Port Numbers: The three different types

I have a question about port numbers.

Currently,I am reading about how there are three different types of port numbers that IANA ( The Internet Assigned Numbers Authority) has standards for.

Well known port numbers ( Numbers 0 to 1023) These are reserved for Service and applications.

Registered ports (Numbers 1024 to 4951) These port numbers are assigned to user processes and or applications

Dynamic or Private Ports ( Numbers 49152 to 65535) These are usually assigned dynamically to client applications when initiating a connection.

My question is this. I have Well known ports section down pretty good. Example I know Port 80 is a connection-oriented protocol and uses TCP where DNS port is 53 and uses the UDP Connection-less protocol . How deep should study the well known port numbers ?

Please advise.
Patrick

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

CodeBlox

Any stuff I had was related to the well known ports. I've only taken ICND1 so Im not sure if there is anything else on ICND2.

spiderjericho

A lot of the knowledge really comes into play when you start making ACLs and play with firewalls.

But I'd say know FTP, TFTP, DNS, SMTP, LDAP, SMB, SCP/SSH, POP3, SSL/HTTPS, HTTP, NTP, etc.

And DNS can use both TCP and UDP. Again, when talking from the perspective of firewalls. not writing a policy/ACL to allow both, can create problems depending on your network architecture.

And if you were to look at a dialog/exchange, you can see how the well known ports and dynamic/registered ports work. A perfect example would be to look at a http exchange.

If you have GNS3, you can open wireshark and check it out. Or you can try it in packet tracer.

ChooseLife

mgmguy1 wrote: »

Example I know Port 80 is a connection-oriented protocol and uses TCP

Just a word of advice: develop a habit of always pairing port number with protocol name, e.g. "TCP port 80", otherwise you're not fully and unambiguously defining the port. It always ticks me off when I see it in the field ("I opened port 12345 on the firewall..."). Port 80/tcp is a TCP port, and hence connection-oriented, but 80/udp is connectionless.

And as mentioned above, DNS uses both 53/udp and 53/tcp