Introduction to commonly used ports in network services

Others 2021-03-27 18:25:51 views: null

1. Port

       Port (Port), can be considered a device to communicate with the outside world communications outlet. There are 65,535 ports in total. 

       Ports can be divided into virtual ports and physical ports. The virtual port refers to the port inside the computer or the switch router and is not visible. For example, the 80 ports, 21 ports, 23 ports in the computer; physical ports are also called interfaces, visible ports, RJ45 ports on the backplane of computers, RJ45 ports such as switch router hubs, and RJ11 sockets used by phones belong to the category of physical ports.

 

Two, classification

According to the port type, it can be divided into three categories:

 

    Hardware port :

       The CPU performs data transfer with peripherals through interface registers or specific circuits . These registers or specific circuits are called ports.

    Network port :

       In network technology , Port has several meanings. The ports of hub switches and routers refer to interfaces connected to other network devices , such as RJ-45 ports , serial ports, etc. The port we are referring to here does not refer to the port in the physical sense , but specifically refers to the port in the TCP/IP protocol , which is the port in the logical sense.

     Software port :

       Buffer .

 

According to the port number, it can be divided into three categories:

 

    Well Known Ports: From 0 to 1023, they are tightly bound to some services. Usually the communication of these ports clearly indicates the agreement of a certain service. For example: Port 80 is allocated to WWW service, port 21 is allocated to FTP service, etc.

    Registered Ports: from 1024 to 49151. They are loosely bound to some services. In other words, there are many services bound to these ports, and these ports are also used for many other purposes. For example: Many systems deal with dynamic ports starting from around 1024.

    Dynamic and/or Private Ports: from 49152 to 65535. In theory, these ports should not be allocated for services, but should be allocated dynamically.

 

3. Ports commonly used in network services

8080 port

 

       ☆ Port description: Port 8080 is the same as port 80, which is used for WWW proxy service, which can realize web browsing. Often when visiting a certain website or using a proxy server, the port number ":8080" is added

       ☆ Port vulnerability: Port 8080 can be used by various virus programs. For example, Brown Orifice (BrO) Trojan horse virus can use port 8080 to completely remotely control an infected computer. In addition, RemoConChubo and RingZero Trojans can also use this port to attack. 

       ☆ Operation suggestions: Generally, we use port 80 for web browsing. In order to avoid virus attacks, we can close this port. 

Port: 21 

        Service: FTP 

        Note: The port opened by the FTP server is used for uploading and downloading. The most common attackers are used to find a way to open anonymous FTP servers. These servers have readable and writable directories. Ports opened by Trojans Doly Trojan, Fore, Invisible FTP, WebEx, WinCrash and Blade Runner. 


Port: 22 

        Service: Ssh 
        Description: The connection between TCP and this port established by PcAnywhere may be to find ssh. This service has many weaknesses. If it is configured in a specific mode, many versions that use the RSAREF library will have many vulnerabilities. 

Port: 23 

        Service: Telnet 
        Description: Remote login, the intruder is searching for services that remotely log in to UNIX. In most cases, scanning this port is to find the operating system running on the machine . There are other techniques where the intruder will also find the password. The Trojan Tiny Telnet Server opens this port. 

Port: 25 

        Service: SMTP 
        Description: The port opened by the SMTP server is used to send mail. The intruder looks for the SMTP server in order to deliver their SPAM. The account of the intruder is closed, and they need to connect to the high-bandwidth E-MAIL server to deliver simple information to different addresses. Trojan Antigen, Email Password Sender, Haebu Coceda, Shtrilitz Stealth, WinPC, WinSpy all open this port. 

Port: 80 
        Service: HTTP 
        Description: Used for web browsing. Trojan Executor opens this port. 

Port: 102 
        Service: Message transfer agent(MTA)-X.400 over TCP/IP 
        Description: Message transfer agent. 

Port: 109 
        Service: Post Office Protocol -Version3 
        Description: The POP3 server opens this port for receiving mail, and the client accesses the mail service of the server. POP3 services have many recognized weaknesses. There are at least 20 weaknesses in the user name and password exchange buffer overflow, which means that an intruder can enter the system before actually logging in. There are other buffer overflow errors after successful login. 

Port: 110 
        Service: All ports of SUN's RPC service 
       Description: Common RPC service has rpc.mountd, NFS, rpc.statd, rpc.csmd, rpc.ttybd, amd so on 

port: 119 
        services: Network News Transfer Protocol 
        Description: NEWS News Group Transfer Protocol, carries USENET communications. The connection to this port is usually people looking for a USENET server. Most ISPs restrict that only their customers can access their news server. Opening the newsgroup server will allow posting/reading anyone’s posts, accessing restricted newsgroup servers, anonymous posting or sending SPAM. 

Port: 135 
        Service: Location Service 
        Description: Microsoft runs DCE RPC end-point mapper on this port for its DCOM service. This is very similar to the function of the UNIX 111 port. Services that use DCOM and RPC use the end-point mapper on the computer to register their location. When remote clients connect to the computer, they look up the end-point mapper to find the location of the service. Is HACKER scanning this port of the computer to find out which Exchange Server is running on this computer? What version? Some DOS attacks directly target this port. 

Port: 137, 138, 139 
        Service: NETBIOS Name Service 
       Note: 137 and 138 are UDP ports, which are used when transferring files through network neighbors. And port 139: The connection entered through this port tries to obtain NetBIOS/SMB service. This protocol is used for windows file and printer sharing and SAMBA. And WINS Regisrtation also uses it. 

Port: 161 
        Service: SNMP 
        Description: SNMP allows remote management of equipment. All configuration and operation information are stored in the database , which can be obtained through SNMP. Many administrators' misconfigurations will be exposed to the Internet. Cackers will try to use the default password public and private to access the system. They may experiment with all possible combinations. SNMP packets may be incorrectly directed to the user's network

 

 

 

 

Guess you like

Origin blog.csdn.net/wxt_hillwill/article/details/73163060
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com