What is a Port?
The need to classify networks has emerged to manage network performance with the rapid increase in internet usage. For all computers to communicate with each other, each computer must have its IP address. These IP addresses have split to form virtual buses. These buses, known as ports, are connections between computer networks. In other words, "ports" are one of the essential factors of data exchange between computers. They are divided into values starting from 0 to 65535 to synchronize many operations at the same time while "ports" are exchanging data. In addition, Ports help network administrators keep track of data and transmit data securely.
As a word meaning Port; is a computer term meaning connection socket, input, socket, used to connect the network to the computer. Ports have a significant role in our daily work on the internet. This role is so important that we can say that internet communication cannot take place without ports. There exists the need to port numbers for network management and network transactions on the internet, such as sending emails, watching videos, surfing the internet.
What are Ports Used for?
The clients need your computer's IP address and the service with which they wish to communicate so that data is routed to the correct application when clients attempt to connect to your server. To do a successful web connection, you have to, including web service (HTTP), mail service (SMTP), and file transfer (FTP) distinguish between a variety of IP services. We call the internet component that makes this distinction the port number.
Today's modern technological devices can run many services on them at the same time. Ports can be used to easily connect to these services from both the Local Area Networks (LAN) and Wide Area Networks (WAN).
If we to sum up the purpose of uses the ports;
- Due to the ports, many services can be run on a single device and eliminate the need for a separate IP address or device for each operation.
- It is possible to say that a port is a bridge for computer networks to do a successful web connection.
- The port numbers are used for firewalls by identifying the destination of information on a network.
- By specifying the location of data on a network, port numbers are used to provide firewall security
- Ports are defined on devices and the defines which port is connected to which service running in the operating system. Following these definitions, the relevant service is accessed directly from the port. The port number is reserved by many services; 0 to 1023 are "well-known ports", so these numbers are such as FTP (21), SMTP (25), HTTP (80), POP3 (110), etc. Reserved for special services.
How do Ports Make Network Connections More Efficient?
Every computer on the Internet has an IP address (IP = Internet Protocol) which is like a telephone number. However, IP addresses are limited in their range of numbers, unlike phone numbers. An IP address is formatted like "???. ???. ???. ???". An IP address is four number blocks each separated by a point. But, each numeric block can only contain a value from 0 to 255. You might think that a program could send data to another computer using this IP address. But, something crucial is still missing. Can the computer receiving know which program the incoming data is for it? The answer is "no". The computer needs port numbers to know it.
The data packet must know the recipient's IP address as well as the port number of the service that will receive the data when data is sent over the Internet. Data transfer always includes the IP address and port. This applies to outgoing data as well as to data received
The browser always uses Port 80. (184.108.40.206:80) when a browser accesses the website. It means that client devices can load HTTP webpages using port 80 at the same time even though both the webpage files and the mp4 sound file flow to the client's devices via the same wifi connection.
What is a Port Number?
When communicating over the internet, you may have several active connections open at the same time. Thanks to port numbering, we can benefit from different services at the same time. Otherwise, the transmission of incoming messages may be confused if the HTTP service and the e-mail service are connected at the same time. For that reason, we need Port numbers to ensure that communication is intact.
Ports are address components that are used in network protocols to assign data packets to the correct services. Each message delivered over the internet has four values in the headers that complete the connection
- the senders and receivers IP address,
- the senders and receivers IP port number
The network communication does not actualize without these values. In other words, A port number is a logical process's name to define any service at the networking communication.
Each service has a port number from the Internet Assigned Numbers. It can have values ??from 0 to 65535. Some of the applications use "Well Known Ports" port numbers that are permanently assigned to them by the IANA and are generally known. The "Well Known Ports" are located between 0 and 1023. and The "Registered Ports" are located between ports 1024 and 49151.
If needed, these are registered similar to domain names by application for their protocols. The purpose of this is to ensure that communication in the network does not get completely out of control when new applications send data packets to the network.
The remaining ports from 49152 to port number 65535 are named "dynamic ports" or "private ports." These can be used constantly. Because; they are not registered and therefore do not belong to any application.
Ports have a significant influence on network security. The computer's operating system has weaknesses or bugs it can also exploit through the ports. Many computer viruses and worms can penetrate poorly or even unprotected computers through negligently opened ports. Firewalls or well-configured routers close unneeded ports and monitor and filter the data coming in by the opened port.
What are the Different Port Numbers?
The port numbers that apply to TCP and UDP are administered and assigned by the IANA (Internet Assigned Numbers Authority) or ICANN (Internet Corporation for Assigned Names and Numbers).
The port numbers are classifiable into three topics. These are;
Well Known Ports (0 - 1.023): These port numbers are permanently assigned to service or an application protocol. Each service listens to such a port by default. They are also known as standard or default ports (destination ports). This assignment should not be changed to avoid errors and the associated troubleshooting.
Registered Ports (1,024 - 49,151): These port numbers are assigned to registration. In principle, anyone can reserve a port at IANA / ICANN for their application if they can justify it.
Dynamically Allocated Ports (49.152 - 65.535): The higher port numbers, from 49.152 onwards, can be freely assigned or are dynamically assigned. Typically, clients use these ports for outgoing connections (source port).
If applications want to contact a server, TCP or UDP are assigned the standard port for the receiver port and the assignments for the sender port from 49.152.
The port numbers are swapped when the server has sent back a response to receive the data. This ensures that the data is not passed to the wrong application.
There are some commonly used ports:
- Ports 20 and 21: These Ports are used for FTP (file transfer protocol) connection. FTP uses two TCP connections for communication. Port 21 is used for pass control information. And the other port 20 is used to send the data files between the client and the server. FTP ports 20 and 21 must both be open for successful file transfer on the network.
- Port 22: Port number 22 is used for the SSH ports. SSH or Secure Shell is a network protocol that is used to remotely access the server. The connection uses Port 22 whenever the client runs the start communication between the two computers in the network.
- Port 25: Port 25 is used primarily for SMTP relaying. SMTP relaying is the transmission of email from an email server to an email server. When you use an email client like Outlook or Apple Mail to send emails, that email client generally also uses SMTP to upload your outgoing emails to your mail server.
- Port 53: Port 53 is used by the Domain Name System (DNS), DNS is a service that turns human-readable names like google.com into IP addresses that the computer understands. The protocols TCP and UDP use port 53 in different ways. TCP Port 53 enables two clients to establish a connection and exchange a stream of data. UDP port 53 is used when a client sends a query to the DNS server.
- Port 80: HTTP Port 80 is used for HTTP (HyperText Transfer Protocol) connection by default. Unluckily, popular and widely used port 80 has been used, also by many viruses. The clients can connect to web pages on the internet with the help of Port 80.
- Port 123: NTP servers use Port 123. NTP (Network Time Protocol) servers communicate with other NTP servers in a hierarchy to distribute clock information.
- Port 179: Port 179 has been used for BGP (Border Gateway Protocol) which is a routing process for the network. This protocol indicates the network availability between autonomous systems.
- Port 443: Port 443 is used for HTTPS (Hypertext Transfer Protocol Secure) protocol. You can see a lock icon next to a URL at the address bar when you open the browser. This lock icon shows that you are connected to a website using HTTPS protocol.HTTPS protocol encryption is necessary for most web activity to protect the information, as it makes its way between your computer and a web server.
- Port 500: Port 500. is used by the Internet Key Exchange (IKE) that occurs during the establishment. The name Port 500 sounds familiar if you are using a VPN server or VPN client.
- Port 3389: Port 3389 is used for Windows Remote Desktop and Remote Assistance connections (RDP - Remote Desktop Protocol). Besides, Port 3389 is used by Windows Terminal Server.
Is the Network Layer Made up of Ports?
In computer and network technology, layer models have become established to break down complex processes into simple steps. The network layer is the element of computer communication that allows data packets to be connected and transferred between networks.
2 models are generally used to provide this communication. To understand the network layer, it is necessary to know the general components of the OSI and TCP/IP (Transmission Control Protocol/Internet Protocol)models. These are the OSI (International Standards Organization) and TCP/IP models.
The TCP/IP protocol stack and OSI reference model compare as illustrated in the figure.
|7. Application Layer||7-6-5||4. Application Layer|
|6. Presentation Layer|
|5. Session Layer|
|4. Transport Layer||4||3. Transport Layer|
|3. Network Layer||3||2. Network Layer|
|2. Data Link Layer||1-2||1. Data Link Layer(Network int)|
|1. Physical Layer|
each layer in a stack has a distinct job;
The application layer runs services for the user email, web, file transfer, etc.
The transport layer (TCP) ensures all data is transmitted and reassembled in order.
The network layer (IP) ensures that individual packets access the destination.
Link-layer manages hardware for each connection along a route.
Network layer; The task of the network layer is to hand over its PDUs (Protocol data unit), which are called packets, to the data link layer or to receive packets from the data link layer, depending on the direction in which the data had transmitted.
The network layer is the second layer of the TCP/IP model and the third layer in the OSI model. Internet layer is another name for it. Because network layer protocols are usually used in conjunction with transport layer protocols, the inability to identify the port at the network layer does not influence networking processes.
Also, the delivery of messages at the network layer does not imply that the protocol is trustworthy. The main tasks of the network layer are the provision of a logical, hierarchical address structure and a route selection. Route selection determines the path through a network so that packets from a sender can reach the intended recipient.
The base mission of the network layer could be extractable in specify below ;
- Breakdown of the data into network packets and reassembly of the data on the receiving side.
- Forwarding the packets from one location to another by finding the best route through the physical network.
How does a Firewall Protect Ports?
A firewall, a set of programs located at a network gateway server, can prevent outsiders from accessing private data resources. It can also control what outside resources the internal users should have access to. Almost every company that allows its workers access to the internet installs a firewall to protect its resources from users of other networks.
Modern firewalls work on two levels:
- Firewalls can block specific ports and can block specific applications.
- The latter is easy to comprehend; a firewall can stop an application from communicating with the internet. The purpose of this is primarily to prevent a virus that somehow gets installed on your system from 'dialing out'.
A firewall begins most communication from into the network. And, a firewall can leave well-known ports open to outbound. Firewall learns from outgoing messages what to expect back from other side network connections. However, the ports should be left open during the exchange on the machines running in the network. When the communication is finished, the firewall will close the port again.
The processes that a firewall performs to protect network communication are the main ones;
- The firewall works by consulting a set of configured access rules, describing which protocol should be allowed or disallowed and for which domain or IP address. Accordingly, it filters all network packets to determine whether to forward them towards their destination or not.
- Firewalls, analyze incoming and outgoing data, using rules enabled by the firewall provider, your IT service, or other software that engages with the firewall.
- The firewall can specify if traffic is legitimate and if it should be allowed through to its last destination.
- A firewall protects your computer and data by conducting your network traffic.
- The firewall does this by interrupting unwanted incoming network traffic.
- A firewall validates access by considering this incoming traffic for anything malware could infect your computer.
Why do Firewalls Block Certain Ports?
A firewall is the traffic cop on your network. It decides what data makes it through and what doesn't. The firewall is there to stop suspicious traffic hack attempts, virus communications, and attempts at identity theft.
Firewalls protect us from unsafe network connections by blocking certain ports. Port blocking is a rather more complicated process. Internet applications work on a specific port number. This port identifies which applications of internet data is supposed to be for.
Many types of internet data have standardized port numbers. For example, web data is nearly always sent on port 80. World of Warcraft uses port 3724. The Back Orifice Trojan typically runs on port 31337. The way port blocking works is by preventing traffic that uses a port number. You certainly don't want Back Orifice traffic getting to your computer, so you shut down all data on port 31337. The default setting for most firewalls is to shut down all ports and only allow incoming traffic for specific exceptions. This is called opening up a port.
Firewall port blocking can work in two directions for incoming connections and outgoing connections. A firewall can allow traffic on a given port to be sent from the PC, but not received from the internet. To use a phone analogy, you can 'dial out', but nobody can 'dial in'. For example, port 80. can be blocked. So unsolicited traffic on that port will not get through. But if the user behind the firewall decides to go to a web page, the firewall will see that the user started the connection and the firewall will allow the remote web server to send data back.
How to Open Ports in Your Firewall
You can open ports in a Windows Firewall by following the steps below;
- Open your control panel
- Open Security tab
- Go to your Windows Firewall settings
- Choose Advanced Settings
- From the rule list, select the Inbound Rules section.
- Then choose New Rule.
- This will open the New Inbound Rule Wizard.
- Choose a Port Rule to create,
- Then choose TCP or UDP as the port type
- Choose specific local ports, and type the number of the port you want open.