TCP and UDP port numbers Below is a sub-set of the assigned port numbers. For a full list, see: ❑http://www.iana.org/assignments/port-numbers Port Numbers 7 Echo 119 Network News Transfer Protocol (NNTP) 9 Discard 123 Network Time Protocol (NTP) 13 Daytime 137 NetBIOS Name Service 19 Character Generator 138 NetBIOS Datagram Service 20 FTP – Data 139 NetBIOS Session Service 21 FTP – Control 143 Internet Message Access Protocol (IMAP) 22 SSH Remote Login Protocol 146 ISO-IP0 23 Telnet 147 ISO-IP 25 Simple Mail Transfer Protocol (SMTP) 161 SNMP 43 Who Is 162 SNMP trap 53 Domain Name Server (DNS) 257 Secure Electronic Transaction 67 Bootstrap Protocol and DHCP – Server 443 HTTP over TLS/SSL (HTTPS) 68 Bootstrap Protocol and DHCP – Client 445 Microsoft-DS 69 Trivial File Transfer Protocol (TFTP) 500 ISAKMP 70 Gopher 512 remote process execution (rexec) – TCP only 79 Finger 513 remote login (rlogin) – TCP only 80 World Wide Web (HTTP) 513 who’s logged on – UDP only 88 Kerberos 514 remote shell (rsh) – TCP only 109 Post Office Protocol – Version 2 (POP2) 514 Syslog – UDP only 110 Post Office Protocol – Version 3 (POP3) 515 LPD printing 111 SUN Remote Procedure Call (RPC) 531 chat 113 Authentication Service Except where noted, both UDP and TCP port numbers are allocated. 532 readnews 1812, 1813 RADIUS, RADIUS Accounting 540, 541 uucpd, uucp-rlogin 1965 Tivoli NPM 546 DHCPv6 Client 2005 Oracle – UDP only 547 DHCPv6 Server 2049 NFS (Network File System) 565 whoami 2998 Real Secure 647 DHCP Failover 3020 CIFS 683 CORBA IIOP 3306 MySQL 684 CORBA IIOP SSL 3407 LDAP admin server port 847 DHCP Failover 2 5190–5193 AOL (America Online) 1011–1024 Reserved 5631–5632 pcANYWHERE 1024 NFS mount (UDP only) 6000–6063 X window system 1027 NFS mount (TCP only) 6346–6347 Gnutella 1214 KAZAA 7000 IRC server 1352 Lotus Notes 7100 X Font Service 1433 Microsoft-SQL-Server 8080 HTTP alternate port 1434 Microsoft-SQL-Monitor 10080 Amanda 1435 IBM CICS 18181–18185, OPSEC CVP, etc. 1503 MS NetMeeting 18187, 19191 1512 Windows Internet Name Service (WINS) 18241 Check Point RTM 1525 Oracle 26000 Quake 1649 kermit 33435 … traceroute 1718–1720 H.323 conferencing, MS NetMeeting 49152–65535 Dynamic and/or private ports Practical TCP/IP Practical TCP/IP Designing,using,and troubleshooting TCP/IP networks on Linux® and Windows® Niall Mansfield An imprint ofPearson Education London • Boston • Indianapolis • New York • Mexico City • Toronto Sydney • Tokyo • Singapore • Hong Kong • Cape Town • New Delhi Madrid • Paris • Amsterdam • Munich • Milan • Stockholm PEARSON EDUCATION LIMITED Head Office: London Office: Edinburgh Gate 128 Long Acre Harlow CM20 2JE London WC2E 9AN Tel: +44 (0)1279 623623 Tel: +44 (0)20 7447 2000 Fax: +44 (0)1279 431059 Fax: +44 (0)20 7447 2170 Website: www.it-minds.com www.awprofessional.com First published in Great Britain in 2003 © Pearson Education 2003 The right of Niall Mansfield to be identified as author of this work has been asserted by him in accordance with the Copyright, Designs and Patents Act 1988. ISBN 0 201 75078 3 British Library Cataloguing in Publication Data A CIP catalogue record for this book can be obtained from the British Library. Library of Congress Cataloging in Publication Data Applied for. All rights reserved; no part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise without either the prior written permission of the publishers or a licence permitting restricted copying in the United Kingdom issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London W1T 4LP. This book may not be lent, resold, hired out or otherwise disposed of by way of trade in any form of binding or cover other than that in which it is published, without the prior consent of the publishers. The programs and instructions in this book have been included for their instructional value. The publisher does not offer any warranties or representations in respect of their fitness for a particular purpose, nor does the publisher accept any liability for any loss or damage arising from their use. The publication is designed to provide accurate and authoritative information in regard to the subject matter covered. The publisher makes no representation, express or implied, with regard to the accuracy of informa- tion contained in this book and cannot accept any legal responsibility or liability for any errors or omissions that may be made. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trade- marks. Pearson Education Limited has made every attempt to supply trademark information about manufacturers and their products mentioned in this book. All IP addresses used herein are the property of their respective owners. The use of any IP address in this text does not vest in the author or publisher any IP ownership rights in such IP addresses, nor does the use of such IP addresses imply any affiliation with or endorsement of this book by such owners. Readers of the book should not attempt to use such IP addresses, they are all password protected and their inclusion in this book does not imply in any way that the reader has permission to use them. 10 9 8 7 6 5 4 3 2 1 Typeset by Pantek Arts Ltd, Maidstone, Kent Printed and bound in the UK by Biddles Ltd of Guildford and King’s Lynn The Publishers’ policy is to use paper manufactured from sustainable forests. Contents at a glance Part 1 How and why packets move on the network 1 0 A quick introduction to TCP/IP 3 1 Thetcpdump packet sniffer – your eyes and ears on the network 15 2 How packets move on the local wire 27 3 Basic routing – how packets move from this network to another network connected to it 59 4 IPaddressing and netmasks in detail 85 5 Routing in detail – controlling how and where packets pass in and out of your networks 113 6 Routing in practice 149 7 The DNS– names instead of IPaddresses 181 8 The DNS (2) – how the servers work 205 9 Troubleshooting the DNS 245 Part 2 End-user and system applications 257 10 The TCP protocol;the applications layer and the telnetapplication 259 11 E-mail – SMTP and POP3 285 12 E-mail – MIME,IMAP;other mail systems 317 13 The etherealprotocol analyzer and ngreppacket sniffer 333 14 HTTP and the World Wide Web 353 15 UDP and other protocols 397 16 DHCP – automating your TCP/IPclient management 409 17 Other applications and their protocols 425 Part 3 Microsoft Windows® Networking on a TCP/IP network 465 18 MS-Windows Networking – introduction 467 19 Windows Networking – name resolution 493 20 Windows Networking – logon and domains 523 21 Windows Networking – browsing the network 555 22 Using Windows Networking 583 Part 4 Connecting to the Internet, and Internet security 595 23 Connecting your site to the Internet 597 24 Firewalls 625 25 Other security services 649 26 Dial-up networking and PPP 661 27 VPN – virtual private networking 691 Epilog 719 Appendices 721 Index 833 Contents Preface xv Acknowledgments xxiii Part 1 How and why packets move on the network 1 0 A quick introduction to TCP/IP 3 0.1 To debug and understand your network, trace the packets 4 0.2 Networks can be easier than stand-alone machines 6 0.3 TCP/IP consists of separate building blocks 8 0.4 TCP/IP traffic is made up of packets 10 Summary 12 1 The tcpdumppacket sniffer – your eyes and ears on the network 15 1.1 How tcpdumpworks 16 1.2 How to run tcpdump 18 1.3 How to select just the packets you’re interested in 20 1.4 Common problems with tcpdump 22 Summary 24 2 How packets move on the local wire 27 2.1 IP address and netmask – how to get a packet to your machine 28 2.2 Netmask – the range of my directly connected network 30 2.3 Ethernet networking: moving packets along the local wire 32 2.4 ARP – how my machine finds the Ethernet address of your machine 34 2.5 Viewing and manipulating ARP entries 36 2.6 Using pingto generate test traffic between two machines 38 2.7 Lab – building the simplest network possible: hubs and cabling 40 2.8 Hubs v. switches 42 2.9 Lab – software configuration: Windows 44 2.10 Verifying your settings – Windows 46 2.11 Lab – software configuration: Linux® 48 2.12 Lab – building the simplest network possible: implement and test 50 2.13 How to diagnose a problem with your network: hop by hop and step by step 52 Summary 54 3 Basic routing – how packets move from this network to another network connected to it 59 3.1 The fundamental IP routing decision 60 3.2 Telling a router to forward a packet 62