Network Port Flashcards
(11 cards)
What is a Network Port?
Network ports can be considered virtual doors through which network communications can pass. Each port is associated with a number which is standardized for specific types of services. For example, the hypertext transfer protocol, or HTTP, uses port 80 for accessing websites and web servers. And the simple mail transfer protocol, or SMTP, uses Port 25 for email transmission.
Open ports are active listeners on a network waiting for requests or commands to process.
For instance, to transfer a file using file transfer protocol, or FTP, port 23 must be open. While open ports are necessary for business operations, there are also potential entry points for attackers.
What are the risks with open Network Ports?
-Unauthorized access
-Service exposure
-Malware
Whats the best way to protect open Network Ports?
-Regular Network Port audits
-Firewalls
-Updates/latest security
patches
-Min level to perform task
-Segment network into
different zones
-Enable logging and
monitoring (security)
What are (3) common ports?
-HTTP (port 80); default
websites/webservers
-HTTPS (port 443); protects
data transmission
-FTP (port 21); files between
computers over a network
Whats a registered port?
Registered ports range from 1024 to 49151 and are assigned to specific applications or services by the Internet Assigned Numbers Authority (IANA). Proprietary software, gaming applications, and various other services commonly use these ports.
Whats a dynamic or private port?
Dynamic or private ports range in number from 49152 to 65535. These ports are typically used for temporary or ephemeral connections and are not officially assigned to any specific application or service. Ephemeral connections refer to temporary or short-lived connections between devices or systems.
What is port forwarding?
It involves the intelligent management of network traffic based on predetermined rules set in a router or network gateway.
Through port forwarding, the network administrator can configure the router to forward any traffic it receives on port # to a specific computer within the local network. The router is set up with rules that dictate that traffic coming to certain port numbers (like port 80 for HTTP) should be sent to the private IP address of a specific computer or server.
How does Dynamic DNS and port forwarding work?
To resolve this, Dynamic DNS (DDNS) services can be used in conjunction with port forwarding. DDNS ensures that even if the public IP address changes, the domain name used to access the services remains the same. The DDNS service automatically updates the DNS record with the network’s current public IP address.
What is involved in port forwarding security?
-Foward only necessary ports
-Use strong authorization
and encryption
-Keep software up-to-date
-Monitor and log activity
-Use firewalls
-Network traffic analysis
tools
-3rd party risk management
What is the significance of port management?
-Reduced attack surface
-Enhanced visiblity and
control
-Improved compliance
What are some strategies to protect against port scanning and port threats?
-Intrusion detection and
prevention systems (IDPS)
-Rate limiting and traffic
shaping
-Honeypots and decoy
services
-Network monitoring and
logging
-Security awareness training
