questions on ports
Borrowed a sybex book and was hoping to find a table or list with the portsb, but cannot seem to find it. does anyone know where a list is of the ports?
Thanks
Thanks
Comments
-
Darril
Member Posts: 1,588
If you want a list of all the well known ports, you can look here:
http://www.iana.org/assignments/port-numbers
That list may be a little longer than you need though:).
I jest. But seriously, I've used that site a lot over the past few years as I've studied and taught Security+, and studied CISSP. As I've come across a protocol from the objectives, I've used the list to look up and document the port with the protocol in my notes.
If you can get your hands on the CompTIA Security+: Get Certified Get Ahead book, it has a table on page 146 of about 20 of the relevant ports.
Additionally, I seem to recall a post on this forum in the past six months that listed a lot of the relevant ports.
Darril Gibson
Author: CompTIA Security+: Get Certified Get Ahead
www.sy0-201.com
Security+ Blog
http://sy0201.blogspot.com/
Security+ Tip of day Tweets
twitter.com/DarrilGibson -
flav2000
Member Posts: 13 ■□□□□□□□□□
Borrowed a sybex book and was hoping to find a table or list with the portsb, but cannot seem to find it. does anyone know where a list is of the ports?
Thanks
I have the Sybex book myself and I don't recall them ever providing a list - they just sprinkle the ports numbers all over. I am able to find a link to a shortlist of ports though:
www. techotopia.com/index.php/Security%2B_-_Identifying_Common_and_Nonessential_Services
Based on some practice exam provided by different books, I would add a few others on top of the above list:
NETBIOS 137,138, and 139
Kerberos 88 (and 749)
RADIUS 1812, 1813
TACACS(+) 49
Although not really about ports, it seems like the practice questions I see ask about AH and ESP in IPSEC
IP protocol 50 ESP
IP protocol 51 AH -
Darril
Member Posts: 1,588
Good start for a list. Maybe others will add.
A common misconception is related to the protocol ID numbers associated with IPSec. As you state, the protocol ID number for the encrypting security protocol (ESP) is 50 and the protocol ID number used for the authentication header (AH) is 51. These are used to filter the specific IPSec protocols just as ports are used to filter specific protocols, but they aren't actually port numbers.
Darril Gibson
Author: CompTIA Security+: Get Certified Get Ahead
www.sy0-201.com
Security+ Blog
Security Plus: Get Certified Get Ahead
Security+ Tip of day Tweets
twitter.com/DarrilGibsonI have the Sybex book myself and I don't recall them ever providing a list - they just sprinkle the ports numbers all over. I am able to find a link to a shortlist of ports though:
Security+ - Identifying Common and Nonessential Services - Techotopia
Based on some practice exam provided by different books, I would add a few others on top of the above list:
NETBIOS 137,138, and 139
Kerberos 88 (and 749)
RADIUS 1812, 1813
TACACS(+) 49
Although not really about ports, it seems like the practice questions I see ask about AH and ESP in IPSEC
IP protocol 50 ESP
IP protocol 51 AH -
flav2000
Member Posts: 13 ■□□□□□□□□□
I thought I will throw it out there since they're asked on the exam. Definitely not port numbers. If they ask a question about ESP and give the choice of answers between IP Protocol 50 and TCP port 50 I bet a sizeable number of people would have got confused with the two.Good start for a list. Maybe others will add.
A common misconception is related to the protocol ID numbers associated with IPSec. As you state, the protocol ID number for the encrypting security protocol (ESP) is 50 and the protocol ID number used for the authentication header (AH) is 51. These are used to filter the specific IPSec protocols just as ports are used to filter specific protocols, but they aren't actually port numbers.
Darril Gibson
Author: CompTIA Security+: Get Certified Get Ahead
www.sy0-201.com
Security+ Blog
Security Plus: Get Certified Get Ahead
Security+ Tip of day Tweets
twitter.com/DarrilGibson -
veritas_libertas
Member Posts: 5,746 ■■■■■■■■■■
Good start for a list. Maybe others will add.
A common misconception is related to the protocol ID numbers associated with IPSec. As you state, the protocol ID number for the encrypting security protocol (ESP) is 50 and the protocol ID number used for the authentication header (AH) is 51. These are used to filter the specific IPSec protocols just as ports are used to filter specific protocols, but they aren't actually port numbers.
Darril Gibson
Author: CompTIA Security+: Get Certified Get Ahead
www.sy0-201.com
Security+ Blog
Security Plus: Get Certified Get Ahead
Security+ Tip of day Tweets
twitter.com/DarrilGibson
Thanks for clearing that up for me... -
Darril
Member Posts: 1,588
This topic kept rolling around in my head, so I wrote a couple of blog entries some may find useful:
Understanding Ports
http://sy0201.blogspot.com/2009/10/understanding-ports.html
Well Known Ports
Security Plus: Get Certified Get Ahead: Well-known ports
Darril Gibson
Author: CompTIA Security+: Get Certified Get Ahead
www.sy0-201.com
Security+ Blog
Security Plus: Get Certified Get Ahead
Security+ Tip of day Tweets
twitter.com/DarrilGibson
