Exploring TCP/IP Ports

Ports allow computers to send data out the door while simultaneously identifying that data by category. What this means is each of the common ports you use is associated with a particular protocol or particular application. For example, sending data from port 21 signifies to the receiving system that the traffic received is an FTP request because of the port it came from. Additionally, the response from the initially queried system will end up at the right location because the port from which the traffic came has already been identified. This holds true for web traffic, mail traffic, and so forth. Knowledge of these ports and their corresponding protocols and applications becomes important when you’re scanning a system for specific vulnerabilities. There will be more to come on that, but first let’s take a look at how these ports are categorized and what the well-known ones mean to you:

  • Well-known ports are most common in daily operations and range from 1 to 1024. Much of the initial portion of this range should be familiar to you.
  • Registered ports range from 1025 to 49151. Registered ports are those that have been identified as usable by other applications running outside of the user’s present purview. An example would be port 1512, which supports Windows Internet Name Service (WINS) traffic.
  • Dynamic ports range from 49152 to 65535. These are the free ports that are available for any TCP or UDP request made by an application. They are available to support application traffic that has not been officially registered in the previous range.