๐Ÿ‘จโ€๐Ÿซ
Mosse CyberSec Institute.
  • Preface
  • ๐Ÿ‘ฉโ€๐Ÿ’ปInternet Searching
    • Using Elicit, search through Academic Papers
    • Use Google To Identify Open FTP Servers That Hold Confidential Materials Available For Download
    • Use Bing To Find Cybersecurity Feeds In A Specific Language
    • Use Google's Cache Capability to Retrieve Deleted Web Pages
    • Use Web Archives to View Old Versions of Websites.
    • Use Advangle To Generate Complex Google Search Queries
  • ๐ŸงTechnical Concepts
    • Research The Top Penetration Testing Tools
    • Research The Cyber Kill Chain Model And The MITRE Matrix
      • Lockheed Martin Kill Chain
      • MITRE ATT&CK MATRIX
    • Research The Major Types Of Enterprise Security Software
    • Research The Most Common Network Protocols
  • ๐Ÿ•ต๏ธPassive Network Reconnaissance
    • Use Dnsdumpster.com To Passively Map An Organization's External Facing Assets
    • Use Shodan.io To Passively Map An Organization's External Facing Assets
    • Use Crt.Sh To Identify Domains And Sub-Domains That Belong To An Organization
    • Search For Information Leaks On Github Using Grep.App
  • ๐ŸงจDiscovering Attack Campaigns
    • Detect Typo Squatting And Phishing With Dnstwist.it
    • Use Urlscan.Io To Identify Phishing And Spear-Phishing Websites
  • ๐Ÿ”Security Tools
    • Use sslscan To Assess The SSL Configuration Settings Of HTTPS Websites
    • NMAP SCANS
    • Brute Force Web Directories And Files Using DIRB/WFUZZ
  • Penetration Testing with Tools
  • Digital Investigations
  • Malware Development
Powered by GitBook
On this page
  1. Technical Concepts

Research The Most Common Network Protocols

The following network protocols are used in most (if not all) enterprise networks. Hence, adversaries are constantly researching vulnerabilities in them and exploiting them.

Protocol
Definition & Use-case
Port Number

ARP

Address Resolution Protocol (ARP) is a communication protocol used in the mapping of network addresses to their physical address. It is used in local area networks (LANs) to facilitate communication between network devices.

N/A

DNS

Domain Name System (DNS) is a hierarchical naming system that translates domain names into IP addresses. DNS is used to locate and identify computer systems and services on the internet.

53

FTP

File Transfer Protocol (FTP) is a protocol used in the moving of files between client and server over a TCP-based network. FTP is commonly used for uploading and downloading files to/from a server.

20/21

HTTP

Hypertext Transfer Protocol (HTTP) is a protocol used for communication between web servers and clients. HTTP is used to request and transmit web pages, as well as other web resources, such as images and videos.

80

Telnet

Telnet is a network protocol used to provide remote access to a server or network device over a TCP-based network, such as the internet. Telnet is commonly used for remote administration and troubleshooting.

23

SSH

Secure Shell (SSH) is a network protocol used to provide secure remote access to a server or network device over a TCP-based network, such as the internet. SSH is commonly used for remote administration, file transfers, and tunneling.

22

IMAP

Internet Message Access Protocol (IMAP) is an email protocol used to retrieve email messages from a mail server. IMAP allows users to access their email from multiple devices and clients while keeping messages stored on the server.

143/993

POP3

Post Office Protocol v3 (POP3) is a protocol used to retrieve email messages from a mail server. POP3 allows users to download email messages to their local device and delete them from the mail server they were retrieved from.

110/995

RDP

Remote Desktop Protocol (RDP) is a network protocol used to provide remote access to a graphical desktop on a remote system. RDP is commonly used for remote administration and troubleshooting.

3389

SIP

Session Initiation Protocol (SIP) is a communication protocol used to initiate and manage real-time sessions, such as voice and video calls, over IP-based networks. SIP is commonly used for voice-over-IP (VoIP) and video conferencing.

5060/5061

SMB

Server Message Block (SMB) is a network protocol used to share files, printers, and other resources between network devices. SMB is commonly used in Microsoft Windows-based environments.

445

SMTP

Simple Mail Transfer Protocol (SMTP) is an email protocol used to send email messages from a client to a mail server or between mail servers. SMTP is used for sending and receiving email messages.

25

SNMP

Simple Network Management Protocol (SNMP) is a protocol used to manage and monitor network devices, such as routers, switches, and servers. SNMP allows network administrators to collect and analyze network data to optimize network performance and troubleshoot issues.

161/162

VNC

Virtual Network Computing (VNC) is a protocol used to provide remote access to a graphical desktop on a remote system. VNC is commonly used for remote administration and troubleshooting.

5900/5800

PreviousResearch The Major Types Of Enterprise Security SoftwareNextPassive Network Reconnaissance

Last updated 1 year ago

๐Ÿง