tunneling Protocol" (VPN remote access)

Port #1812 -> RADIUS - "Remote Authentication Dial-In User Service" (Dial-Up ISP authentication)

Port #3128 -> Squid Proxy - (Internet Proxy Application)

Port #31337 -> BackOrifice - (Commonly Used "Backdoor Trojan Horse" Port - Unauthorized Access)

Port #3389 -> MRP - "Microsoft Remote Desktop" (Remote tech support)

Port #6711 -> SubSeven - (Commonly Used "Backdoor Trojan Horse" Port - Unauthorized Access)

Port #8080 -> HTTP - "HyperText Transfer Protocol" (Used w/ Internet)

nachius

Thanks, for pointing that out, I corrected it. I pasted that straight from a site I used to study, hence why you should ALWAYS use multiple sources.

I'll have to track that site down and let them know. I was unable to paste the "chart" I actually used because it was a pic on the site I pulled it from.

OpenSource

Yeah, not a problem. I also double checked multiple sources before posting that list, so unless they are all wrong it should be pretty well accurate. Like you mentioned though, ALWAYS use/consult multiple sources if you want reliable information.

EDIT: I should also mention, some of the ports above are also UDP as well as being TCP/IP. I will post the specifics when I have enough time.

- Joey

mgmguy1

Thanks OpenSource for the ports list. I will use this list you made as a reference. BTW, Here is another link to a good spot for Ports.

http://www.governmentsecurity.org/articles/CommonPorts.php

Webmaster

To the posters whose replies are removed: Please, do NOT disclose what you had or not had on 'your' exam.