Common Network Protocols

Network protocols define how systems communicate. Understanding these protocols, their purpose, typical ports, and security characteristics is essential for effective penetration testing.

Application Layer Protocols

HTTP/HTTPS (80/443) - Web traffic foundation. HTTP is unencrypted while HTTPS adds TLS encryption.

FTP (21) - File transfer protocol with separate control and data channels. Credentials sent in cleartext.

SSH (22) - Secure remote access and file transfer. Key-based auth stronger than passwords.

DNS (53) - Domain name resolution. DNS spoofing, zone transfer disclosure, DNS tunneling possible.

SMTP (25/587) - Email transport. Open relays enable spam, email spoofing without SPF/DKIM/DMARC.

Windows Network Protocols

SMB (445) - Windows file sharing and named pipes. Null session enumeration, relay attacks, EternalBlue exploits.

LDAP (389/636) - Directory services access. Anonymous bind disclosure, injection attacks.

RDP (3389) - Remote desktop access. Brute force attacks, BlueKeep vulnerability.

Network Infrastructure Protocols

SNMP (161/162) - Network device management. Default community strings, version 1/2c use cleartext.

Telnet (23) - Legacy remote access completely unencrypted. Should be replaced by SSH.

Understanding protocol weaknesses guides reconnaissance and exploitation strategies.