Most used NETWORK Protocols with OSI Layers and port numbers
In this article, I will give information about the most used network protocols and the ports they use as a standart. For a better understanding of the subject, I will first give some definitions about network.
1. Definitons
1.1. Network
Network is the connection of two or more IT devices to share resources (data).
1.2. Network protocols
Network protocols determine how to communicate between IT devices on the network. These are standard around the world. Protocols are implemented by software, hardware, or both. Protocols determine how network devices negotiate, send and receive data.
Network protocols can:
• Sorting of data: Separating data into packets,
• Data routing: Determining the most efficient route between the receiver and the transmitter,
• Flow control: Ensuring harmony between the receiver and transmitter operating at different speeds,
• Error checking: Sending data without error.
1.3 Port
The word port, which computer users have heard in different areas, including daily use, can be defined as the leading actor of a large traffic. A port is a bridge for networks. The port, which has 2 protocols, TCP and UDP, is the core member of data exchange between IT devices.
The port, which is heard a lot by users who go beyond the use of computers and the internet and try to solve their problems on their own, is just one of hundreds of technical computer terms.
The port is divided into two as physical and virtual. For example, the port on switch, hub-like devices is physical, and the port used by TCP protocols is virtual.
1.3.1 Virtual Port
All computers have IP addresses to communicate with each other. IP addresses are divided into ports, creating a virtual bus. A port is known as a “bridge” in computer networks. Port is an important member of data exchange between computers.
The port, which exchanges data over numbers, is divided into values starting from 0 to 65535 in order to perform many operations at the same time.
The port, whose most basic function is to exchange data, has a number system. Every computer has an IP address, and each IP address is divided into ports. This helps each IP address to exchange data for multiple purposes at the same time.
Each program on the computer uses a certain number of ports. This results in users being able to check their e-mails while visiting a website at the same time.
Note: Queries must be made from specific ports, while replies can come from any port (one of 65535 ports).
2. Most used NETWORK Protocols
In the following, I will explain the most commonly used network protocols and their standart port numbers and the OSI model layers they work with
FTP (File Transfer Protocol)/ Port 20–21 / Application Layer 7
FTP allows users to transfer files over the Internet to other computers. It is a protocol that provides file transfer between two computers connected to the Internet and the name given to the application that serves this process. For example, files that are requested to be included in a website can be transferred to servers via FTP.
SSH (Secure Shell) / Port 22 / Application Layer 7
SSH is a cryptographic network protocol used for the secure operation of network services on an unsecured network. The best known example application is for remote login to computer systems.
SSH provides a secure channel over an insecure network under a client-server architecture by connecting an SSH client to an SSH server. Common applications include remote command line login and remote command execution, but any network service can also be secured with SSH.
TELNET / Port 23 / Application Layer-7
Telnet is a TCP/IP protocol developed to connect a multi-user machine on an Internet network from another remote machine and is the general name given to the programs that do this job. In order to log in to the connected machine, you must have a user name there and a telnet access program to make the connection. However, some library and public telnet based web services may not ask for a username (number) when connecting; Or, what you need to write as a user name and password will appear automatically when you connect. Telnet is widely used today to access BBS (Bulletin Board Systems) systems over the Internet. Telnet access programs come with most operating systems today. Multi-user operating systems (UNIX and VMS) usually offer a text-based interface to users, and in these systems, all operations are performed from the command prompt using the keyboard.
SMTP (Simple Mail Transfer Protocol ) / Port 25 / Application Layer-7
SMTP is the basic element that constitutes the communication process related to sending e-mail. SMTP can be defined as a TCP/IP protocol used when sending and receiving e-mail between servers. They are used with POP/IMAP.
Basic Functions:
- Verifies who is sending email via SMTP server.
- Sends outgoing mail
- If the outgoing mail cannot be delivered, it sends the message back to the sender.
How it Works:
The e-mail delivery functionality is almost the same as the physical mail delivery system. The user provides the e-mail (a letter) and a service (the mail delivery service) and delivers it to the recipient’s inbox (mailbox) through a series of steps. . The role of the SMTP server in this service is to act as the sorting office, e-mail (letter) is received and sent to this server and then forwarded to the recipient.
POP3 (Post Office Protocol V3 ) / Port 110 / Application Layer-7 and IMAP4 (Internet Message Access Protocol V4) / Port 143 / Application Layer-7
POP and IMAP are e-mail protocols that are responsible for e-mail transfer between a client and a mail server.
The main differences are in POP’s simpler approach to downloading the inbox from the mail server to the client. Where IMAP will sync existing inbox with new mail on server, download anything new. This means that if you sync the inbox from another computer, changes made to the inbox made on one computer via IMAP will continue. The POP/IMAP server is responsible for performing this operation.
DNS (Domain Name Service) / Port 53 / Application Layer-7
Domain Name Services are used to tell other computers the IP address of the domain to be accessed.
TFTP (Trivial File Transfer Protocol) / Port 69/ Application Layer-7
TFTP is used when a file transfer does not require an acknowledgment packet during file transfer. TFTP is used often in the router configuration. TFTP is similar in operation to FTP. TFTP is also a command-line-based utility.
One of the two primary differences between TFTP and FTP is speed and authentication. Because TFTP is used without acknowledgment packets, it is usually faster than FTP. TFTP does not provide user authentication like FTP and therefore the user must be logged on to the client and the files on the remote computer must be writable. TFTP supports only unidirectional data transfer (unlike FTP, which supports bi-directional transfer). TFTP is operated over port 69.
HTTP (Hyper Text Transfer Protocol) / Port 80 / Application Layer-7
The HTTP protocol is the protocol that allows viewing web pages over the network. HTTP protocol determines the exchange rules between client (PC) and server (server). It uses port 80 as a port. The client sends a request to the server. This request is transmitted via web browsers such as Internet Explorer, Google Chrome or Mozilla Firefox. The server receives this request and responds via web server programs such as Apache or IIS.
OSPF (Open Shortest Path First) Protocol / Port 89 / Transport Layer 4
OSPF is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. In an OSPF network, routers or systems within the same area maintain an identical link-state database that describes the topology of the area.
SNMP (Simple Network Management Protocol) / Port 161 / Application Layer-7
SNMP is designed to control units on computer networks as they grow. Various information from the temperature on the device to the users connected to the device, from the internet connection speed to the system operating time are kept in the tree structure defined in SNMP.
SNMP is an application layer protocol for the exchange of administrative information across network devices. SNMP, which is part of the TCP/IP protocol; It enables network administrators to improve network performance, find and solve network problems, and plan for expansion in networks.
BGP (Border Gateway Protocol)/ Port 179 / Transport Layer-4
BGP is a network protocol that provides information sharing and routing between autonomous systems on the Internet. Today, even the smallest query you make on the Internet is realized thanks to this protocol.
BGP Routing Tables:
- Neighbor Table: Neighbor routers are added to this table manually. In addition, it is possible to keep the information about which information will be transferred to which router in this table.
- BGP Table: It keeps track of whether or not working information is received from the neighboring router every minute.
- IP Routing Table: It keeps records of the best routes in the BGP (Border Gateway Protocol) table.
Although BGP is a very reliable and healthy Routing Protocol, it is a slow running protocol. In the system where this protocol is used, you may also need a redundant connection.
HTTPS (Hyper Text Transfer Protocol Secure)/ Port 443/ Application Layer-7
SSL (Secure Sockets Layer) / Port 443 / Presentation Layer 6
TLS (Transport Layer Security) / Port 443 / Presentation Layer 6
https is a protocol that is formed by adding SSL/TLS security protocol to the http protocol, which enables web pages to be viewed over the https network, and allows secure web page viewing.
SSL is a type of digital security technology that allows encrypted communication between a website and a web browser. This technology is now outdated and has been completely replaced by TLS.
SMB (Server Message Block) / Port 139-445 / Application Layer-7
SMB is a network protocol that enables communication between server-client. The SMB protocol provides access to shared files, networks, printers and miscellaneous connections using ports 139 and 445 of Windows systems. In addition to these connections, operations such as oplock, file and record locking, file and directory change are also performed via SMB.
The SMB protocol is client-server implementation and includes data packets with requests sent from the client or responses sent from the server.
RDP (Remote Desktop Protocol) /Port 3389/ Application Layer-7
RDP is used to acces a computer running Windows from another computer running Windows that is connected to the same network or the Internet
RDP is a Windows-only protocol and you can connect remotely using RDP only with Windows PCs and Windows Server installations that support it. Not all versions of Windows provide this; for example, Windows 10 Home can be used as a client to connect to other Windows Remote Desktops, but not vice versa.
1- In order for the connection to be made, first of all, remote connection permission must be granted to the computers to which we will connect. And this computer should always be on. Sleep and hibernate settings should be “never”.
2-Computers must have a user password.
VoIP (Voice Over Internet Protocol)/ Port 5060/ Transport Layer 4
VoIP is a protocol that allows making phone calls over the internet. To make a phone call on the Internet; The VoIP system converts your analog audio signal to digital signal and sends it as data over the broadband line.
VoIP technology; It enables traditional telephone services to be provided over computer networks via packet-switched protocols. VoIP packets can be made over any VoIP compatible network, such as a local area network.
