Page 758 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 758

binary numbers, the total number of ports is 2^16, or 65,536,
               numbered from 0 through 65,535. A port is little more than an address

               number that both ends of the communication link agree to use when
               transferring data within the Transport layer. Ports allow a single IP
               address to be able to support multiple simultaneous communications,
               each using a different port number. The combination of an IP address
               and a port number is known as a socket.

               The first 1,024 of these ports (0–1,023) are called the well-known

               ports or the service ports. This is because they have standardized
               assignments as to the services they support. For example, port 80 is
               the standard port for web (HTTP) traffic, port 23 is the standard port
               for Telnet, and port 25 is the standard port for SMTP. These ports are
               reserved for use exclusively by servers (in other words, they cannot be
               used as the source port by a requesting client). You can find a list of
               ports worth knowing for the exam in the section “Common Application
               Layer Protocols” later in this chapter.


               Ports 1,024 to 49151 are known as the registered software ports.
               These are ports that have one or more networking software products
               specifically registered with the International Assigned Numbers
               Authority (IANA, www.iana.org) in order to provide a standardized
               port-numbering system for clients attempting to connect to their
               products.


               Ports 49152 to 65535 are known as the random, dynamic, or
               ephemeral ports because they are often used randomly and
               temporarily by clients as a source port. These random ports are also
               used by several networking services when negotiating a data transfer
               pipeline between client and server outside the initial service or
               registered ports, such as performed by common FTP.



                  Port Numbers



                  The IANA recommends that ports 49152 to 65535 be used as
                  dynamic and/or private ports. However, not all OSs abide by this.
                  A site that has a list of examples of the various ranges used by OSs
                  for random source ports is
   753   754   755   756   757   758   759   760   761   762   763