In networking, a port is a virtual place on a machine that is open to connections from other machines. Every networked computer has a standard number of ports, and each port is reserved for certain types of communication.
Think of ports for ships in a harbor: each shipping port is numbered, and different kinds of ships are supposed to go to specific shipping ports to unload cargo or passengers. Networking is the same way: certain types of communications are supposed to go to certain network ports. The difference is that the network ports are virtual; they are places for digital connections rather than physical connections.
DNS Port
Most of the time, DNS happens over UDP port 53. It’s lightweight and faster than TCP. This is to reduce performance overhead on the DNS server due to the number of requests it is likely to receive.
But DNS servers still need to be available on TCP. Zone transfers happen over TCP port 53. This happens on the DNS server side which is not related to the end-user.
Check here to learn more about DNS and DNS port
SSH Port
The port number for SSH is 22 by default. Whenever we run a command through default SSH port number 22, a connection is established between client and server. Every connection initializes through this port.
Check here to learn more about ssh port and SSH Port Fowrding
NFS Port
NFSv3 and NFSv2 include portmapper, nfsd, and other NFS services like mountd, nlockmgr, status, pcnfs, quotad, etc.
- For portmapper services, NFSv3 and NFSv2 use TCP or UDP port 111. The portmapper service is consulted to get the port numbers for services used with NFSv3 or NFSv2 protocols such as mountd, statd, and nlm etc. NFSv4 does not require the portmapper service.
- For nfsd, we usually use TCP or UDP port 2049.
- The ports for other NFS services like mounted, nlockmgr, status are product-dependent.
Check here to learn more about nfs port
ICMP Port
The ICMP packet does not have source and destination port numbers because it was designed to communicate network-layer information between hosts and routers, not between application layer processes.
Each ICMP packet has a “Type” and a “Code”. The Type/Code combination identifies the specific message being received. Since the network software itself interprets all ICMP messages, no port numbers are needed to direct the ICMP message to an application layer process.
Check here to learn more about ICMP Port and ICMP protocal
Is the SSL Port 443?
No. SSL runs on the Security Layer. Any application can use SSL certificate to be secure. Port 443 is the default port for HTTPS. We can also use SSL in other applications like email, DNS, database, etc.
Depending on the type of connection and what encryption is supported, different SSL port numbers might be needed.
Check here to learn more about SSL port and how to check the connection is encrpted
RPC Port
Remote Procedure Call (RPC) is an inter-process communication technique to allow client and server software to communicate on a network. The RPC protocol is based on a client/server model.
The client makes a procedure call that appears to be local but is actually run on a remote computer. During this process, the procedure call arguments are bundled and passed through the network to the server. The arguments are then unpacked and run on the server.
The result is again bundled and passed back to the client, where it is converted to a return value for the client’s procedure call.
Check here to learn more about RPC port 111 and how portmapper works
Filter Packets with Specific Port
If we need to filter packets for the first connection, we can use the following ways.
- tcpdupm -i interface port 1184
- tcpdupm -i interface port 53
Check here to learn more about how to capture packets based on ports