Port concept
In network technology, ports (port) are roughly related: First, ports in physical sense, such as ADSL MODEM, hub, switches, routers for connecting other network devices, such as RJ-45 port, SC port and many more. Second, the port in the logical sense, generally refers to ports in the TCP / IP protocol, the range of port numbers from 0 to 65535, such as 80 ports used to browse web services, and 21 ports for FTP services, and the like. What we will introduce this is the port in the logical sense.
Port classification
There are a variety of classification standards in the logical sense, and there will be two common categories:
1. Divide the port number distribution
(1) Well-KNown Ports
The well-known port is a well-known port number, range from 0 to 1023, which are generally fixed to some services. For example, the 21-port is assigned to the FTP service, and the 25-port is assigned to the SMTP (Simple Mail Transfer Protocol) service, and the 80-port is assigned to the HTTP service, and the 135 port is assigned to the RPC (remote procedure call) service.
(2) Dynamic ports
The range of dynamic ports range from 1024 to 65535, which are generally not fixed to a service, that is, many services can use these ports. As long as the running program proposes an application to the system, then the system can allocate one for the program from these port numbers. For example, 1024 port is assigned to the first program that issues an application to the system. After closing the program process, the occupied port number will be released.
However, dynamic ports are often used by viral Trojans, such as the ice default connection port is 7626, Way 2.4 is 8011, NetSPY 3.0 is 7306, YAI virus is 1024, etc.
2. Divide the protocol type
According to the type of protocol, it can be divided into ports such as TCP, UDP, IP, and ICMP (Internet Control Message Protocol). The following main introductions TCP and UDP ports:
(1) TCP port
The TCP port, that is, the transmission control protocol port, needs to be connected between the client and the server, which can provide reliable data transmission. Commonly located 21 ports, Telnet services, Telnet services, 25 ports of the SMTP service, and 80 ports of the HTTP service.
(2) UDP port
UDP port, ie the user packet protocol port, no need to establish a connection between the client and the server, security is not guaranteed. The commonly used 53-port, SNMP (Simple Network Management Protocol) service 161 port, 8000 and 4000 ports used by QQ, and more.
View port
To view the port in Windows 2000 / XP / Server 2003, you can use the netstat command:
Click "Start → Run", type "cmd" and enter the host, open the command prompt window. Type "NetStat -a -n" in the command prompt state, and then press the back to the key to see the port number and status of the TCP and UDP connections (as shown) in digital form.
Small knowledge: NetStat command usage
Command format: netstat -a -e-n -o-S
-A represents the TCP connection to all active TCP connections and the TCP and UDP ports listening.
-E indicates that the number of bytes, the number of packets, and the like of the data packet are displayed.
-N represents the address and port number of all active TCP connections only in digital form. -O represents the TCP connection to the active TCP and includes process ID (PID) of each connection.
-S indicates that the statistics of various connections are displayed by protocol, including port numbers.
Close / open port
Before introducing the roles of various ports, let's introduce how to turn off / open port in Windows, because by default, there are many unsecured or nothing ports that are open, such as the 23 port of Telnet service, The 21-port of the FTP service, the 25-port of the SMTP service, the 135 port of the RPC service, and the like. In order to ensure the security of the system, we can close / open the port by the following method.
Shut down port
For example, close the 25-port of the SMTP service in Windows 2000 / XP, you can do this: First open "Control Panel", double-click Administrative Tools, and double-click Services. Then find and double-click the "Simple Mail Protocol" service in the open service window, click the Stop button to stop the service, and then select "Disabled" and final click "OK in" Startup Type ". "Button. Thus, the SMTP service is closed is equivalent to closing the corresponding port.
Open port
If you want to turn on the port, just first select Auto, click the "OK" button, then open the service, click the "Start" button in Service Status to enable this port, and finally, single Click the "OK" button.
Tip: There is no "service" option in Windows 98, you can use the firewall rule setting function to close / turn the port.
