Important Ports
Top 25 Ports Important to Cybersecurity
| Port Number | Protocol | Description | Common Use | Potential Cyber Attacks | Examples of Attacks |
|---|---|---|---|---|---|
| ποΈ 20 | TCP | FTP Data Transfer | File Transfer Protocol | FTP Spoofing, Packet Sniffing | Man-in-the-middle attacks during FTP transfers |
| π‘ 21 | TCP | FTP Control | File Transfer Protocol | FTP Brute Force, Credential Theft | Attacks using stolen FTP credentials |
| π 22 | TCP | SSH | Secure Shell for remote login | SSH Brute Force, Unauthorized Access | Brute force attacks to gain shell access |
| π 23 | TCP | Telnet | Remote login protocol | Telnet Sniffing, Credential Theft | Eavesdropping on unencrypted Telnet sessions |
| βοΈ 25 | TCP | SMTP | Simple Mail Transfer Protocol | Spam, Mail Relay Attacks | Sending of spam emails using open relays |
| π 53 | UDP/TCP | DNS | Domain Name System | DNS Spoofing, DNS Amplification Attacks | Attacks that redirect users to malicious sites |
| β¨ 67 | UDP | DHCP | Dynamic Host Configuration Protocol | DHCP Spoofing, Rogue DHCP Servers | Assigning unauthorized IP addresses |
| π 80 | TCP | HTTP | HyperText Transfer Protocol | SQL Injection, Cross-Site Scripting (XSS) | Exploiting vulnerabilities in web applications |
| π₯ 110 | TCP | POP3 | Post Office Protocol | Credential Theft, Eavesdropping | Attacks targeting usersβ email credentials |
| ποΈ 139 | TCP | SMB | Server Message Block | SMB Relay Attacks, Unauthorized File Access | Accessing shared files without permission |
| π© 143 | TCP | IMAP | Internet Message Access Protocol | Phishing, Credential Theft | Unauthorized access via stolen email credentials |
| π‘ 161 | UDP | SNMP | Simple Network Management Protocol | SNMP Spoofing, Denial of Service | Overloading SNMP management systems |
| π¬ 162 | UDP | SNMP Trap | SNMP Trap messages | SNMP Amplification Attacks | Amplifying traffic to overwhelm systems |
| π 443 | TCP | HTTPS | Secure HTTP Protocol | SSL Stripping, Man-in-the-Middle (MitM) Attacks | Intercepting encrypted communications |
| π 445 | TCP | SMB over TCP | Server Message Block over TCP | Ransomware Attacks, Unauthorized Access | Note-worthy attacks include WannaCry |
| π 465 | TCP | SMTPS | Secure SMTP | Credential Theft, Eavesdropping | Exploiting SSL vulnerabilities in email protocols |
| π 514 | UDP | Syslog | System logging | Syslog Spoofing, Log Injection | Sending false logs to mislead administrators |
| βοΈ 587 | TCP | SMTP (Secure) | SMTP secure submission | Spam, Mail Relay Attacks | Compromised email accounts used for spam |
| π¨οΈ 631 | TCP | IPP | Internet Printing Protocol | IPP Exploits, Denial of Service | Targeted attacks on networked printers |
| π 993 | TCP | IMAPS | Secure IMAP | Phishing, Credential Theft | Unauthorized access via stolen email credentials |
| π 995 | TCP | POP3S | Secure POP3 | Credential Theft, Eavesdropping | Attacks targeting usersβ email credentials |
| π 8080 | TCP | HTTP Alternative | Alternative HTTP port | Web Application Attacks, DDoS | Testing vulnerabilities in alternative web ports |
| π 8443 | TCP | HTTPS Alternative | Alternative HTTPS | SSL Stripping, Man-in-the-Middle (MitM) Attacks | Intercepting encrypted communications |
| ποΈ 3306 | TCP | MySQL | MySQL Database System | Database Attacks, Unauthorized Access | SQL injection attacks on MySQL databases |
| π 5432 | TCP | PostgreSQL | PostgreSQL Database System | Database Attacks, Unauthorized Access | SQL injection attacks on PostgreSQL databases |
| π₯οΈ 5900 | TCP | VNC | Virtual Network Computing | Remote Control Attacks, Credential Theft | Gaining unauthorized remote access |
| ποΈ 6379 | TCP | Redis | Redis Database | Data Theft, Denial of Service | Attacks exploiting unsecured Redis instances |
This post is licensed under CC BY 4.0 by the author.