The Top 15 Network Protocols and Ports Explained // FTP, SSH, DNS, DHCP, HTTP, SMTP, TCP/IP
HTML-код
- Опубликовано: 3 июн 2024
- If you are learning networking, these are the top protocols and port numbers you will NEED to know. Good for the CCNA, Net+, Sec+, CEH, Pentest+, or that pesky interview you need to ace.
Download the pcap here and follow right along:
packetpioneer.com/wp-content/...
== More On-Demand Training from Chris ==
▶Getting Started with Wireshark - bit.ly/udemywireshark
▶Getting Started with Nmap - bit.ly/udemynmap
== Live Wireshark Training ==
▶TCP/IP Deep Dive Analysis with Wireshark - bit.ly/virtualwireshark
== Private Wireshark Training ==
Let's get in touch - packetpioneer.com/product/pri...
Thank you to wiki.wireshark.org/SampleCapt... and Johannes Weber for the pcap samples that I was not able to create on my own!
For professional inquiries please contact me at packetpioneer@gmail.com 
Наука
Can't wait to watch this video in full after work today!! Some of the best cyber security/networking content on RUclips!
Thanks Caleb!
0:48 FTP
4:25 SSH
5:56 Telnet
9:01 SMTP
12:24 DNS
14:18 DHCP
Here is an outline detailing each topic and the actions taken in Wireshark from the video:
I. FTP
Port number: 21
Actions:
Filtered for "ftp" to only see FTP payload packets (33 packets)
Filtered for "tcp.port==21" to see TCP handshake/overhead packets too (101 packets)
Showed login and password in cleartext
Showed example of port scan at end of FTP conversation
II. SSH
Port number: 22
Actions:
Filtered for "tcp.port==22"
Showed encrypted traffic after initial version request info
III. Telnet
Port number: 23
Actions:
Filtered for "tcp.port==23"
Showed cleartext data with ASCII interpretation
Used "Follow TCP Stream" to view client-server communication
IV. SMTP
Port numbers: 25, 587
Actions:
Filtered for "tcp.port==25"
Showed cleartext and StartTLS encrypted examples
V. DNS
Port number: 53
Actions:
Showed need to use UDP instead of TCP
Showed DNS request and response
VI. DHCP
Port numbers: 67, 68
Actions:
Filtered for just "dhcp"
Showed discover, offer, request, ack flow
VII. TFTP
Port number: 69
Actions:
Showed read request for file
VIII. HTTP
Port number: 80
Actions:
Filtered for "tcp.port==80"
Showed GET request and web server response in cleartext
Used "Follow TCP Stream" to view web banner
IX. POP3
Port numbers: 110, 995 (TLS)
Actions:
Filtered for "tcp.port==110"
Showed login info in cleartext
X. IMAP
Port numbers: 143, 993 (TLS)
XI. NTP
Port number: 123
Actions:
Filtered for just "ntp"
Showed NTP client-server communication
XII. SNMP
Port number: 161 (UDP)
Actions:
Filtered for "udp.port==161"
XIII. LDAP
Port number: 389
Actions:
Filtered for "tcp.port==389"
Showed simple LDAP login
XIV. HTTPS
Port number: 443
Actions:
Filtered for "tcp.port==443"
Showed initial client hello in cleartext
XV. SMB
Port number: 445
Actions:
Filtered for "tcp.port==445"
thank you for your great content. not just explaining but showing examples with wireshark!
Thank you, Chris! Ever since I watched you on David Bombal's channel, I have become a fan of your teaching style. I am a Systems Engineer and you have greatly helped my understanding of the network side.
Same here. I’m learning way more than I was - thank you!
same here!
Incredible lecture! I’ve been studying this information for months and having trouble retaining it, until now. Thanks!
I love the tests that you gave as you introduced each different protocol -- very entertaining!
Great content - simple to understand, but yet lots of good information !
Not gonna lie. Totally underrated video. Definitely going to recommend this to the study group I'm running.
Keep up the good work
Tnx for the lecture. Just stumbled to it and find your style really calm and clear
This is such a badass channel! Always great explanations and real world examples and with a pcap file attached! Thank you Chris for always providing great FREE training.
Thanks @NetworkNutt! Really happy you found the channel and I appreciate the comment.
Yup so glad David B. Had him on his channel. This channel hits the spot for great breakdowns and easy to digest as far as his topics. This guy was meant to teach.
pretty easy, straightforward stuff; learned all this in the 90s and thankfully have retained most of it. Thank you for the review. Memorizing really obscure stuff like HSRP using port udp 1985 was fun too.
Like all of your videos, smooth and pleasant. Thank you Chris.
Straight to the point - thank you.
Excellent explanation Chris!!
Thank you so much Chris.Very informative video!!!Great explanation,love it!!!
Thanks for informative video Chris!
it's been a week since i'm gathering through your video, those video are so helpful for my understanding of the network. Thank you for the time that you spent creating and editing those video.
sincerely
Superb content…thank you for this 🙏
Chris, you're the man! Thank you so much for sharing all of you knowledge, I continue to learn so much from you and I am so grateful!
I love too watch more but i got to up in the morning to prepare for my ccna which is on the 1/2/2023...man i learn so much from you bro....
Awesome work man. Thank you.👍🙏
Hey Chris, thank you so much for your amazing videos.
that was realy informative thx dear chris good bless u
Glad it helps!
This is awesome Chris
Thnaks Chris you explain very well. Best regards from France
You are doing a great service teaching us all this in a neat and easy way. Thank you.
You are very welcome
Great video. Thanks Chris!
Glad you liked it!
Nice and thanks
love the video chris , can I ask if u can do a deepdive into dns so we see the headers and the flags and how they are used in ddos and dns recursive flood , thanks for sharing
Amazing information
Amazing content as always, one of the best channels on RUclips
Thank you!!!
thank you so much Chris........I'm so happy for the content you've been providing. love from Sierra Leone
Thank you Ray!
awesome work man keep doing these please!! i need the knowledge.
Thanks, will do!
Oh heck ya!! This video is an excellent review of ports and protocols as a NOOB, but I’m also going to use it to get more comfortable with Wireshark. Thanks Chris!
Glad it was helpful! Please keep in touch.
Very well explained, was waiting for such video :
Would have mentioned RDP tooo!!
I know… that was one more I could have added. Maybe I need a round 2 video! 😁
one word enough. perfect
Damm this was fun thank you Chris
You are a gift, thank you so much! ❤
Thank you!
Thanks Chris.
this was great. subbed
Thanks for the sub!
Chris the great.Amazing topics as well, if i buy your course i found all of these?
Thanks for the Wonderful content. May I ask why we use SMB while we have FTP or SFTP, all of them used for transfer file, right?
Great content
Thank you!
Superb!! Why doesn't the teacher teach me like this 😂
this is so interesting! Ishould be coding for my work...instead I'm watching these things called packets fly around. 😲
Thank you ❤️
You are welcome!
Thanks
I have started in this beautiful world of content on RUclips, I am new to this and here we go with issues of cybersecurity and ethical hacking
Awesome! Welcome to the dark side. :-) Ok just kidding. Enjoy the content!
Interesting and very clear video.
But I wonder why you should have to KNOW all them port numbers.
I feel it makes more sense to understand the purpose and global working of the protocol. The details are easy to find.
The port number is very useful, of course, but easy to look up.
Or do they ask you at exams "What is the port number for FTP?"
Like I said in the video, if you are studying for a cert, this stuff will definitely come up on the test. Also - if you are doing more packet analysis or network enumeration, learning the port numbers will really help speed up your analysis.
@@ChrisGreer I am sure that if I ever do some real work in this field I will pick up the most common port number quickly.
Just learning them is pointless.
They are after all not like traffic signs where there is no time to ask Google.
I prefer to acquire knowledge, not facts.
All this assumes that there is no logic in the port numbers used.
I am just looking at your excellent videos because I like to know a little more about it.
Thank you soooooooo muuuuuuccccchhh, I made a protocol post and its on my wall it was sooo much work ToT
You bet! I hope the video helps you remember all this. 👍
Don't forget snmp runs on 162 as well when utilizing traps
Hi Chris,like from Kyrgyzstan 👍
Wassup!! Thanks for the comment!
Chris, another great video! Where could one purchase a packethead T-shirt?
Thanks! You should see links to the merch below the video or on my channel store
Chris, amazing video and also the conversation with David Bombal. I have a workshop coming up that I would love for you to present at in San Juan, Puerto Rico. If interested, please reply and we can discuss. The workshop is in May with the Department of Homeland Security. Thanks
Hi Vince! Thanks for the comment. Sure let’s chat. I will reach out on LinkedIn.
I have another question ,please if we tftp uses udp why we see the client makes an ack for the packet ?
Thanks chris again.
Amazing explanation.
Chris can we bypass HSTS protocol means we can downgrade it to http.
I research on it but i can't read any reliable content about it. So chris if you konow any method than please make a videos on it
Hey! Thanks for the comment. Hmmm… I will need to dig into that and do some testing.
Your fans from India 🇮🇳 ♥
Hello Mr Chris , am kindly asking where can I get some the trace files you captured for the different kinds of attacks on you device . I would like to go through them for my own understanding.
Hello Ramson - I usually put the pcap I am working with in the description for most of my videos. If I didn’t put it there it is because I couldn’t, or it just was not a good one to share. Thanks for the comment.
Hey Chris Greer from where u learn this
I started out as a network engineer. I always was amazed at the packet people that were able to fix the stuff that nobody else could. I was hooked!
Quick question:
is it possible that a clients generates 0 length packets with the same sequence and next sequence number?
Yes, if the ack number increases, then it is just acking new data. If the ack number does not increase, it is a duplicate ack.
Today in class we needed to look at a SMTP and a POP3 file in wireshark, and I asked if SMTP can be encrypted. They said no. Argh, so frustrating to hear that it can be, after all.
DNS : TCP/UDP 53
FTP: TCP 21 for Control Channel, 20 for Data Channel
DHCP: UDP 68 for Client, 68 for Server
HTTP: TCP 80
HTTPS: TCP 443
IMAP: TCP 143, over TLS uses 993
LDAP: UDP 389, LDAPs: TCP 636
NTP: UDP 123
POP3: TCP 110, over TLS uses 995
SMTP: TCP 25
SNMP: UDP 161
SMB: UDP 445
SSH: TCP 22
TELNET: TCP 23
TFTP: UDP 69
Please help... If DHCP 'gives' a computer an ip address... what does it mean to give an 'address to an address'. This seems like sending a letter to someone's address and contained within the letter is an address?? How can the 'new dhcp address' reach the address if there is no address??
Waiting for video
Coming soon!
@@ChrisGreer congratulations for 50k subscribers soon you will reach one million subscribers . You are delivering a great content in RUclips . Once again thank you for all this knowledge.
dns:53, dns over tls:853
TFTP is UDP correct?
put translation options in the subtitles please, Chis. thanks
I will look at doing that - thank you for the suggestion!
13:55
Sir am using andrind phone i don't have laptop, what should i do, please help me out in my career.
Give www.cloudshark.io a try. It is a cloud-based version of Wireshark
pickupline nobody gets, I am so nerd, that at the end of my date, I ask my girl for TFTP.
Vsftpd 2.3.4 😬 😬
Thanks a 4 sharing this valuable information! Cheers!
You lost me early.
hello #MRGREER
entire video very intriguing, but as a novice who searched RUclips: How To HTTP CUSTOM Android App, I seen this video.
Question: How would the information you provided would help me with #HTTPCustom App ?
#ThankYou #ChrisGreer