Network
Insecure vs Secure Ports

Insecure vs Secure Ports

There are some default Ports used when working on a network/server but most of these ports exists in a default way and a secure way. Here are some essential ports listed with it’s default number and it’s secured number.

Insecure PortProtocolDescriptionSecure PortProtocolDescription
21FTPFile Transfer Protocol (FTP) sends the username and password using plaintext from the client to the server.22SFTPUses encryption to protect the user credentials and packet of data being transferred.
23TelnetAll information to & from the host on a telnet connection is sent in plaintext & cand be intercepted by an attacker.22Secure ShellSecure Shell (SSH) on port 22 uses encryption to ensure that traffic between the host and terminal is not sent in plaintext format.
25SMTPSimple Mail Transfer Protocol (SMTP) is the default for sending email messages. Since it is unencrypted, data contained within the emails could be discovered by network sniffing.587SMTPThe secure alternative is to use port 587 for SMTP using Transport Layer Security (TLS) which will encrypt the data between the mail client and the mail server.
37TimeTime Protocol may be in use by legacy equipment and has mostly been replaced by using port 123 for Network Time Protocol (NTP).123NTPNTP on port 123 offers between errorhandling capabilities, which reduces the likelihood of unexpected errors.
53DNSDomain Name Service (DNS) is still used widely.853DoTHowever using DNS over TLS (DoT) on port 853 protects DNS information from being modified in transit.
80HTTPHyper Text Transfer Protocol (HTTP) is the basis of nearly all web browser traffic on the internet. Information sent via HTTP is not encrypted and is susceptible to sniffing attacks.443HTTPSHTTPS using TLS encryption is preferred as it protects the data in transit between the server and the browser.
143IMAPInternet Message Access Protocol (IMAP) is a protocol used for retrieving emails. IMAP traffic on port 142 is not encrypted and susceptible to network sniffing.993IMAPThe secure alterative is to use port 993 for IMAP which adds SSL/TLS security to encrypt the data between the mail client and the mail server.
445SMBServer Message Block (SMB) is used by many versions of Windows for accessing files over the network. Files are transmitted unencrypted.2049NFSNetwork File System (NFS). Although NDS can use encryption it is recommended that NFS not be allowed through firewalls either.
389LDAPLightweight Directory Access Portocol (LDAP) is used to communicate directory information from servers to clients. Since LDAP is not encrpyted it is susceptible to sniffing and manipulation attacks.636LDAPSLightweight Directory Access Portocol Secure (LDAPS) adds SSL/TLS LDAPS Security to protect the information while it is in transit.
0 0 votes
Article Rating
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments