Home
Encrypted
Unencrypted

COMMOM NETWORK PROTOCOLS

Essentail Network Protocols:

The following protocols are considered essential knowledge for developers, network engineers, and ethical hackers. Mastery of these protocols is fundamental for building, securing and Troubleshooting modern networks. (Click a card to learn more about each protocol)

Core Application Layer Protocols

ftp 20/21 tcp

File Transfer Protocol: Used for transferring files between client and server.

  • Function: An old protocol for transferring files. Uses separate channels for commands and data.
  • Security: Insecure; sends credentials and data in plaintext. Avoid in favor for SFTP.
sftp 22 tcp

Secure File Transfer Protocol: FTP over SSH for secure file transfer.

  • Function: A secure protocol for file transfer that runs over an SSH session.
  • Security: Inherits the strong encryption and authentiation of SSH, making it the industry standard.
tftp 69 udp

Trivial File Transfer Protocol: Simple, unsecured file transfer protocol.

  • Function: A simplified, lightweight file transfer protocol with no authentiation.
  • Security: None. Use only on trusted, isolated networks for tasks like device booting.
ssh 22 tcp

Secure Shell: Secure remote login and command execution.

  • Function: The standard for secure remote command-line access and administration.
  • Security: Provides a fully encrypted channel, protecting against eavesdropping and hijacking.
telnet 23 tcp

Teletype Network: Unsecure remote login and command execution.

  • Function: An early protocol for remote command-line access.
  • Security: Completely insecure; sends all data, including passwords, in plaintext. Deprecated.
smtp 25/587 tcp

Simple Mail Transfer Protocol: Used for sending emails.

  • Function: The standard for sending email between servers and from a client to a server.
  • Security: Use Port 587 with STARTTLS encryption for secure client submission.
pop3 110/995 tcp

Post Office Protocol v3: Receiving emails by downloading them from the server.

  • Function: An older protocol used to retrieve email from a server, typically by downloading messages to a single device and then deleting them from the server.
  • Security: Inherently insecure as it transmits data in plaintext.
pop3s 995 tcp

POP3 over SSL: Secure POP3 for email retrieval.

  • Function: Used to retrieve email by downloading it from the server, often deleting the server copy.
  • Security: Use Port 995 (POP3S) for an encrypted connection.
imap 143 tcp

Internet Message Access Protocol: Accessing emails directly on the server.

  • Function: A modern protocol used to access and manage email directly on the server. This allow for state to be synchronized across multiple devices.
  • Security: Unencrypted in its base form.
imaps 993 tcp

IMAP over SSL: Secure IMAP for email access.

  • Function: The secure version of IMAP. It wrap the entire communication in a TLS/SSL encrypted layer.
  • Security: The standard for secure, multi-device email access, ensuring confidentaility.
http 80 tcp

Hypertext Transfer Protocol: Unsecure web browsing.

  • Function: The original protocol for web browsing. It follows a simple request-response model.
  • Security: Unencrypted; all data is sent in plaintext and is insecure.
https 443 tcp

Hypertext Transfer Protocol Secure: Secure web browsing with Secure Sockets Layer (SSL) or TLS.

  • Function: The secure standard for the web. It is HTTP layered over a TLS/SSL encrypted connection.
  • Security: Provides confidentaility, integrity and authentiation. Essentail for all modern sites.
dns 53 tcp/udp

Domain Name System: Used for resolving domain names to IP addresses.

  • Function: Translates human-friendly domain names (e.g., example.com) into I addresses.
  • Security: Traditional DNS is unencrypted. DNS-over-HTTPS (DoH) adds a layer of privacy.
dhcp 67/68 udp

Dynamic Host Configuration Protocol: Used to assign IP addresses automatically.

  • Function: Automatically assigns IP addresses and network settings to devices on a network.
  • Security: Has no native authentication; can be vulnerable to rogue servers on a local network.
ntp 123 udp

Network Time Protocol: Synchronizing clocks over a network.

  • Function: Synchronized computer clocks across a network, which is critical for logging and security.
  • Security: Can be vulnerable to spoofing; use trusted time sources.
ldap 389 tcp/udp

Lighweight Directory Access Protocol: Accessing and managing directory information.

  • Function: A protocol for querying and modifying information in a directory service (e.g., Active Directory)
  • Security: Use Port 636 (LDAPS) for an encrypted connection.
ldaps 636 tcp/udp

LDAL over SSL: Used for secure LDAP access.

  • Function: The secure version of LDAP, used for accessing and maintaining directory services.
  • Security: It encrypts all LDAP communication with TLS/SSL, protecting user credentials and directory data.
snmp 161/162 udp

Simple Network Management Protocol: Used for network management and monitoring.

  • Function: Used to monitor and manage network devices like routers and switches.
  • Security: Use SNMPv3, as older versions are insecure.
syslog 514 udp

System Logging: Network event logging system and protocol.

  • Function: A standard for sending event log messages from devices to a central logging server.
  • Security: Basic Syslog in unencrypted; secure variants exist that use TLS.
smb 445 tcp

Server Message Block: File sharing and network communication.

  • Function: Used for sharing files, printers, and other resources, primarily on Windows networks.
  • Security: Historically vulnerable; requires strict access controls and timely patching.
sql 1433 tcp

Structured Query Language(SQL) Server: Database management system by Microsoft.

  • Function: The protocol for communicating with Microsoft's SQL Server database.
  • Security: Tthe connection should be encrypted to protect data in transit.
sqlnet 1521 tcp

SQLNet (Oracle Network Service): Enable Oracle SQL clients to communicate with Oracle database server.

  • Function: The protocol used by Oracle databases to facilitate communication between clients and the server.
  • Security: Supports network encryption to protect database queries and results.
mysql 3306 tcp

MySQL: MySQL database service.

  • Function: The protocol for communicating with MySQL and MariaDB database systems.
  • Security: Supports SSL/TLS to encrypt the connection between the application and database.
rdp 3389 tcp/udp

Remote Desktop Protocol: Remote desktop access.

  • Function: Provides a graphical user interface for remotely accessing another computer.
  • Security: A frequent target for attacks. Must be secured with strong passwords and network-level authentication (NLA), preferably behind a VPN.
sip 5060/5061 tcp/udp

Session Initiation Protocol: Used for managing multimedia communication sessions

  • Function: Used to initiate, maintain, and terminate real-time communication sessions like VoIP calls.
  • Security: Use Port 5061 with TLS for encrypted signaling.

Core Transport Layer Protocols

Protocol Port(s) Type Description
TCP Various TCP Reliable, connection-oriented delivery.
UDP Various UDP Fast, connetionless delivery (no guarantess).

Core Network Layer Protocols

  • IP (Internet Protocol): Delivers packets across networks; foundation for all internet communications.
  • ICMP (Internet Control Message Protocol): Used for sending error and status messages (e.g., ping, traceroute).
  • DHCP (Dynamic Host Configuration Protocol): Dynamically assigns IP addresses on a network.
  • ARP (Address Resolution Protocol): Resolves IP addresses to MAC addresses in local networks.

Security & Modern Enhancements

Protocol Description
TLS/SSL Cryptography for secure sessions (HTTPS, email, VPNs).
QUIC/HTTP3 Next-gen web protocol for high speed, secure communication.
Zero Trust (ZTNA) Framework, not a protocol, but increasingly vital for secure access control and segmentation in distributed networks.

Why These Protocols Are Essential

  • Web Development: HTTP/HTTPS, DNS, TCP/UDP fundamentals.
  • Networking: Mastery of IP, DHCP, SNMP, RDP critical for network operations.
  • Security/Ethical Hacking: SSH/SFTP (secure remote access), HTTPS/TLS (encryption), SNMP/LDAP (device management), and understanding protocol-specific vulnerabilities.
  • Cloud/IoT: Protocols like QUIC, MQTT, and Matter (for IoT) are rising in importance, but the ones above form the baseline.

Quick Reference: Essentails for Every Role

  • Developers: HTTP, HTTPS, TCP, UDP, SMTP, DNS, EMAP
  • Network Engineers: TCP, UDP, IP, SNMP, DHCP, ARP, OSPF, BGP
  • Ethical Hacker: FTP, SMB, SNMP, Telnet, SSH, ICMP, RDP

Solid foundational knowledge of these protocols is vital for effective troubleshooting, building secure systems, and progressing in networking or cybersecurity careers