.

Its all about Ports

<<

millwalll

Post Wed Jul 06, 2011 5:05 pm

Its all about Ports

Hi All,

Over the last few months I have been to a few interview and some of the same question come up and they usually all about what services are running on what ports.

So my first question is how many ports do you think a Junior penetration tester should know off the top of his head ? top 10,20,30,50 ports

Second question is what would you say are the top 10,20,30,50 ports are depending on first answer

I guess these would be in there somewhere

80 hhtp
22 ssh
21 ftp
25 smtp
139 netbios
3306 mysql
156 sql server
23 telnet
443 https
53 dns
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Jul 06, 2011 6:20 pm

Re: Its all about Ports

Well what question are you being asked? Are they asking you for a list of 'top 10 ports'? What does that even mean?

If anything, I'd expect them to have a list of ports or protocols, and ask you the commonly associated port or protocol, respectively. I wouldn't think this list needs to be greater than 10 at most. Beyond that, that's what 'cat /etc/services' is for :P
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Jul 06, 2011 6:27 pm

Re: Its all about Ports

I would say you should probably know the top 10. If they asked you about SMTP for example and you couldn't cough up the port, it would probably look bad. However, if they asked you was ports the Shavlik agent listens on.....well you'd get extra points :)

Over time that stuff just gets ingrained into your brain.
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Thu Jul 07, 2011 1:04 pm

Re: Its all about Ports

To add to your list of what I expect most people to know in networking/systems/security:

1433 - MS SQL
445 - MS-ADS
500 - ISAKMP/IPSEC
110 - POP3
143 - IMAP
5900 - VNC
3389 - RDP

31337 - BackOrifice
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW
<<

millwalll

Post Thu Jul 07, 2011 1:48 pm

Re: Its all about Ports

I was just trying find out as I had a few interviews and some asked me port 80 what services runs on that what is fine but then I had few ask me stuff like what runs on port 79 and what runs on port 1 what I think are not exactly well know ports to a junior. or are they ?

There are too many to remember I think there should be a magical port that does everything! lol
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Thu Jul 07, 2011 4:17 pm

Re: Its all about Ports

I ask for several of these ports in interviews in pseudo-random fashion.  If you are a jr. in security, you should, IMHO, know all of the ports you listed and the ones I listed as well.  A sr. should know how each of those protocols function without having to re-learn every time.

Just don't purely guess in a interview.  Don't be tricked by port 0 either, although reserved, it is a valid port.  Your IDS better alert on it though, no valid reason for port 0 in most cases.
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Fri Jul 08, 2011 2:49 am

Re: Its all about Ports

this is just ridiculous, what if i decide to run a webserver on port 22 (or 1984, for the really 1337 people) just because i feel like it??? there are tons of other ways to poke in someone's brain to get an idea of their skill level...
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Fri Jul 08, 2011 7:18 am

Re: Its all about Ports

When I interviewed at a google for a data center tech position, about 6 years ago, and when I interviewed for 2 positions at once at a SaaS provider they asked me about some ports:

21, 22, 80, 443, 514, 53, The microsoft ones, 123 and a couple of other random ones.

The questions went back and forth between would it be what port would service X run on, or what service typically runs on port X, and whether TCP or UDP.

I can think of serveral reasons to ask. heck I've asked people I've interviewed. I wanted to know if they just memorized a few random "common" ports. Or if they actually looked at networking deeper. "Common" meant ports that your mom would use while surfing the web, even if she didn't realize it.
OSWP, Sec+
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Fri Jul 08, 2011 9:14 am

Re: Its all about Ports

@j0rDy - might I suggest that port numbers ARE important, esp when testing others' configurations, and knowing what type of responses to expect when communicating with them.  That said, the list of ports (important ones, anyway) isn't nearly as much data to learn, relative to other things you'll learn in security / pentesting, so I'd throw the 'ridiculous' aside, and just buckle in and learn them (if you don't already know them.)

Besides, if a company expects you to know them, whether or not YOU, I, or others think they are important really doesn't matter, so no use in NOT learning at least the COMMON ones...
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Fri Jul 08, 2011 9:30 am

Re: Its all about Ports

hayabusa wrote:@j0rDy - might I suggest that port numbers ARE important, esp when testing others' configurations, and knowing what type of responses to expect when communicating with them.  That said, the list of ports (important ones, anyway) isn't nearly as much data to learn, relative to other things you'll learn in security / pentesting, so I'd throw the 'ridiculous' aside, and just buckle in and learn them (if you don't already know them.)

Besides, if a company expects you to know them, whether or not YOU, I, or others think they are important really doesn't matter, so no use in NOT learning at least the COMMON ones...


Oh dont get me wrong, i strongly suggest to learn them, and the ones used by viruses/trojans and backdoors also (as the one stated by hell_razor). i'm just saying there are better ways to test someone's knowledge then to let him hammer up some ports.

the first sentence is probably the best answer to the port question. OK, probably not the best answer if you want the job  ;), but why giving "politic correct" answers is going to get you further is a whole different subject...
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Fri Jul 08, 2011 12:55 pm

Re: Its all about Ports

@j0rDy - Do you think I would ignore conversations about the importance or lack thereof of knowing port numbers like these?  I would really like the interviewer to challenge questions like that and they might get bonus points for being able to do so.

One does not need to memorize those lists of ports if they are a student of the game.  Those ports should be well known to someone who has learned enough about security to warrant an interview, even at the jr. level, IMHO.

It also lets me see how they handle the situation.  Do they feed me a line, sound confident but are wrong, or did they take the time to look them up before the interview showing some level of preparedness.  It is kind of like asking for the 7 OSI layers in a network interview.  Do most non-networking geeks think they use that information on a daily basis? Probably not.  Does a networking geek know that they do in fact use that knowledge on a daily basis, definitely, and they can explain why there are important...without unnecessary memorization.  Do I care if they can identify the names of the layers?  Not really, if they can effectively explain what occurs at each layer.

I think the strategy an interviewer uses to obtain the best impressions of a candidate must still be a mystery to many interviewees.
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW
<<

millwalll

Post Sat Jul 09, 2011 3:01 pm

Re: Its all about Ports

The reason I ask is I have been to a few junior interview but I seem to keep falling a the interview part as I don't know how to study for it. I have had 3 interviews and all have asked me different question. and it seem to me that the most common ports really depend on the company you go for a interview with. I have been asked port 1,79,111 and some lots other stuff.

I just finding it really annoying I have the passion to work in security and know once I get my chance that I will learn a lot but every-time I don't get the job I get more and more deflated and wounder if Security is really for me.

I really enjoy learning new things and I am trying my best to teach myself as much as I can but feel that as security is such big area I need some sense of direction to my study. I do want to do courses but am suck due to my finical status I just really don't know what to do I am not getting any younger and really need a break I just don't know what else to try
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Sat Jul 09, 2011 3:38 pm

Re: Its all about Ports

I read the 1, 79, 111 as 179111. I was going to say I'm going to have to remember that for future use. To see if they know the top end port number. :)

I would seriously focus on the more "common" ones. 20, 21, 22, 23, 25, 53, 80, 88, 123, 135, 443, 445, 514, and 3389. Tell them that you haven't seen the others, but know how to find out what they are.

More importantly, at least I think so, let them know that you can find open ports on a network beyond just using nmap to scan. (If you really can).

Security is really where you find it. I spend most of my day doing VPN tunnels and Firewall changes. I would consider those security (not pen-testing, but I'm more a defensive person anyway). As soon as we get the hardware, I'll be doing website vulnerability scanning.

But as for direction, what do you want to do? I like trying to make systems hardened, so attackers have a harder time getting in. I like trying to protect the data. I like watching for things in packet dumps. But that's just me. :)
OSWP, Sec+
<<

millwalll

Post Sat Jul 09, 2011 4:15 pm

Re: Its all about Ports

I love learning new stuff if I could I would do every security course there is. I don't mind anything I find it all very interesting I just feel because of this I need direction as I tend to jump between things too much as I don't have a clue what exactly I should learn. I want start off as junior and from that work my way up learn mobile security, maybe how to code exploits, network security, web security etc. It really frustrating if I could I would work for free for year just to get a break but that just not possible.

My current job when I started I knew nothing 3 years on I have people who worked for for 20+ years come to me for the answer to there question just because I do everything with 200% an want learn learn learn and go out my way to do so
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Jul 10, 2011 1:49 am

Re: Its all about Ports

Problem solved: http://www.iana.org/assignments/port-numbers ;)

Also, check out the nmap-services file. They list the "popularity" of each service.
The day you stop learning is the day you start becoming obsolete.
Next

Return to Career Central

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software