Saturday, March 17, 2012

Interview questions on Port numbers

Q:: What Is a Port Number?
 A port number is part of the addressing information used to identify the senders and receivers of messages. Port numbers are most commonly used with TCP/IP connections. Home network routers and computer software work with ports and sometimes allow you to configure port number settings. These port numbers allow different applications on the same computer to share network resources simultaneously.

Q. What is the range of ports or how many ports are there?
Port numbers can vary from 0 to 65535, so total we can get 65536 ports


Q. Why port numbers are just 65536?
This is because limitation in TCP/IP stack where the port field is just 16bit size. So we get only 2^16 port which is equal to 65536 ports


Port numbers have a range of 0..65535 (although often 0 has special meaning). In the original BSD TCP implementation, only root can bind to ports 1..1023, and dynamically assigned ports were assigned from the range 1024..5000; the others were available for unprivileged static assignment. These days 1024..5000 is often not enough dynamic ports, and IANA has now officially designated the range 49152..65535 for dynamic port assignment. However even that is not enough dynamic ports for some busy servers, so the range is usually configurable (by an administrator). On modern Linux and Solaris systems (often used as servers), the default dynamic range now starts at 32768. Mac OS X and Windows Vista default to 49152..65535.
 
[root@desktop12 ~]# cat /proc/sys/net/ipv4/ip_local_port_range 
32768   61000

solaris$ /usr/sbin/ndd /dev/tcp tcp_smallest_anon_port tcp_largest_anon_port
32768

65535

macosx$ sysctl net.inet.ip.portrange.first net.inet.ip.portrange.last
net.inet.ip.portrange.first: 49152
net.inet.ip.portrange.last: 65535

vista> netsh int ipv4 show dynamicport tcp
Protocol tcp Dynamic Port Range

Start Port : 49152
Number of Ports : 16384


Q.What are the well-known ports?
Well known ports are from 0 to 1023(total 2^10=1024 ports)



Q.What are the Registered Ports, and    (Range:  1024 to 49151 )
Used by specific service upon applications such as Oracle database listener (1521), MySql (3306), Microsoft Terminal server (3389) etc.

Q.What are the Dynamic and/or Private Ports. (Range: 49152 to 65535 )
These ports can’t be registered by IANA.  This is used for custom or temporary purposes and for automatic allocation of short-lived (or ephemeral ) ports which is used internally by application/processes. You can see these ports by running ‘netstat’ command under “Local address” column.



Q.What do you mean by default port?

Default port is a designated port for particular well-known server.


Q.Can we change default port for a service(example Apache, squid)?
Yes, we can change


Q.What are the protocol numbers for TCP and UDP?
TCP protocol number:6
UDP protocol number:17


Q.How to find which ports are open?
You can find the ports in your linux server with the nmap command
#netstat -ntlp 
  here n -> display the host by numbers
           t  ->shows tcp protocols
           u ->to check udp protocols
           l ->listening ports
          p -> displays which process controls the port
Q.How to find printer open ports  ?
[root@desktop13 Desktop]# netstat -ntlp |grep cups
tcp        0      0  127.0.0.1:631               0.0.0.0:*                   LISTEN      1525/cupsd          
tcp        0      0   ::1:631                             :::*                        LISTEN      1525/cupsd    

Q. How to detect remote server openports?
[root@desktop13 Desktop]# nmap -sT 192.168.0.250
it will show like this
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
80/tcp   open  http
Q. How to change SSH port number?
[root@desktop13 Desktop]# netstat -ntlp | grep ssh
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1646/sshd         
tcp        0      0 :::22                               :::*                        LISTEN      1646/sshd    
go to the configuration file
[root@desktop13 Desktop]# vim /etc/ssh/sshd_config
port=2200
save and quit

[root@desktop13 Desktop]# service sshd restart

Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

[root@desktop13 Desktop]# netstat -ntlp | grep ssh
tcp        0      0 0.0.0.0:2200                0.0.0.0:*                   LISTEN      11904/sshd        
tcp        0      0 :::2200                          :::*                        LISTEN      11904/sshd       

   now port num changed successfully

Q. rempte loggin with port number?

ssh -p 22 root@192.168.0.111

Some important port numbers:
20-FTP Data (For transferring FTP data)

21-FTP Control (For starting FTP connection)

22-SSH(For secure remote administration which uses SSL to encrypt the transmission)

23-Telnet (For insecure remote administration

25-SMTP(Mail Transfer Agent for e-mail server such as SEND mail)

53- DNS(Special service which uses both TCP and UDP)

68-DHCP

69-TFTP(Trivial file transfer protocol uses udp protocol for connection less transmission of data)

80 -HTTP/WWW(apache)

88-Kerberos

110-POP3(Mail delivery Agent)

123-NTP(Network time protocol used for time syncing uses UDP protocol)

137-NetBIOS(nmbd)

139,138,445-SMB-Samba(smbd)

143-IMAP

161-SNMP(For network monitoring)

389-LDAP(For centralized administration)

443-HTTPS(HTTP+SSL for secure web access)

514-Syslogd(udp port)

995-POP3s
 
3260-ISCSI

3128-squid proxy
 
631-Printers(cups)
 
2049-NFS(nfsd, rpc.nfsd, rpc, portmap)





*If protocol is not mention then the above port are solely for TCP. Some service use UDP as mention in above list.



1 comment: