Ports are essential for computers to communicate with other computers or for applications to communicate with their corresponding services over the internet. These ports have assigned numbers dedicated to specific services and are used by hackers to try and break into them, using the vulnerabilities of the hardware and software that use these ports. Below are some common port numbers and their uses.
|Port Number||Protocol||Associated Service|
|20||TCP||File Transfer Protocol (FTP) Data Transfer|
|21||TCP||File Transfer Protocol (FTP) Command Control|
|22||TCP||Secure Shell (SSH)|
|23||TCP||Telnet – Remote login service, unencrypted text messages|
|25||TCP||Simple Mail Transfer Protocol (SMTP) E-mail Routing|
|53||TCP and UDP||Domain Name System (DNS) service|
|80||TCP||Hypertext Transport Protocol (HTTP)|
|110||TCP||Post Office Protocol version 3 (POP3)|
|119||TCP and UDP||Network News Transfer Protocol (NNTP)|
|123||TCP and UDP||Network Time Protocol (NTP)|
|143||TCP and UDP||Internet Message Access Protocol (IMAP) Management of Digital Mail|
|161||TCP and UDP||Simple Network Management Protocol (SNMP)|
|194||TCP and UDP||Internet Relay Chat (IRC)|
|443||TCP||Hypertext Transport Protocol (HTTP) and HTTP over TLS/SSL (HTTPS)|
From a security standpoint, below are the ports that every hacker should be aware of. These and the ports above are often protected by firewalls. Without firewalls, these ports become subject to their own respective vulnerabilities which many other hackers take advantage of. In the home setting, these ports are not protected by office firewalls unless the user is logged into their office’s VPN. Prospective hackers can look up those vulnerabilities to bypass security while System Administrators need to keep an eye out on these ports and make sure they’re secure.
|Port Number||Protocol||Associated Service / Reasons for attack|
|21||TCP||File Transfer Protocol (FTP). / To remotely gain access to the target machine’s files.|
|22||TCP||Secure Shell (SSH). / To establish a connection to the target machine.|
|23||TCP||Telnet. / To be able to control network devices.|
|25||TCP||Simple Mail Transfer Protocol (SMTP) / To disrupt or intercept email services.|
|53||TCP and UDP||Domain Name System (DNS). / To disrupt the services or operations of specific organizations.|
|80||TCP||Hypertext Transport Protocol (HTTP). / The modern internet has largely moved away from the insecure HTTP but there are still companies that use this.|
|443||TCP||Hypertext Transport Protocol (HTTP) and HTTP over TLS/SSL (HTTPS). / Despite being more secure than port 80, companies secured by 443 is where the money is.|
|110||TCP||Post Office Protocol version 3 (POP3) / To disrupt or intercept email services.|
|135||TCP and UDP||Windows Remote Procedure Call (RPC). / Unsecured 135s allow hackers to issue remote commands to vulnerable computers.|
|137-139||TCP and UDP||NETBIOS over TCP/IP / provides access to shared resources|
|1433-1434||TCP and UDP||Microsoft SQL Server. / Thanks to SQL Server’s popularity, the target base is huge and hacking these ports can cause maximum profit or damage.|
While there are hundreds of ports out there (1-65535), they have their own specific uses and even tied to specific tech companies. Experts can easily change them to suit their purposes, but the above ports are the ones often targeted thanks to all the documentation about the vulnerabilities of the ports and corresponding services. As for the unused ports, administrators should configure their closure as common security practice.
System Administrators meanwhile should not be complacent in having just a firewall but should also use security software to detect and keep out malware. Hackers use malware as backdoors to bypass internal security and open one or more ports for the taking as it’s the easiest way to break into corporate firewalls. Malware can also be used to open unused/unprotected ports and listen in on incoming hacker traffic. Hackers know which ports are open in their target computers through the use of port scanning software and are alerted when someone unknowingly installs their malware through downloads or email attachments.
Lastly, it’s a good idea to maintain port security awareness among the IT staff and make them look presentable too with MyHackerTech commonly-hacked ports hoodies. Check them out below and make your IT staff smile.