Filters:

  • Technologies

  • Instructors

  • CompTIA Series – Internet Ports

    This blog provides some tables covering common Internet (IP whether TCP or UDP) ports that may be found on CompTIA entry level exams.  A continuation of my series addressing content useful for candidates preparing for CompTIA A+ or Security+ exams.   Allow me to recap my goal with this series:

    For instructor-led CompTIA classes, see our course schedule

    Although CompTIA exams are heavily based upon the published exam objectives, CompTIA tends to expand target material by exposing candidates to potential content on their certification exams. Although such questions are not supposed to count toward the exam score, they can be particularly disconcerting – and if they occur on one of the more time consuming simulation questions also rather disruptive to the candidate’s focus.

    Since the exam objectives may lag technology introduction by three years or more, you may find it beneficial to consider technology extensions to existing exam objectives during your certification preparations. In that light, I will be providing a growing series that introduces new or potentially expanding content.

    My goal here is to provide you with a study list or guide, not a full explanation for each of the ports listed. The material related to Internet ports or protocols provided within the CompTIA objectives can sometimes be deceiving in its apparent simplicity.  In other words, the Objectives don’t typically clarify that both the protocol and its default associated port should be known for the exam.

    As an introduction to common TCP and UDP ports, the A+ 220-801 objectives provide the following learning target.

    2.4 Explain common TCP and UDP ports, protocols, and their purpose.

    Ports

    • 21 – FTP
    • 23 – TELNET
    • 25 – SMTP
    • 53 – DNS
    • 80 – HTTP
    • 110 – POP3
    • 143 – IMAP
    • 443 – HTTPS
    • 3389 – RDP

    Protocols

    • DHCP
    • DNS
    • LDAP
    • SNMP
    • SMB
    • SSH
    • SFTP
    • TCP vs. UDP

    Although the Objectives do not list them, you should take note of the Ports commonly used with these Protocols.

    The Security+ SY0-401 Objectives provide the following ports and protocols list:

    1.4 Given a scenario, implement common protocols and services.

     Protocols

    • IPSec
    • SNMP
    • SSH
    • DNS
    • TLS
    • SSL
    • TCP/IP
    • FTPS
    • HTTPS
    • SCP
    • ICMP
    • IPv4
    • IPv6
    • iSCSI
    • Fibre Channel
    • FCoE
    • FTP
    • SFTP
    • TFTP
    • TELNET
    • HTTP
    • NetBIOS
    You may also like:  How to Connect Your GNS3 Environment to VirtualBox in Windows 8

     Ports

    • 21
    • 22
    • 25
    • 53
    • 80
    • 110
    • 139
    • 143
    • 443
    • 3389

    As you continue to study other secured protocols, including VPN, IPSEC and various authentication, authorization, or key exchange mechanisms you should also become familiar with the default ports used by the most common transports.

    Given the requirements under the DoD 8570.01-M: mandate, it would not hurt you to know the full set of ports, whether studying for the A+ or Security+ credential. IT Contributors and developers are required to have the A+ credential, while  supervisors and leadership positions are required to hold both the A+ and Security+ credential.  Knowledge across both certifications is therefore useful for career advancement.

    Study Table

    Note: This table is NOT comprehensive. It provides a list of ports commonly referenced on CompTIA A+ and/or Security+ exams.

    Remember that 0-1023 are considered “Well Known” or reserved ports, albeit their use has evolved significantly over the last two decades of Internet growth. Additional research on each of the ports listed will identify more details, specific or alternate uses, as well as both legacy and current application use. Once again, my attempt is to identify the ports as they are typically referenced within entry level CompTIA materials and exams – not necessarily as you will find them listed within a Wikipedia article.

    I like to use SpeedGuide.net when researching additional port and transport information.  The site library of port information is extremely comprehensive, including use by legacy and less known applications, as well as typical malware vulnerabilities.  You can enter the site directly via the Port Database. Then select the Port number you wish to investigate.  This site is particularly useful for information assisting you to secure your network since the Port Database identifies common attacks, bots, Trojans, and other malware exploitation of each targeting UDP or TCP traffic.

    1ICMP (ping, etc.)UDP
    7Echo        (Wake-On-LAN alternate)TCP/UDP; Fraggle Attack
    9WakeOnLan  (formerly Discard)TCP/UDP
    19ChrgenTCP/UDP, Fraggle attack
    20FTP Transfer
    21FTP ControlTCP
    22SSH (SCP), SFTPTCP
    23TelnetTCP
    25SMTPTCP
    42WINS replicateTCP/UDP
    47PPTP VPN  (also port 1723)TCP/UDP, typically called Ni-FTP
    49TACACs+TCP (vulnerable on UDP)
    50ESP/IPSEC`TCP   (formerly re-mail-ck)
    53DNSTCP
    67DHCP  Server (former Bootstrap)UDP
    68DHCP  Client  (former Bootstrap)UDP
    69TFTPUDP, Transfer via random ephemeral ports
    80HTTPTCP  (often redirected to 81, 8080, 8081)
    88KerberosUDP
    110POP3TCP
    119NNTPUDP
    123NTPUDP
    135RPC  /DCE endpoint mapperTCP/UDP
    137WINS  (Netbios Name Service)TCP/UDP
    138Netbios Datagram ServiceTCP/UDP
    139SMB (Server Message Block)Also Netbios Session ServiceSMB over NetbiosTCP/UDP
    143IMAPTCP/UDP
    161SNMPUDP (TCP)
    389LDAPTCP
    443HTTPS (SSL/TLS/FTPS)TCP
    445SMBSMB over TCP  (No need for Netbios layer)
    500IPSEC: IKE /ISAKMPUDP/TCP
    636Secured LDAP (LDAPS)TCP
    989FTPS FTP over TLS/SSL DATATCP/UDP
    990FTPS     FTP over TLS/SSL ControlTCP/UDP
    991FTPS  (seldom referenced); was Netnews AdministrationTCP
    1645Radius AuthenticationUDP
    1646Radius AccountingUDP
    1701L2TP  (VPN)TCP
    1812Radius AuthenticationUDP
    1813Radius AccountingUDP
    3389RDP/Terminal ServicesTCP
    4500IPSEC: IKE /ISAKMPUDP
    You may also like:  How to Get Your Start into IT – Video by Spike Xavier

    For those of you taking the Security+ exam, you might want to take a closer look at IPSEC which I will likely cover in more detail in a separate blog.  Multiple ports are associated with IPSEC.  Here is a quick overview:

    IPSec (VPN tunneling) uses the following ports:
    50 – Encapsulation Header (ESP)
    51 – Authentication Header (AH)
    500/udp – Internet Key Exchange (IKE)
    4500/udp – NAT traversal
    500/tcp – sometimes used for IKE over TCP
    1701 (L2TP)
    1723 (PPTP)

    Good luck with your certification preparations.

    Steven Fullmer
    Interface Technical Training Staff Instructor

    Steve teaches PMP: Project Management Fundamentals and Professional Certification, Windows 10Windows 7, Windows 8.1 and CompTIA classes in Phoenix, Arizona.

     

    See what people are saying...

    1. Pingback: CompTIA Series: IPSec - Preparing for CompTIA Certification

    Share your thoughts...

    Please fill out the comment form below to post a reply.