Copyright (c) 2025 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.

3.1.1. TCP/IP, UDP, and Common Ports

šŸ’” First Principle: To diagnose service-specific connectivity issues, you must associate common network services with their standard protocols (TCP/UDP) and port numbers.

Scenario: You are configuring a firewall for a new web server. You need to create rules to allow inbound traffic on port 80 (HTTP) and port 443 (HTTPS), but explicitly block traffic on ports like 21 (FTP) and 23 (Telnet) to enhance security.

Protocols define the rules of communication, and port numbers are like apartment numbers for services running on a server.

  • Core Protocols:
    • TCP (Transmission Control Protocol): Connection-oriented, reliable, and ordered delivery. Used for services where data integrity is critical (e.g., web browsing, email, file transfer).
    • UDP (User Datagram Protocol): Connectionless, unreliable, and faster. Used for services where speed is more important than guaranteed delivery (e.g., DNS, DHCP, VoIP).
  • Common Ports and Protocols:
    • 20/21 - FTP (File Transfer Protocol): Transfers files.
    • 22 - SSH (Secure Shell): Secure remote command-line access.
    • 25 - SMTP (Simple Mail Transfer Protocol): Sends email.
    • 53 - DNS (Domain Name System): Resolves domain names to IP addresses (uses both UDP and TCP).
    • 80 - HTTP (Hypertext Transfer Protocol): Standard, unencrypted web traffic.
    • 110 - POP3 (Post Office Protocol 3): Receives email.
    • 143 - IMAP (Internet Message Access Protocol): A more modern protocol for receiving email.
    • 389 - LDAP (Lightweight Directory Access Protocol): Accesses directory services.
    • 443 - HTTPS (Hypertext Transfer Protocol Secure): Secure, encrypted web traffic.
    • 445 - SMB (Server Message Block): Windows file and printer sharing.
    • 3389 - RDP (Remote Desktop Protocol): Graphical remote access to Windows machines.

āš ļø Common Pitfall: Confusing POP3/IMAP with SMTP. POP3 and IMAP are for receiving email from a server. SMTP is for sending email from a client.

Key Trade-Offs:
  • Security (HTTPS/SSH) vs. Legacy Compatibility (HTTP/Telnet): Secure protocols should always be preferred, but you may encounter legacy systems that still use their insecure counterparts.

Reflection Question: A user can browse secure websites (HTTPS) but not standard websites (HTTP). What specific port might be blocked on a firewall that would cause this issue?