Scribd
Upload
34 views4 pages

Ports - Risks

This document lists common port numbers and provides a brief description of each protocol and potential cyber risks. It includes ports for protocols like FTP, SSH, SMTP, DNS, HTTP, IMAP, SMB, MySQL, RDP and others. For each it identifies risks like lack of encryption, vulnerabilities to attacks like spoofing, brute force attempts, credential theft and more.

Uploaded by

loisirsclaire
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODS, PDF, TXT or read online on Scribd
34 views4 pages

Ports - Risks

This document lists common port numbers and provides a brief description of each protocol and potential cyber risks. It includes ports for protocols like FTP, SSH, SMTP, DNS, HTTP, IMAP, SMB, MySQL, RDP and others. For each it identifies risks like lack of encryption, vulnerabilities to attacks like spoofing, brute force attempts, credential theft and more.

Uploaded by

loisirsclaire
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODS, PDF, TXT or read online on Scribd
You are on page 1/ 4

Feuille1

op 50 Well-Known Ports for SOC Analysts


Port Number
20 21 FTP (File Transfer Protocol)
22 SSH (Secure Shell)
23 Telnet
25 SMTP (Simple Mail Transfer Protocol)
53 DNS (Domain Name System)
80 HTTP (Hypertext Transfer Protocol)
110 POP3 (Post Office Protocol version 3)
119 NNTP (Network News Transfer Protocol)
123 NTP (Network Time Protocol)
137-139 NetBIOS
143 IMAP (Internet Message Access Protocol)
443 HTTPS (HTTP Secure)
445 SMB (Server Message Block)
993 IMAPS (Internet Message Access Protocol over SSL)
135 Microsoft RPC
139 NetBIOS
143 IMAP (Internet Message Access Protocol)
389 LDAP (Lightweight Directory Access Protocol)
443 HTTPS (Hypertext Transfer Protocol Secure)
445 Microsoft-DS (Active Directory, Windows shares)
465 SMTPS (Secure SMTP)
587 SMTP with TLS/SSL
636 LDAPS (LDAP over SSL)
993 IMAPS (IMAP over SSL)
995 POP3S (POP3 over SSL)
1723 PPTP (Point-to-Point Tunneling Protocol)
3306 MySQL Database Service
3389 RDP (Remote Desktop Protocol)
5900 VNC (Virtual Network Computing)
69 TFTP (Trivial File Transfer Protocol)
88 Kerberos
109 POP2 (Post Office Protocol version 2)
156 SQL Service
194 IRC (Internet Relay Chat)
220 IMAP3 (Internet Message Access Protocol version 3)
389 LDAP (Lightweight Directory Access Protocol)
427 SLP (Service Location Protocol)
546 – 547 DHCPv6 (Dynamic Host Configuration Protocol for IPv6)
554 RTSP (Real Time Streaming Protocol)
631 IPP (Internet Printing Protocol)
989 – 990 FTPS (FTP over SSL)
1194 OpenVPN
1433 - 1434 Microsoft SQL Server
1701 L2TP (Layer 2 Tunneling Protocol)
1812 – 1813 RADIUS (Remote Authentication Dial-In User Service)
2049 NFS (Network File System)
2082 – 2083 cPanel

Page 1
Feuille1

2483 – 2484 Oracle Database


5060 – 5061 SIP (Session Initiation Protocol)

Page 2
Feuille1

Use Cyber Risk


Unencrypted, susceptible to sniffing, spoofing, and brute force attacks.
Target for brute force attacks; vulnerable if weak credentials are used.
Unencrypted, prone to eavesdropping, hijacking, and credential theft.
Can be exploited for spamming and relay attacks.
Vulnerable to DNS spoofing and DDoS attacks.
Unencrypted, susceptible to interception and manipulation.
Unencrypted, vulnerable to eavesdropping if not secured.
Can be exploited in distributing malicious content.
Can be misused for DDoS attacks.
Vulnerable to unauthorized access and spreading malware.
Unencrypted, potential for credential theft.
Can be targeted by SSL stripping or MiTM attacks, though less risky than HTTP.
Known for vulnerabilities like EternalBlue, used in ransomware attacks like WannaCry.
While encrypted, it can be a vector for targeted attacks if credentials are compromised.
Can be exploited for unauthorized remote procedure calls.
Session Service Vulnerable to unauthorized access and attacks on Windows networks.
Susceptible to interception, especially if unencrypted.
Can be exploited in injection attacks and unauthorized access.
Potential for SSL/TLS vulnerabilities, MiTM attacks.
Known for SMB vulnerabilities, like EternalBlue.
Can be targeted for spam and phishing attacks, even though encrypted.
Secure, but can be targeted in mail-based attacks.
Encrypted, but vulnerable to specific SSL/TLS attacks.
Encrypted, but susceptible to targeted email attacks.
Encrypted, but vulnerable to targeted email attacks.
Known vulnerabilities in VPN connections.
Vulnerable to SQL injection and unauthorized access.
Target for brute force and credential stuffing attacks.
Vulnerable to eavesdropping and remote control if unsecured.
Unsecured, vulnerable to interception and unauthorized access.
Can be targeted for authentication attacks.
Unencrypted, susceptible to eavesdropping.
Vulnerable to SQL injection and unauthorized access.
Can be used for communication in botnets, susceptible to eavesdropping.
Prone to the same risks as IMAP.
Susceptible to directory traversal and unauthorized access.
Vulnerable to spoofing and DoS attacks.
Vulnerable to unauthorized DHCP servers and MITM attacks.
Can be exploited in streaming and DoS attacks.
Vulnerable to interception and unauthorized printing/access.
More secure than FTP, but still can be targeted for data interception.
Can be targeted in VPN bypass and DoS attacks.
Vulnerable to SQL injection and unauthorized access.
Vulnerable in unencrypted implementations.
Vulnerable to credential theft and replay attacks.
Vulnerable to unauthorized file access and interception.
Can be targeted for web hosting control panel attacks.

Page 3
Feuille1

Vulnerable to SQL injection and unauthorized access.


Vulnerable to VoIP spam, eavesdropping, and hijacking.

Page 4

You might also like