A Port is just a door through which different services and your device communicates. Earlier, we talked about NAT and PAT which translates the IPs and Ports. 🚪
Every Port is of 16 bits, ranges from 0 to 65535, so there are a total of 65536 Ports.
| Port Type | Range | Usage |
|---|---|---|
| Well-Known | 0 - 1023 |
Public ones. Used commonly. |
| Registered | 1024 - 49151 |
Registered ones, for specific Services. |
| Dynamic | 49152 - 65535 |
Those which OS chooses randomly. |
But what's the real explanation? How is it done? 🤔
Here's how:
Example:
You have 3 tabs open in a browser. Every tab will be assigned a unique random Port from Dynamic Ports by your OS. When you make a search, for instance, "Hello", the browser itself binds Port like 443 to the packet. Then it goes through PAT, and the server serves it on Port 443 (HTTPS).
Of course, you don't have to remember all these ports, but here is the list of some Ports you must be familiar with:
| Port | Service | Description |
|---|---|---|
| 21 | FTP | File Transfer Protocol |
| 22 | SSH | Secure Shell (Secure Login) |
| 23 | Telnet | Unsecure Text Communications |
| 53 | DNS | Domain Name System |
| 80 | HTTP | HyperText Transfer Protocol |
| 443 | HTTPS | HTTP Secure |
| 445 | SMB | Server Message Block |
| 3389 | RDP | Remote Desktop Protocol |
| 139 | NetBIOS | Network Basic Input/Output System |
| 3306 | MySQL | Database Server |
| 8080 | HTTP-Alt | Alternative HTTP Port |
We have rules for the English language, like grammar. Imagine if we spoke English without caring about grammar—would anyone understand us? 🗣ï¸
Similarly, in the realm of the internet, there are rules, like grammar, which are called Protocols. 📜
Examples: HTTPS, SMTP, FTP, etc.
From a hacker's perspective, this is important. 🕵ï¸
Internet Protocol (IP) only cares about the source and destination IPs.
As we know, data flows over the internet in chunks, and these chunks are called packets.
Every packet usually has two main parts (with a third optional one):
Also called the IP Header. Imagine a letter in an envelope. The envelope has sender and receiver addresses. Here, the envelope represents the IP Header.
Important Fields:
TTL (Time To Live): Tells us whether the packet successfully reached its destination.
Full Explanation of TTL: Despite its name, TTL does not measure real time, it counts "hops" or cycles instead. Here’s what happens:
Protocol: Defines which protocol is used (e.g., 6 for TCP, 17 for UDP).
There are many protocols, but TCP is the most reliable.
Before any data is sent, TCP says: "Let's establish a connection."
Just like the IP Header, the TCP Header ensures data reaches the correct service.
Important Fields:
Connection States:
SYN-ACK.RST.What's the difference between IP Header's ID and TCP Header's Sequence number? 🤔
The IP Header gives the packet a unique ID. TCP segments the data and gives it a Sequence Number.
UDP is used where speed/optimization matters more than reliability.
Imagine you’re standing on a mountain and shout "HELLOOOOO!" ðŸ”ï¸
You don’t:
You just shout. That’s UDP.
UDP is silent.
Because open and filtered ports both look like "silence", tools like nmap often have to wait or retry, making UDP scanning slower and less reliable.