Sunday, June 12, 2011

Imp Port NumberS

Question: What Is a Port Number?
Answer: In computer networking, a port number is part of the addressing information used to identify the senders and receivers of messages. Port numbers are most commonly used with TCP/IP connections. Home network routers and computer software work with ports and sometimes allow you to configure port number settings. These port numbers allow different applications on the same computer to share network resources simultaneously.
How Port Numbers Work:
Port numbers are associated with network addresses. For example, in TCP/IP networking, both TCP and UDP utilize their own set of ports that work together with IP addresses.
Port numbers work like telephone extensions. Just as a business telephone switchboard can use a main phone number and assign each employee an extension number (like x100, x101, etc.), so a computer has a main address and a set of port numbers to handle incoming and outgoing connections.
In both TCP and UDP, port numbers start at 0 and go up to 65535. Numbers in the lower ranges are dedicated to common Internet protocols (like 21 for FTP, 80 for HTTP, etc.).

?: why we r useing port numbers pls reply me
A: Ports are used to identify the type of service out of junk traffic

Some important port numbers

There are huge number of ports which are reserved. But the ports mentioned below are more important.
Important Linux Port Numbers
15 – Netstat
20 --FTP Data
21 => FTP
22 => SSH
23 => Telnet
25 => SMTP Mail Transfer
37 – Time
42 – WINS
43 => WHOIS service
53 => name server (DNS)
69 --TFTP
80 => HTTP (Web server)
443 -- HTTPS(SSL (https) (http protocol over TLS/SSL)
88 – Kerberos
109 -- POP2
110 => POP protocol (for email)
123 – NTP (Network time protocol)
161 – SNMP
143 -- IMAP
220 – IMAP3
995 => POP over SSL/TLS
9999 => Urchin
111 => rpcbind
953 => rndc
143 => IMAP Protocol (for email)
993 => IMAP Secure
443 => HTTP Secure (SSL for https:// )
500 – Internet Key Exchange, IKE (IPSec) (UDP 500
546-DHCPv6 client
547-DHCPv6 serveR
3306 = > MysQL Server
4643 => Virtuosso Power Panel
2082 => CPANEL
2083 => CPANEL - Secure/SSL
2086 => CPANEL WHM
2087 => CPANEL WHM - Secure/SSL
2095 => cpanel webmail
2096 => cpanel webmail - secure/SSL
3306 => SQL
Plesk Control Panel => 8443
DirectAdmin Control Panel => 2222
Webmin Control Panel => 10000

1. How to find which ports are open?
You can find the ports in your linux server with the nmap command
netstat -nap --tcp

2. How to investigate a port and kill suspicious process?
A good tutorial is here

3. Where do i find a complete list of linux ports for reference?
You can find the ports list: here

4. Which firewall is best for linux servers?
I would recommend to install APF firewall. You can find a good tutorial here:
Warning: Make sure that you dont block the important ports with the firewall.

A port is a communication point where one or more computers in a network communicate with each other through a program or software

Difference TCP vs UDP Protocol 

TCP/IP Protocol:
It is a connection oriented protocol
It has flow control and error correction
It is not fast and primarily used for data transmission like (http,ssh,smtp,ftp, mail etc.) 
Most common services requiring confirmation of delivery like http,ssh,smtp,ftp, mail etc. use TCP ports
Asked for authentication like user name and password

UDP Protocol:
It is connectionless protocol which means it can send packets without establishing connection with the receiver at first.  
It is error prone during transmission.
It is fast and used mostly for audio and video streaming.
UDP ports are commonly used by services or programs that dont require the confirmation of delivery of packets. Most commonly used is DNS queries using UDP port 53.