Research The Most Common Network Protocols
The following network protocols are used in most (if not all) enterprise networks. Hence, adversaries are constantly researching vulnerabilities in them and exploiting them.
| Protocol | Definition & Use-case | Port Number |
|---|---|---|
ARP | Address Resolution Protocol (ARP) is a communication protocol used in the mapping of network addresses to their physical address. It is used in local area networks (LANs) to facilitate communication between network devices. | N/A |
DNS | Domain Name System (DNS) is a hierarchical naming system that translates domain names into IP addresses. DNS is used to locate and identify computer systems and services on the internet. | 53 |
FTP | File Transfer Protocol (FTP) is a protocol used in the moving of files between client and server over a TCP-based network. FTP is commonly used for uploading and downloading files to/from a server. | 20/21 |
HTTP | Hypertext Transfer Protocol (HTTP) is a protocol used for communication between web servers and clients. HTTP is used to request and transmit web pages, as well as other web resources, such as images and videos. | 80 |
Telnet | Telnet is a network protocol used to provide remote access to a server or network device over a TCP-based network, such as the internet. Telnet is commonly used for remote administration and troubleshooting. | 23 |
SSH | Secure Shell (SSH) is a network protocol used to provide secure remote access to a server or network device over a TCP-based network, such as the internet. SSH is commonly used for remote administration, file transfers, and tunneling. | 22 |
IMAP | Internet Message Access Protocol (IMAP) is an email protocol used to retrieve email messages from a mail server. IMAP allows users to access their email from multiple devices and clients while keeping messages stored on the server. | 143/993 |
POP3 | Post Office Protocol v3 (POP3) is a protocol used to retrieve email messages from a mail server. POP3 allows users to download email messages to their local device and delete them from the mail server they were retrieved from. | 110/995 |
RDP | Remote Desktop Protocol (RDP) is a network protocol used to provide remote access to a graphical desktop on a remote system. RDP is commonly used for remote administration and troubleshooting. | 3389 |
SIP | Session Initiation Protocol (SIP) is a communication protocol used to initiate and manage real-time sessions, such as voice and video calls, over IP-based networks. SIP is commonly used for voice-over-IP (VoIP) and video conferencing. | 5060/5061 |
SMB | Server Message Block (SMB) is a network protocol used to share files, printers, and other resources between network devices. SMB is commonly used in Microsoft Windows-based environments. | 445 |
SMTP | Simple Mail Transfer Protocol (SMTP) is an email protocol used to send email messages from a client to a mail server or between mail servers. SMTP is used for sending and receiving email messages. | 25 |
SNMP | Simple Network Management Protocol (SNMP) is a protocol used to manage and monitor network devices, such as routers, switches, and servers. SNMP allows network administrators to collect and analyze network data to optimize network performance and troubleshoot issues. | 161/162 |
VNC | Virtual Network Computing (VNC) is a protocol used to provide remote access to a graphical desktop on a remote system. VNC is commonly used for remote administration and troubleshooting. | 5900/5800 |
Last updated