Introduction

Appendix B covers the basic fundamentals of ports, port numbers, and attacks associated with using ports. While this appendix does not cover every port number created, it does cover the most commonly used ones and includes the definition of a port, where to get more information about ports, how they are used, and which ones attackers exploit most.

Port Numbers

A port number is a number assigned to a service. Ports operate at the transport layer of the Open Systems Interconnect (OSI) model and allow communication to be accomplished using specific services such as:

• Telnet (port 23)

• Simple Mail Transfer Protocol (SMTP) (port 25)

• Post Office Protocol 3 (POP3) (port 110)

• Hypertext Transfer Protocol (HTTP) (port 80)

HTTP is the protocol used by the World Wide Web (WWW). Every time URL information is entered into a web browser (as seen in Figure B.1), the HTTP service is being used across the Internet to access web pages on web servers. This service corresponds to a specific port assigned by way of the following standards organizations:

• http://www.iana.org/

• http://www.icann.org/

Figure B.1: Viewing a Web Browser Using the HTTP Service

Think of the process this way:

1. At your web browser enter http://www.syngress.com.

2. HTTP (layer 7 of the OSI model) uses Transmission Control Protocol (TCP) port 80 (layer 4 of the OSI model). The port number is set by convention. Web servers are not required to listen for HTTP requests on TCP port 80.

3. Because the Web server is listening on...