TCP/IP Protocols and Ports

POP3 :-

Post Office Protocol version 3 (POP3) is a standard mail protocol used to receive emails from a remote
server to a local email client. POP3 allows you to download email messages on your local computer
and read them even when you are offline. Note, that when you use POP3 to connect to your email
account, messages are downloaded locally and removed from the servers. This means that if you access
your account from multiple locations, that may not be the best option for you. On the other hand, if you
use POP3, your messages are stored on your local computer, which reduces the space your email
account uses on your web server.
By default, the POP3 protocol works on two ports:

Port 110 - this is the default POP3 non-encrypted port

Port 995 - this is the port you need to use if you want to connect using POP3 securely

IMAP :-

The Internet Message Access Protocol (IMAP) is a mail protocol used for accessing email on a remote
web server from a local client. IMAP and POP3 are the two most commonly used Internet mail
protocols for retrieving emails. Both protocols are supported by all modern email clients and web
servers.
While the POP3 protocol assumes that your email is being accessed only from one application, IMAP
allows simultaneous access by multiple clients. This is why IMAP is more suitable for you if you're
going to access your email from different locations or if your messages are managed by multiple users.
By default, the IMAP protocol works on two ports:

Port 143 - this is the default IMAP non-encrypted port

Port 993 - this is the port you need to use if you want to connect using IMAP securely

SMTP :-

Simple Mail Transfer Protocol (SMTP) is the standard protocol for email services on a TCP/IP
network. SMTP provides the ability to send and receive email messages.
SMTP is an application-layer protocol that enables the transmission and delivery of email over the
Internet. SMTP is created and maintained by the Internet Engineering Task Force (IETF).
Port 25 - this is the default SMTP non-encrypted port
Port 2525 - this port is opened on all SiteGround servers in case port 25 is filtered (by your ISP
for example) and you want to send non-encrypted emails with SMTP
Port 465 - this is the port used, if you want to send messages using SMTP securely
File Transfer Protocol (FTP) :-
FTP is one of the most commonly used file transfer protocols on the Internet and within private
networks. An FTP server can easily be set up with little networking knowledge and provides the ability
to easily relocate files from one system to another. FTP control is handled on TCP port 21 and its data
transfer can use TCP port 20 as well as dynamic ports depending on the specific configuration.
TCP port 20 its data transfer
FTP control is handled on TCP port 21

Secure Shell (SSH) :-

SSH is the primary method used to manage network devices securely at the command level. It is
typically used as a secure alternative to Telnet which does not support secure connections.
Port no-22

Telnet :-

Telnet is the primary method used to manage network devices at the command level. Unlike SSH
which provides a secure connection, Telnet does not, it simply provides a basic unsecured connection.
Many lower level network devices support Telnet and not SSH as it required some additional
processing. Caution should be used when connecting to a device using Telnet over a public network as
the login credentials will be transmitted in the clear.
Port no - 23

DNS (Domain Name System) :-

DNS mean Domain Naming Service and it is used for resolving IP addresses to name and names to IP
address. DNS is like a translator for computers, computers understand the number and not the alphabet.
For example, if we type like hotmail.com, the computer dont understand this so they use DNS which
converts (hotmail.com) into (numbers) and then executes the command.The domain name system

(DNS) is the way that internet domain names are located and translated into internet protocol (IP)
addresses. The domain name system maps the name people use to locate a website to the IP address
that a computer uses to locate a website. For example, if someone types TechTarget.com into a web
browser, a server behind the scenes will map that name to the IP address 206.19.49.149.
UDP Port no-53

DHCP (Dynamic Host Control Protocol) :-

Dynamic Host Configuration Protocol (DHCP) is a protocol for assigning dynamic IP addresses to
devices on a network. With dynamic addressing, a device can have a different IP address every time it
connects to the network. In some systems, the device's IP address can even change while it is still
connected. DHCP also supports a mix of static and dynamic IP addresses.

UDP port 68 for the DHCP client

UDP port 67 for the DHCP server

HTTP (HyperText Transfer Protocol) :-

Stands for "Hypertext Transfer Protocol." HTTP is the protocol used to transfer data over the web. It is
part of the Internet protocol suite and defines commands and services used for transmitting webpage
data.

HTTP uses a server-client model. A client, for example, may be a home computer, laptop, or mobile
device. The HTTP server is typically a web host running web server software, such as Apache or IIS.
When you access a website, your browser sends a request to the corresponding web server and it
responds with an HTTP status code. If the URL is valid and the connection is granted, the server will
send your browser the webpage and related files.

UDP Port No 80

Trivial File Transfer Protocol (TFTP) :-

Trivial File Transfer Protocol (TFTP) is a simple protocol used for transferring files. TFTP uses the
User Datagram Protocol (UDP) to transport data from one end to another. TFTP is mostly used to read
and write files/mail to or from a remote server.
Trivial File Transfer Protocol is very simple in design and has limited features as compared to File
Transfer Protocol (FTP). TFTP provides no authentication and security while transferring files. As a
result, it is usually used for transferring boot files or configuration files between machines in a local
setup. Because of its simple design, it is rarely used interactively by users in a computer network. Its
lack of security also makes it dangerous for use over the Internet.
UDP Port No 69
Network Time Protocol (NTP) :-

One of the most overlooked protocols is NTP. NTP is used to synchronize the devices on the Internet.
Even most modern operating systems support NTP as a basis for keeping an accurate clock. The use of
NTP is vital on networking systems as it provides an ability to easily interrelate troubles from one
device to another as the clocks.
UDP Port No -123

HTTPS :-Hypertext Transfer Protocol over SSL/TLS (HTTPS)

HTTPS is used in conjunction with HTTP to provide the same services but doing it using a secure
connection which is provided by either SSL or TLS.
UDP Port No 443

LDAP :- Lightweight Directory Access Protocol over TLS/SSL

ust like HTTPS, LDAPS provides the same function as LDAP but over a secure connection which is
provided by either SSL or TLS.
UDP Port No 636

BGP :- Border Gateway Protocol

BGP version 4 is widely used on the public internet and by Internet Service Providers (ISP) to maintain
very large routing tables and traffic processing. BGP is one of the few protocols that have been
designed to deal with the astronomically large routing tables that must exist on the public Internet.
UDP Port No 179

SNMP :- Simple Network Management Protocol

SNMP is used by network administrators as a method of network management. SNMP has a number of
different abilities including the ability to monitor, configure and control network devices. SNMP traps
can also be configured on network devices to notify a central server when specific actions are
occurring. Typically, these are configured to be used when an alerting condition is happening. In this
situation, the device will send a trap to network management stating that an event has occurred and that
the device should be looked at further for a source to the event.

UDP Port No 161

Common TCP/IP Protocols and Ports
Protocol TCP/UDP Port Number Description

File Transfer TCP 20/21 FTP is one of the most commonly used file
Protocol (FTP) transfer protocols on the Internet and within
private networks. An FTP server can easily be
(RFC 959) set up with little networking knowledge and
provides the ability to easily relocate files
from one system to another. FTP control is
handled on TCP port 21 and its data transfer
can use TCP port 20 as well as dynamic ports
depending on the specific configuration.

Secure Shell (SSH) TCP 22 SSH is the primary method used to manage
network devices securely at the command
(RFC 4250-4256) level. It is typically used as a secure
alternative to Telnet which does not support
secure connections.

Telnet TCP 23 Telnet is the primary method used to manage

network devices at the command level.
(RFC 854) Unlike SSH which provides a secure
connection, Telnet does not, it simply
provides a basic unsecured connection. Many
lower level network devices support Telnet
and not SSH as it required some additional
processing. Caution should be used when
connecting to a device using Telnet over a
public network as the login credentials will be
transmitted in the clear.

Simple Mail Transfer TCP 25 SMTP is used for two primary functions, it is
Protocol (SMTP) used to transfer mail (email) from source to
destination between mail servers and it is
(RFC 5321) used by end users to send email to a mail
system.

Domain Name TCP/UDP 53 The DNS is used widely on the public

System (DNS) internet and on private networks to translate
domain names into IP addresses, typically for
(RFC 1034-1035) network routing. DNS is hieratical with main
root servers that contain databases that list the
managers of high level Top Level Domains
(TLD) (such as .com). These different TLD
managers then contain information for the
second level domains that are typically used
by individual users (for example, cisco.com).
A DNS server can also be set up within a
private network to private naming services
between the hosts of the internal network
without being part of the global system.

Dynamic Host UDP 67/68 DHCP is used on networks that do not use
Configuration static IP address assignment (almost all of
Protocol (DHCP) them). A DHCP server can be set up by an
administrator or engineer with a poll of
(RFC 2131) addresses that are available for assignment.
When a client device is turned on it can
request an IP address from the local DHCP
server, if there is an available address in the
pool it can be assigned to the device. This
assignment is not permanent and expires at a
configurable interval; if an address renewal is
not requested and the lease expires the
address will be put back into the poll for
assignment.

Trivial File Transfer UDP 69 TFTP offers a method of file transfer without
Protocol (TFTP) the session establishment requirements that
FTP uses. Because TFTP uses UDP instead of
(RFC 1350) TCP it has no way of ensuring the file has
been properly transferred, the end device
must be able to check the file to ensure proper
transfer. TFTP is typically used by devices to
upgrade software and firmware; this includes
Cisco and other network vendors equipment.

Hypertext Transfer TCP 80 HTTP is one of the most commonly used

Protocol (HTTP) protocols on most networks. HTTP is the
main protocol that is used by web browsers
(RFC 2616) and is thus used by any client that uses files
located on these servers.
Post Office Protocol TCP
(POP) version 3
(RFC 1939)
110 POP version 3 is one of the two main
protocols used to retrieve mail from a server.
POP was designed to be very simple by
allowing a client to retrieve the complete
contents of a server mailbox and then deleting
the contents from the server.

Network Time UDP 123 One of the most overlooked protocols is NTP.
Protocol (NTP) NTP is used to synchronize the devices on the
Internet. Even most modern operating
(RFC 5905) systems support NTP as a basis for keeping
an accurate clock. The use of NTP is vital on
networking systems as it provides an ability
to easily interrelate troubles from one device
to another as the clocks are precisely
accurate.

NetBIOS TCP/UDP 137/138/139 NetBIOS itself is not a protocol but is

typically used in combination with IP with the
(RFC 1001-1002) NetBIOS over TCP/IP (NBT) protocol. NBT
has long been the central protocol used to
interconnect Microsoft Windows machines.

Internet Message TCP 143 IMAP version3 is the second of the main
Access Protocol protocols used to retrieve mail from a server.
(IMAP) While POP has wider support, IMAP supports
a wider array of remote mailbox operations
(RFC 3501) which can be helpful to users.

Simple Network TCP/UDP 161/162 SNMP is used by network administrators as a

Management method of network management. SNMP has a
Protocol (SNMP) number of different abilities including the
ability to monitor, configure and control
(RFC 1901-1908, network devices. SNMP traps can also be
3411-3418) configured on network devices to notify a
central server when specific actions are
occurring. Typically, these are configured to
be used when an alerting condition is
happening. In this situation, the device will
send a trap to network management stating
that an event has occurred and that the device
should be looked at further for a source to the
event.

Border Gateway TCP 179 BGP version 4 is widely used on the public
Protocol (BGP) internet and by Internet Service Providers
(RFC 4271) (ISP) to maintain very large routing tables
and traffic processing. BGP is one of the few
protocols that have been designed to deal with
the astronomically large routing tables that
must exist on the public Internet.

Lightweight TCP/UDP 389 LDAP provides a mechanism of accessing

Directory Access and maintaining distributed directory
Protocol (LDAP) information. LDAP is based on the ITU-T
X.500 standard but has been simplified and
(RFC 4510) altered to work over TCP/IP networks.

Hypertext Transfer TCP 443 is used in conjunction with HTTP to provide

Protocol over the same services but doing it using a secure
SSL/TLS (HTTPS) connection which is provided by either SSL
or TLS.
(RFC 2818)

Lightweight TCP/UDP 636 Just like HTTPS, LDAPS provides the same
Directory Access function as LDAP but over a secure
Protocol over connection which is provided by either SSL
TLS/SSL (LDAPS) or TLS.

(RFC 4513)

FTP over TLS/SSL TCP 989/990 Again, just like the previous two entries, FTP
over TLS/SSL uses the FTP protocol which is
(RFC 4217) then secured using either SSL or TLS.