Port concept, port classification

In network technology, a Port has two meanings: one is a physical Port, for example, ADSL Modem, Hub, switch, router is used to connect other network equipment interface, such as RJ-45 port, SC port and so on. The second is the logical port, which generally refers to the port in the TCP/IP protocol. The port number ranges from 0 to 65535, for example, port 80 used to browse Web Services, port 21 for the FTP service. Here we will introduce the logical port.

Port category

Logically speaking, ports have multiple classification standards. The following describes two common classifications:

　　1. Distribution by port number

(1) Well-Known Ports)

A well-known port is a well-known port number ranging from 0 to 1023. These ports are usually allocated to some services. For example, port 21 is allocated to the FTP service, port 25 is allocated to the SMTP (Simple Mail Transfer Protocol) service, port 80 is allocated to the HTTP service, and port 135 is allocated to the RPC (Remote process call) service) services.

(2) Dynamic Ports)

The range of dynamic ports is from 1024 to 65535. These ports are generally not allocated to a service, that is, many services can use these ports. As long as the program runs to the system to request access to the network, the system can assign a port number for the program to use. For example, port 1024 is allocated to the first application to the system. After the program process is closed, the occupied port number is released.

However, dynamic ports are often used by viruses and Trojans. For example, the default connection ports of glaciers are 7626, WAY 2.4 is 8011, Netspy 3.0 is 7306, and YAI is 1024.

2. Divided by protocol type

Divided by protocol type, can be divided into TCP, UDP, IP, ICMP (Internet Control Message Protocol) and other ports. The following describes TCP and UDP ports:

(1) TCP port

TCP port, that is, the transmission control protocol port, must be connected between the client and the server to provide reliable data transmission. Common include port 21 of the FTP service, port 23 of the Telnet service, port 25 of the SMTP service, and port 80 of the HTTP service.

(2) UDP port

UDP port, that is, the user data packet protocol port, does not need to establish a connection between the client and the server, security is not guaranteed. Common services include DNS Service port 53, SNMP (Simple Network Management Protocol) Service port 161, and QQ port 8000 and port 4000.

View port

To view the port in Windows 2000/XP/Server 2003, run the Netstat command:

Click Start> Run, type cmd, and press enter to open the Command Prompt window. Type "netstat-a-n" in the command prompt. Press the Enter key to view the TCP and UDP connection port numbers and status () displayed in numbers ().

TIPS: Netstat command usage

Command Format: Netstat-a-e-n-o-s

-A indicates that all active TCP connections and TCP and UDP ports listened by the computer are displayed.

-E indicates the number of bytes sent and received over the Ethernet, and the number of packets.

-N indicates that only the active TCP connection addresses and port numbers are displayed in numbers.

-O indicates that active TCP connections are displayed and the process ID (PID) of each connection is included ).

-S indicates that statistics of various connections are displayed by protocol, including the port number.



Close/enable port

Before introducing the functions of various ports, we will first introduce how to disable/enable ports in Windows, because the default situation is, many insecure or useless ports are enabled, for example, port 23 of the Telnet service, port 21 of the FTP service, port 25 of the SMTP service, and port 135 of the RPC service. To ensure system security, we can disable/enable the port through the following methods.

Close the port

For example, to disable port 25 of the SMTP service in Windows 2000/XP, you can do this: first open "Control Panel", double-click "Administrative Tools", and then double-click "service ". In the displayed service window, find and double-click the "Simple Mail Transfer Protocol (SMTP)" service and click "stop" to stop the service, select "disabled" in "Start type" and click "OK. In this way, closing the SMTP service is equivalent to closing the corresponding port.

Enable Port

If you want to enable this port, you only need to select "Auto" in "Start type", click "OK", and then open the service, in "service status", click "start" to enable the port. Finally, click "OK.

Tip: the "service" option is not available in Windows 98. You can use the firewall rule setting function to disable/enable the port.