TCP Ports

What is TCP?

TCP is a transport layer protocol that helps to establish connections. TCP means Transmission Control Protocol. It guarantees secure data transmission between two network-connected devices. The data can only be sent when a secure connection has been established.

The receiver sends an acknowledgment of receiving the data after receiving it. To transfer data between devices, it uses data blocks. It has more system functionalities, including flow control, error control, and congestion control, but it transmits data slowly. The TCP header is 20-60 bytes long and contains a variety of information to improve reliability.  TCP is used by protocols like HTTP, FTP, etc. for secure data transmission over networks because of its dependability.

What is a Port?

A number is given to server applications and user sessions in an IP network. The Internet Assigned Numbers Authority (IANA) establishes port numbers and places them in the header section of packets so that they can be used to specify the various purposes such as Web, email, voice call, video call, etc.

For example, if we want to open the email and games applications on our computer, then  we have to send mail to the host through the email application, and we can play online games through the games application. These applications give various special numbers to perform all of these tasks. There is a port number for each address and protocol. TCP and UDP are the two protocols that primarily use the port numbers.

TCP ports are those that adhere to transmission control protocols. File Transfer Protocol ports (20 and 21), SMTP port (25), IMAP port (143), and Secure Shell port are the various TCP ports that are used for file transfers.

TCP ports establish connections before sharing data. Suppose, you call your friend to tell him about a new game or movie. Your friend will pick up the phone if he/she receives the call and verifies that it is you on the other end of the line. After then, you can start telling him/her about the game.
TCP ports operate similarly. Data is transmitted only after a secure connection has been established between the sender and the receiver. The three-way handshake is used for sending or receiving data between the devices that use TCP ports.

What is a three-way handshake?

Three-way handshake is used by TCP ports to create secure connections. When using TCP, the sending device creates a connection with the receiving device.

The three messages SYN, SYN-ACK, and ACK are used to represent the three distinct interactions that make up a three-way handshake. The first segment is called SYN. The sending device sends a SYN (synchronized sequence number) message to the receiving computer.

It's attempting to say, "Hello! Are you open to making a connection?"

When a device receives a connection request and the receiver is prepared to establish a connection, it responds with a SYN-ACK segment.  The SYN-ACK segment responds with a synchronized sequence number after acknowledging the connection request. In simple terms, the device is indicating that it is willing to establish a connection and that it has acknowledged your request.

When this occurs, the sending device notifies the receiving device that its message has been acknowledged by sending an ACK segment. After that, a connection is established, and data transfer starts. When the data is transmitted completely, then the connection is automatically broken.

By doing this, it is assured that all data sent to the receiving device is correct and sent in the right order. Additionally, no packets are missing because a connection was established first.

Another way of using TCP Ports?

Enterprise applications such as Oracle, SQL, and SharePoint require you to configure services on specific port numbers. To enable traffic to flow on those port IDs, it is crucial to cooperate with your network administrator. For system security, firewalls keep an eye on ports.

For troubleshooting, we use port numbers. We can specifically detect malicious processes and troubleshoot malware.

Rules that indicate both aspects of a socket are frequently used in the firewall configuration. Using IP addresses, port numbers, or a combination of both, you can set up allowances or traffic blocks.

Port

In the TCP/IP model, there are a total of 65,535 ports available, each of which is a 16-bit unsigned integer. Consequently, the range of port number is from 0 to 65535. The zero-port number is unavailable in UDP but is reserved for TCP which cannot be used. The port numbers are assigned by a standardized organization called IANA (Internet Assigned Numbers Authority).

Different Types Of Ports?

There are 3 different types of Ports which are mentioned below:

  • Well Known Ports
  • Registered Ports
  • Dynamic Ports

Registered Port

The registered port range is from 1024 to 49151. The user processes the registered ports. Instead of the usual applications with a well-known port, these processes the individual applications.

Well Known Ports

Range of the well-known port is from 0 to 1023. The well-known ports are used with protocols like IMAP, HTTP, SMTP, etc. that support popular applications and services.

Dynamic Ports

Dynamic ports have a range of 49152 to 65535. Another name for the dynamic port is ephemeral port. These port numbers are given to the client application dynamically when a client establishes a connection. Clients are unaware of this port until they connect to a service.

How can you view your TCP Information?

TCPView.exe is highly advisable if you're using a Windows Operating System. Mark Russinovich was the original developer, and it is now a Microsoft asset. The tool also comes in a free command-line version called TCPVcon.

When you run TCPView, you may notice that you have a lot of remote connections running on your system. That is one of the reasons TCPView is such an effective tool for identifying rogue processes. It might be a Trojan horse, a backdoor administrative program that calls home.

Conclusion

In the TCP/IP model, there are a total of 65,535 ports available, each of which is a 16-bit unsigned integer. Consequently, the port number range is 0 to 65535. The zero-port number is unavailable in UDP but is reserved for TCP which cannot be used. The port numbers are assigned by a standardized organization called IANA (Internet Assigned Numbers Authority).



ADVERTISEMENT
ADVERTISEMENT