A Critical Ports refers to a network ports that are important for the functioning, security, or accessibility of a specific system or service. These ports are often targeted by attackers because they can use these ports to exploit respective vulnerability of an organization or network devices.
Characteristics of Critical Ports:
Essential Functionality: These ports are used by critical applications or services, such as web servers, databases, or email servers.
High Impact: Any disruption or compromise of these ports can lead to significant operational, financial, or reputational damage.
Common Targets: Critical ports are frequently scanned and attacked because they are associated with widely used protocols.
Critical Ports:
- Port 20 (FTP): Files Transfer Protocol.
- Port 21 (FTP): File Transfer Protocol.
- Port 22 (SSH): The Secure Shell.
- Port 23 (telnet): Used to provide text-based communication and remote access to another machine over a network.
- Port 135 (RPC): Remote Procedure Call.
- Port 137 (NetBIOS): Used for File and Print Sharing.
- Port 445 (SMB): (Server Message Block) protocol is used for file sharing in Windows.
- Port 3389 (RDP): Windows Remote Desktop and Remote Assistance connections.
- Port 5985 (WinRM): Microsoft Windows Remote Management(HTTP)
- Port 5986 (WinRM): Microsoft Windows Remote Management(HTTPS)
