Well Known Ports for Security Ports
WilliamK99
Member Posts: 278
in Security+
Which ports do people absolutely must know IOT pass the Security + test. I am assuming FTP, Telnet, SSH, HTTP, HTTPS, but any others? Thanks!
Comments
-
quinnyfly Member Posts: 243 ■■■□□□□□□□As far as I know, currently these are required to be known, they are taken from my own notes, I took the exam mid lasy year:
Ports & Protocols:The Wings of Technology -
NotHackingYou Member Posts: 1,460 ■■■■■■■■□□The basics on the technotes section did it for me.When you go the extra mile, there's no traffic.
-
Darril Member Posts: 1,588The only ports that you absolutely must know for the Security+ exam are the ones that show up on your exam. You can skip the rest.
Of course, you won't know what those are until after you take it. Some people don't get any port questions, some get only the ones that are specifically listed on the objectives, and some get the ports that are alluded to such as syslog or VPN.
You may like to to check out this post that includes ports for Network+, Security+, and SSCP: Ports for Network+, Security+, and SSCP Exams | Get Certified Get Ahead.
Good luck. -
levatatinggoldfish Member Posts: 7 ■□□□□□□□□□I am also studying for the Security+ Exam and ports have been giving me trouble. Being completely new im having to memorize the ports, numbers, meaning, and have a general idea of what they do....this is proving to be a task for me, but its slowly coming together more and more each day. The ports that i've been given to study are: ICMP, FTP, SSH, TelNet, SMTP, TACACS, DNS, TFTP, Finger, HTTP, Kerberos, POP3, NNTP, NTP, NetBIOS, IMAP, SNMP, LDAP, HTTPS, SQL, L2TP, PPTP, RADIUS, RDP, Proxy Server, and three VPN ports: 50, 500, 1723. Ihope this helps as i am learning too.
-
DarthVader Member Posts: 71 ■■□□□□□□□□WilliamK99 wrote: »Which ports do people absolutely must know IOT pass the Security + test. I am assuming FTP, Telnet, SSH, HTTP, HTTPS, but any others? Thanks!
I would know DNS, SMTP, IPsec as well -
docrice Member Posts: 1,706 ■■■■■■■■■■IPsec uses either TCP or UDP 500 for ISAKMP (usually it's UDP that I've seen in most implementations, although some vendors like Check Point give you the option to do it over TCP). Otherwise it uses protocol 50 for ESP and 51 for AH. 50 and 51 are not ports, they're protocol numbers, just like TCP is protocol 6 and UDP is 17. This protocol value is located in the IP header, byte offset 9 (that bit of info probably won't be on a Security+ exam).
PPTP uses TCP 1723 to set up the connection, but uses GRE (protocol 47) for the user traffic.
ICMP is also not a "port" as it's not a transport protocol. It's sometimes referred to as protocol 1 (like TCP is protocol 6), but it has several type and code values representing their specific function. ICMP echo requests are ICMP type 8, code 0. ICMP echo replies are ICMP type 0, code 0. An ICMP port unreachable is ICMP type 3, code 3.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/