Common File Transfer Protocols

Questions and Answers

What is the primary benefit of using TFTP in a lab environment?

It has low overhead and doesn't require three-way handshakes and acknowledgments

Why is TFTP generally not recommended for use on a public network?

It sends data in plain text and lacks authentication

What is the well-known port used by TFTP?

UDP port 69

What is the primary difference between FTP and TFTP?

FTP uses TCP, while TFTP uses UDP Signup and view all the answers

What is the control channel port used by FTP?

TCP port 21 Signup and view all the answers

Why is FTP not recommended for use on a public network?

It sends data in plain text and lacks encryption Signup and view all the answers

What is the data channel port used by FTP?

The data channel is dynamically negotiated Signup and view all the answers

What is a common use case for TFTP in a lab environment?

Updating firmware on networking devices Signup and view all the answers

What is the primary concern with using TFTP or FTP for general networking usage?

They are not secure protocols. Signup and view all the answers

What is the purpose of filtering UDP port 69 and TCP ports 20 and 21?

To prevent the use of unsecured protocols like TFTP and FTP. Signup and view all the answers

What is the well-known port number used by the FTP server?

TCP port 21 Signup and view all the answers

What technology does Secure FTP leverage?

SSH Signup and view all the answers

What is the TCP port number used by Secure FTP?

TCP port 22 Signup and view all the answers

What is the purpose of looking at the logs of networking devices?

To verify the use of secure protocols. Signup and view all the answers

What is the protocol used by Windows Active Directory and Microsoft Networking?

SMB Signup and view all the answers

What is the port number used by the Server Message Block protocol?

TCP port 445 Signup and view all the answers

What is the primary benefit of reviewing packet captures in network logs?

To verify the accuracy of network traffic and port usage Signup and view all the answers

What is the purpose of using Applipedia or a next-generation firewall?

To look up application layer protocols and their corresponding ports. Signup and view all the answers

What is the well-known port number associated with SFTP?

22 Signup and view all the answers

What is the primary concern with using TFTP or FTP in a network infrastructure?

They are vulnerable to man-in-the-middle attacks. Signup and view all the answers

Which of the following application layer protocols uses UDP as a transport protocol?

TFTP Signup and view all the answers

What is the primary purpose of memorizing well-known ports for file services?

To troubleshoot issues with file transfer services Signup and view all the answers

What is the protocol used in the log entry mentioned in the content?

SMB Signup and view all the answers

Which of the following infrastructure services is NOT mentioned in the content?

SFTP Signup and view all the answers

Study Notes

File Transfer Protocols

TFTP (Trivial File Transfer Protocol) uses UDP port 69 and is not secure, as it doesn't encrypt traffic and has no authentication.
Advantages of TFTP include low overhead, making it suitable for lab environments and firmware updates.
However, TFTP is not recommended for general use due to its lack of security.

FTP

FTP (File Transfer Protocol) uses TCP port 21 for the control channel and port 20 for the data channel (or dynamically negotiates it).
FTP is not secure, as it doesn't encrypt data and has limited authentication, making it vulnerable to eavesdropping and man-in-the-middle attacks.

Restricting Insecure Protocols

To prevent the use of insecure protocols like TFTP and FTP, filters can be applied to block UDP port 69 and TCP ports 21 and 20.
This can be done at the network layer to restrict users from using these protocols.

Secure FTP

SFTP (Secure File Transfer Protocol) uses TCP port 22 and leverages SSH technology to provide secure file transfers.
SFTP is a recommended alternative to insecure protocols like TFTP and FTP.

SMB

SMB (Server Message Block) is a file service used in Windows Active Directory and Microsoft Networking.
SMB uses TCP port 445, as well as TCP port 139 and UDP port 445.

SMB (Server Message Block) protocol can use both TCP and UDP for different purposes. TCP port 445 is the standard port used for SMB over IP networks. TCP port 139 was the traditional port used for SMB before port 445 became the standard. Some systems may still use port 139 for compatibility reasons.

UDP port 445 is used for SMB directly over NetBIOS, which is an older networking protocol. NetBIOS over TCP (NBT) uses UDP port 137 and 138 for name resolution and datagram services. In some cases, UDP is used for better performance in certain SMB operations like browsing and name resolution, as it is connectionless and can be faster for certain types of data transmissions.

In summary, SMB utilizes TCP port 445 as the primary port for file and print sharing over IP networks. TCP port 139 may still be used for compatibility reasons. UDP port 445 is used for SMB over NetBIOS, with ports 137 and 138 handling specific services related to NetBIOS communication.Analyzing log files and packet captures can help confirm the ports used by SMB and other protocols.

Memorization of Ports

It's recommended to memorize the well-known ports for TFTP (UDP 69), FTP (TCP 21), SFTP (TCP 22), and SMB (TCP 445 and 139, UDP 445).
This knowledge can be useful when working with logs or troubleshooting issues with these protocols.