Well Known Ports; RDP and FTP

Contents

Introduction

OSI layers

Well Known Ports

RDP Port

Remote Desktop Session

Starting an RDP session

Ending the RDP session

Disabling the RDP port

File Transfer Protocol

FileZilla

Q&A – Port 80

Introduction

• What are ports?
• What are “well known ports?”

You can compare ports as “logical endpoints” to telephone extensions in a company. Each company’s telephone system may have a main phone number, but then the extension directs the call to a different endpoint.

In a computer, the keyboard, mouse, audio, video, and so forth, send their data on different ports.

OSI layers

The layers above describe the different data paths that are being followed when one machine communicates with another. Some of these layers are explained below.

• The Application layer…
• The Presentation layer…
• The Session layer creates a “session” between one machine and another.
• The Transport layer employs separate “ports” for different streams of communication -audio, video, etc.
  • Port connectivity relates to this layer.
• If the Network layer is employed, it means you are connected via IP (Internet Protocol).
• The Data Link layer…involves MAC addresses.
• The wire (i.e., cable) connection comes through the Physical layer.

Well Known Ports

NOTE: Help Desk techs should memorize above ports….important for job interviews.

• 20-21 FTP File Transfer Protocol
• 22 SSH for Secure Shell communications
• 80 HTTP Allows communication for a web browser.
• 443 HTTPS a secure port, using SSL (Secure Sockets Layer protocol)
• 110 POP3 Relates to email
• 546-547 DHCP Dynamic Host Configuration Protocol
• 3389 RDP Remote Desktop
  • allows one machine to take control of another, assuming both devices are on the same network.

From the above list, the most important to memorize are:

• RDP
• HTTP and HTTPS
• DNS
• SSH
• FTP

RDP Port

Let’s use RDP as an example of how ports work. As stated, RDP would allow one network device to control another network device.

We’ll also show you how to block a port, and what effect this would have.

In this scenario, we are running three machines:

• PLABDC01
• PLABDM01
• PLABWIN10

In PLABWIN10, let look at the RDP rule.

Click Open Network and Internet Settings.
(“Settings” screen displays).

Click Ethernet
(“Ethernet” screen displays)

Click Network and Sharing Center.
(“Network and Sharing Center” screen displays”)

Click Windows Defender Firewall.
(“Windows Defender Firewall” screen displays).

The firewall’s purpose is to protect the system from malicious activity.

Click Advanced Settings.
(“Windows Defender Firewall with Advanced Security” screen displays)

Notice the Inbound Rules and Outbound Rules.

With Inbound Rules folder selected, scroll down and select the appropriate RDP rule.

Notice that the rule is currently enabled.

Right-click.
(menu displays)

Click Properties.
(“Remote Desktop – User Mode (TCP-In) Properties” dialog box displays)

Click Protocols and Ports tab.
(“Protocols and Ports” tab displays)

Note: This protocol is using Port 3389. This is the RDP port.

What if we blocked this particular port? We would still have communication with the device on other ports, but the RDP session would be interrupted.

Remote Desktop Session

The Remote Desktop Connection app allows you to control a remote device. This connection uses port 3389.

Starting an RDP session

Scenario: Let’s set up an RDP session with the PLABWIN10 machine.

On the machine from which you want to connect to the PLABWIN10 machine,
search for Remote Desktop Connection app

Click the app.
(“Remote Desktop Connection” dialog box displays)

Enter the IP address of the device you want to contact.

Click Connect.
(“Windows Security” dialog box displays)

Enter admin credentials.

Click OK.
(A security dialog box may display).

Click Yes.
(Connection with remote device is established; RDP session starts)

Ending the RDP session

To end the RDP session, click the X button in the menu panel at the top.
(“Remote Desktop Connection” dialog box displays)

Click OK.
(RDP session is terminated).

Disabling the RDP port

Now, let’s disable the RDP port rule.

Right-click the rule
(menu displays)

Click Disable Rule.
(RDP port is closed)

Now, when we try to establish an RDP session with the remote device, an error prompt displays.

File Transfer Protocol

We use

• 20-21 FTP File Transfer Protocol
• IT Support professionals usually work on installing FTP clients and setting up clients with the FTP servers.
• Example Below

NOTE: We would not be concerned with the Local Port being used in this case, only the Remote Port.

FileZilla

Let’s open an FTP session with FileZilla, as per below. (Not we have many FTP clients available, this is just one example)

We have a Host, Username and Password entered already. But no Port is specified.

Click Quickconnect.
(FTP session runs)

In this case, as per below, the connection is on IP 35.209.223.182 transmitting on Port 21.

To run an FTP session, we typically need the following information:

• Host
• Username
• Password
• Port

NOTE: If the port number is not available, try running it anyway. Typically, port 21 is used for FTP sessions.

Q&A – Port 80

Question: Is Port 80 secure or not secure?

Answer: Port 80 (HTTP) is not secure. Port 443 (HTTPS) is secure.