next we have tell men now, Tell Mette is going to be a remote terminal connection.
So tell that allows us to If we are going to tell net into a another computer, then we open up a remote terminal. What looks like a command prompt into either that computer or that that remote switch or device and is allowing us to have that connection tell. And that's gonna be running over Port
and tell that could be configured as UDP or TCP. Now it could be configured udp TCP because it's unencrypted. Tell met all the information that we send when we're connecting to a device via telnet is all encrypted and it's all clear text. So it is a
protocol that we want to get replaced. It is a protocol that we want to
used a different one for, especially for sending log in information because if we tell made into a box, if we tell that into a computer,
we want that computer to be set up so that you can't just start issuing commands, you can't just start saying, Oh, hey, Computer, send me this file. Do this, Do this, do this so that computer will request log in credentials. And if we're connected over telling that and we inter log in credentials for that computer or for that device,
that's all unencrypted going over our network. So just like http, if someone's on our network sniffing that, that could easily pick that up. So you want to replace that with something else.
But telling that is a terminal remote terminal connection running over port 23. That could be a TCP or UDP oriented,
mostly replacing telling that is our sshh.
Now s S H is an encrypted connection between points, which either can act as a remote terminal organ transfer data
T C P R S s H runs over, typically port 22 TCP.
we we already talked about Port 22. You have a good memory. We talked about Port 22 when we were talking about security file transfer protocol.
why are we using the same port?
Well, the reason being and
back in our secure file transfer protocol, our secure file transfer protocol needs a way to encrypt that data. This going back and forth.
So how does it encrypt it?
Woollen encrypted with S S H.
So when it's transferring that data back and forth, we're using a file transfer like protocol, secure file transfer protocol. But it's
secure because it's encrypting that data by transferring a S S h.
So s S H is its own protocol. We can connect to a device simply by using a secure shell. That's what S H stands for is secure shell. We can connect to a device simply by using a secure shell to its correct port
on that port can be changed.
But we can also use sshh as part of secure file transfer protocol in order to securely transfer files to that same port over Sshh. So that's why we say this protocol is over Another protocol, um, https
transfers over SSL, which is another protocol that will talk about it later. SSL doesn't have a typical port that it uses because SSL secure socket layer runs over different protocols.
So s s l will work with https to make sure that this http information is encrypted.
SSL also works over a secured version of el bat lightweight directory access protocol which allows us to access, which allows us to make directory changes, and it uses SSL. It runs over SSL to encrypt that.
So just like SSL runs over https, we can have our as a sage running over a file transfer protocol in order to keep it secure as well.
for the these remote over here we have our DP
now. Already, P stands for more remote desktop, and this is the port that Microsoft remote desktop Microsoft Remote desktop application is gonna use by default to initiate a remote desktop connection.
This is going to run over Port 33389
and it's going to be TCP or UDP.
if we're in an internal environment where we need to initiate these remote desktop connections between clients because we have we have
desktop support that initiates remote desktop connections, then that's all in good.
we may not want someone outside our organisation attempting attempting to initiate remote desktop connections.
So this is where being able to block particular ports with our firewalls come in handy.
We can set up a firewall. We can set up a d m Z, or we can set up an internal firewall that is filtering data coming into our network from the Internet in one of our block rules is to block our DP connections.
So if someone is trying to initiate an R V P session through our firewall, our firewall is going to block any RTP protocols is gonna close off Port 33389
that's where that's how that's how our firewall is used. With these ports and protocols, firewalls can block ports, they can block protocols, or they can just block everything that they don't they aren't allowing through. If we had a firewall that the only thing we need to needed to allow through was web pages.
All we may open on that firewall is port A tea import 443
because if we open port A tea import 443 incoming, we're going to be able to receive
standard http pages and we're going to be able to receive https. So we're gonna be able to receive the Internet pages into throw that firewall so we can open up those ports and then have a rule that says block everything else. I don't want to allow telling that connections into my network. I don't want to allow sshh connections into my network. I don't want to allow RTP connections into my network.
use our knowledge of these different protocols and their port numbers in order to determine
our security posture and determine what ports we want and protocols we want to allow into our network.