As a network security engineer, you must be familiar with network ports. Ports are generally divided into the following three categories:
(1) Well-Known Ports: range from 0 to 1023
(2) Registered Ports: from 1024 to 49151
(3) Dynamic/Private Ports: from 49152 to 65535.
-
Port 20 FTP data port
-
Port 21 FTP control port
-
Port 22 SSH port
-
Port 23 Telnet port
-
Port 25 SMTP port
-
Port 53 DNS port
-
Port 67 DHCP server
-
Port 68 DHCP client
-
Port 69 TFTP port
-
Port 79 Finger service port
-
Port 80 HTTP port
-
Port 88 EIGRP protocol port
-
Port 89 ospf protocol port
-
Port 99 Metagram Relay service port
-
Port 102 Message Transfer Agent Port
-
Port 109 POP2 port
-
Port 110 POP3 port
-
Port 111 SUN company's RPC service port
-
Port 113 Windows Authentication Service Port
-
Port 119 NNTP port
-
Port 123 NTP Time Protocol Port
-
Port 135 RPC service port
-
Port 137 NetBIOS service port
-
Port 138 NetBIOS service port
-
Port 139 NetBIOS Session Service port
-
Port 143 IMAP port
-
Port 161 SNMP port
-
Port 162 SNMP Trap port
-
Port 179 BGP port
-
Port 389 LDAP port
-
Port 443 HTTPS port
-
Port 445 SMB service port
-
Port 465 SMTPS unofficial standard port
-
Port 512 rexec port
-
port 513 rlogin port
-
Port 514 Syslog port
-
Port 515 515 TCP port for LPD
-
Port 520 RIP routing protocol port
-
Port 554 RTSP port
-
Port 587 SMTPS official standard port
-
Port 636 LDAPS port
-
Port 873 rsync service port
-
Port 993 IMAP encrypted port
-
Port 995 POP3 encrypted port
-
Port 1080 Socks proxy service port
-
Port 1433 SQL Server port
-
Port 1521 Oracle port
-
Port 1701 L2TP port
-
Port 1723 PPTP port
-
Port 1812 RADIUS authentication port
-
Port 1813 RADIUS accounting port
-
Port 2049 NFS port
-
Port 2181 zookeeper service port
-
Port 2375 Docker default port
-
Port 3306 Mysql port
-
Port 3389 RDP port
-
Port 5000 sybase/DB2 database
-
Port 5432 PostgreSQL port
-
Port 5631 PCAnywhere data port
-
Port 5632 PCAnywhere Status Port
-
Port 5900 VNC port
-
Port 6379 redis port
-
Port 6380 redis internal port
-
Port 7001 weblogic port
-
Port 8069 Zabbix service port
-
Port 8080 Tomcat port
-
port 8848 nacos port
-
Port 9092 kafka default listening port
-
Port 9200 ElasticSearch external communication port
-
Port 9300 ElasticSearch cluster communication port
-
Port 10050 Zabbix Agent actively sends data
-
Port 10051 Zabbix Server periodically requests data from the Agent
-
Port 11211 memcached port
-
Port 27017 mongodb port
-
Port 5672 RabbitMQ port
` How to learn hacking & network security
As long as you like my article today, my private network security learning materials will be shared with you for free. Come and see what is available.
1. Learning roadmap
There are a lot of things to learn about attack and defense. I have written down the specific things you need to learn in the road map above. If you can complete them, you will have no problem getting a job or taking on a private job.
2. Video tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is an Internet security video tutorial I recorded myself. I have accompanying video explanations for every knowledge point in the roadmap above.
The content covers the study of network security laws, network security operations and other security assessments, penetration testing basics, detailed explanations of vulnerabilities, basic computer knowledge, etc. They are all must-know learning contents for getting started with network security.
(They are all packaged into one piece and cannot be expanded one by one. There are more than 300 episodes in total)
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
3. Technical documents and e-books
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF, and digging SRC vulnerabilities. There are more than 200 e-books. Due to the sensitivity of the content, I will not display them one by one.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
4. Toolkit, interview questions and source code
"If you want to do your job well, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
There is also the case source code and corresponding toolkit mentioned in my video, which you can take away if needed.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
Finally, here are the interview questions about network security that I have compiled over the past few years. If you are looking for a job in network security, they will definitely help you a lot.
These questions are often encountered when interviewing Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi’anxin official website, Freebuf, csdn, etc.
Content features: Clear organization and graphical representation to make it easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration testing, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logical vulnerability, tools, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.