Ports and Protocols

In computer networking, a port is a communication endpoint. While an IP address identifies a specific device on a network, a port number identifies a specific application or service running on that device. This allows a single device to run multiple services simultaneously. For example, your computer can host a web server and an email server at the same time because they listen on different ports. Port numbers range from 0 to 65535. Ports 0-1023 are known as 'well-known ports' and are reserved for common services. For instance, web servers typically listen on Port 80 for HTTP and Port 443 for HTTPS. FTP (File Transfer Protocol) uses Port 21, and SSH (Secure Shell) uses Port 22. Protocols are the sets of rules that govern how data is formatted and transmitted over a network. The two most common transport layer protocols are TCP and UDP. TCP (Transmission Control Protocol) is a connection-oriented protocol. It establishes a connection (a 'three-way handshake') before sending data and ensures that all packets are delivered reliably and in the correct order. It's used for applications where data integrity is crucial, like web browsing and email. UDP (User Datagram Protocol) is a connectionless protocol. It sends packets ('datagrams') without establishing a connection first and doesn't guarantee delivery or order. This makes it faster and more efficient, so it's used for real-time applications like video streaming, online gaming, and DNS lookups, where losing a few packets is acceptable. From a security perspective, understanding ports and protocols is vital for network reconnaissance (like port scanning to find open services) and for configuring firewalls to block or allow traffic to specific ports.