Focus2Learn
  • Way2Learn
  • OSI Model
    • Intro
    • OSI Model Layers - Functions and Protocols
    • TCP/IP Protocol Suite
    • Layers Functionalities
    • TCP and UDP ports
    • Network Connecting Devices
    • Network Security Devices
    • Network Vulnerability
    • Kerbros
  • Architectures
    • Qradar
    • Splunk ES
    • SOC Analyst Work Culture
    • Playbooks
  • Information Security
    • AAA
    • CIA Traid
    • Cyber Attacks
    • Cyber Kill Chain
    • Threat - Vulnerability - Exploit - Risk
    • MITRE ATT&CK Framework
    • Spoofing Attacks
  • Log Analysis
    • SSL
    • Splunk Queries
    • Log Aggregation, Processing and Analysis for Security
    • Firewall Logging
    • Proxy Server
    • DNS Server
    • Email Analysis
    • Network Data Analysis
    • Web Application Security
    • Threat Hunting with Microsoft O365 Logs
    • Darktrace
    • EDR
    • Random Topics
    • Incident Response
    • Windows Logs
    • Windows Ransomware Detection
    • Ref Diagrams
  • External Sites
    • Fav Links
    • Cyber-Kill-Chain_YouTube_Link
    • OWASP TOP 10 - 2017
    • Splunk UseCases
    • CCNA Course
    • Switch
    • Port Numbers
    • Windows Event IDs
    • Splunk-Oxygen
    • Privilege Escalation Attack
    • Threat Hunting with Splunk
  • PDF Files
    • Imp PDF Files
  • Online Reputation Checking Tool
  • AWS Cloud Security
    • AWS GuardDuty
  • Security Controls
  • CrowdStrike
    • Falcon Queries
    • User Sessions Hunting
    • Day to Day
    • Hunting Falcon
  • DarkTrace
    • Ref Links
  • Web Application Security
    • Links
Powered by GitBook
On this page

Was this helpful?

  1. OSI Model

TCP and UDP ports

PreviousLayers FunctionalitiesNextNetwork Connecting Devices

Last updated 4 years ago

Was this helpful?

A port is a 16-bit number used to identify specific applications and services. TCP and UDP specify the source and destination port numbers in their packet headers and that information, along with the source and destination IP addresses and the transport protocol (TCP or UDP), enables applications running on hosts on a TCP/IP network to communicate.

Applications that provide a service (such as FTP or and HTTP servers) open a port on the local computer and listen for connection requests. A client can request the service by pointing the request to the application’s IP address and port. A client can use any locally unused port number for communication. Consider the following example:

In the picture above you can see that a host with an IP address of 192.168.0.50 wants to communicate with the FTP server. Because FTP servers use, by default, the well-known port 21, the host generates the request and sends it to the FTP server’s IP address and port. The host use the locally unused port of 1200 for communication. The FTP server receives the request, generates the response, and sends it to the host’s IP address and port.

Port numbers are from 0 to 65535. The first 1024 ports are reserved for use by certain privileged services:

The combination of an IP address and a Port number is called a socket. In our example the socket would be 192.168.0.50:1200.

Reference

.

Click Here