Top 20 Protocols

top 20 network and enterprise network protocols you should know.

1. HTTP (Hypertext Transfer Protocol)

• Function: Web browsing (unencrypted).

• Port: TCP 80

• Layer: Application (7)

• Security Risk: Vulnerable to eavesdropping, MITM attacks.

2. HTTPS (HTTP Secure)

• Function: Encrypted web traffic (TLS/SSL).

• Port: TCP 443

• Layer: Application (7)

• Security Risk: Misconfigurations, weak certificates.

3. DNS (Domain Name System)

• Function: Resolves domain names to IPs.

• Port: UDP/TCP 53

• Layer: Application (7)

• Security Risk: DNS spoofing, tunneling (exfiltration).

4. FTP (File Transfer Protocol)

• Function: File transfers (unencrypted).

• Port: TCP 20 (data), 21 (control)

• Layer: Application (7)

• Security Risk: Credential sniffing, anonymous logins.

5. SFTP (SSH File Transfer Protocol)

• Function: Secure file transfers (SSH-encrypted).

• Port: TCP 22

• Layer: Application (7)

• Security Risk: Brute-force attacks on SSH.

6. SSH (Secure Shell)

• Function: Secure remote access (encrypted).

• Port: TCP 22

• Layer: Application (7)

• Security Risk: SSH brute-force, key theft.

7. Telnet

• Function: Remote access (unencrypted).

• Port: TCP 23

• Layer: Application (7)

• Security Risk: Credential sniffing, deprecated.

8. SMTP (Simple Mail Transfer Protocol)

• Function: Sends emails.

• Port: TCP 25

• Layer: Application (7)

• Security Risk: Spam, phishing, open relays.

9. POP3 (Post Office Protocol v3)

• Function: Retrieves emails (unencrypted).

• Port: TCP 110

• Layer: Application (7)

• Security Risk: Credential theft.

10. IMAP (Internet Message Access Protocol)

• Function: Email retrieval (synced across devices).

• Port: TCP 143 (IMAP), 993 (IMAPS)

• Layer: Application (7)

• Security Risk: Credential theft, man-in-the-middle.

11. RDP (Remote Desktop Protocol)

• Function: Remote GUI access (Windows).

• Port: TCP/UDP 3389

• Layer: Application (7)

• Security Risk: Brute-force, BlueKeep exploits.

12. SMB (Server Message Block)

• Function: File/print sharing (Windows).

• Port: TCP 445

• Layer: Application (7)

• Security Risk: EternalBlue, ransomware attacks.

13. NTP (Network Time Protocol)

• Function: Synchronizes system clocks.

• Port: UDP 123

• Layer: Application (7)

• Security Risk: DDoS amplification attacks.

14. SNMP (Simple Network Management Protocol)

• Function: Network device monitoring.

• Port: UDP 161 (queries), 162 (traps)

• Layer: Application (7)

• Security Risk: Default community strings, info leaks.

15. DHCP (Dynamic Host Configuration Protocol)

• Function: Assigns IP addresses dynamically.

• Port: UDP 67 (server), 68 (client)

• Layer: Application (7)

• Security Risk: Rogue DHCP servers, MITM.

16. LDAP (Lightweight Directory Access Protocol)

• Function: Directory services (e.g., Active Directory).

• Port: TCP 389 (LDAP), 636 (LDAPS)

• Layer: Application (7)

• Security Risk: Credential brute-forcing.

17. Kerberos

• Function: Authentication (Windows AD).

• Port: TCP/UDP 88

• Layer: Application (7)

• Security Risk: Golden/Silver ticket attacks.

18. ICMP (Internet Control Message Protocol)

• Function: Network diagnostics (ping, traceroute).

• Port: N/A (Layer 3 Protocol)

• Layer: Network (3)

• Security Risk: Ping floods, ICMP tunneling.

19. ARP (Address Resolution Protocol)

• Function: Maps IP to MAC addresses.

• Port: N/A (Layer 2 Protocol)

• Layer: Data Link (2)

• Security Risk: ARP spoofing, MITM.

20. TLS/SSL (Transport Layer Security/Secure Sockets Layer)

• Function: Encrypts application data (HTTPS, SMTPS, etc.).

• Port: Varies (e.g., 443 for HTTPS, 465 for SMTPS)

• Layer: Session (5)/Transport (4)

• Security Risk: Heartbleed, weak cipher suites.