1 00:00:00,000 --> 00:00:00,960 In this lesson, 2 00:00:00,960 --> 00:00:04,560 we're going to cover other network service ports and protocols. 3 00:00:04,560 --> 00:00:06,510 Now, as we talk about other network service ports 4 00:00:06,510 --> 00:00:08,970 and protocols, these are the different network service ports 5 00:00:08,970 --> 00:00:10,710 and protocols that play a pivotal role 6 00:00:10,710 --> 00:00:13,350 in our network time synchronization and the establishment 7 00:00:13,350 --> 00:00:16,320 of communication sessions, as well as directory services. 8 00:00:16,320 --> 00:00:17,790 They're going to be crucial for organizing 9 00:00:17,790 --> 00:00:20,250 and providing access to our distributed information 10 00:00:20,250 --> 00:00:22,290 located all across our network. 11 00:00:22,290 --> 00:00:25,170 To do this, we're going to be looking at three main protocols, 12 00:00:25,170 --> 00:00:28,500 the Network Time Protocol, the Session Initiation Protocol, 13 00:00:28,500 --> 00:00:31,470 and the Lightweight Directory Access Protocol. 14 00:00:31,470 --> 00:00:35,520 Now, first we have NTP or the Network Time Protocol. 15 00:00:35,520 --> 00:00:38,250 Now, NTP is going to be used to synchronize the clocks 16 00:00:38,250 --> 00:00:40,650 of a computer over a given network. 17 00:00:40,650 --> 00:00:43,500 Now, time synchronization may not seem like it's a big deal, 18 00:00:43,500 --> 00:00:45,720 but it actually is vital in our networks to ensure 19 00:00:45,720 --> 00:00:47,460 that the time dependent processes 20 00:00:47,460 --> 00:00:49,470 and the times stamping of events are consistent 21 00:00:49,470 --> 00:00:51,570 across all of our devices. 22 00:00:51,570 --> 00:00:55,650 NTP will operate primarily over Port 123 23 00:00:55,650 --> 00:00:58,200 using the user datagram protocol. 24 00:00:58,200 --> 00:01:01,110 NTP enables our networks to maintain accurate time 25 00:01:01,110 --> 00:01:03,570 with precision and reliability, which is crucial 26 00:01:03,570 --> 00:01:05,970 for transaction logging, security protocols, 27 00:01:05,970 --> 00:01:08,310 and the coordination of system functions. 28 00:01:08,310 --> 00:01:11,520 For example, if your time is out of sync by too much, 29 00:01:11,520 --> 00:01:14,100 your domain controller won't let that workstation 30 00:01:14,100 --> 00:01:15,360 log onto the domain 31 00:01:15,360 --> 00:01:17,070 because it's going to see that there's an issue 32 00:01:17,070 --> 00:01:19,830 between the time of the server and the time of the client, 33 00:01:19,830 --> 00:01:21,570 and it'll actually affect some of your encryption 34 00:01:21,570 --> 00:01:23,220 and decryption functions too, 35 00:01:23,220 --> 00:01:26,220 which is why NTP is so important. 36 00:01:26,220 --> 00:01:30,450 Second, we have SIP or the Session Initiation Protocol. 37 00:01:30,450 --> 00:01:33,540 Now, SIP is widely used for initiating, maintaining, 38 00:01:33,540 --> 00:01:36,870 and terminating real-time sessions that involve voice, 39 00:01:36,870 --> 00:01:40,290 video, messaging, and other communication services. 40 00:01:40,290 --> 00:01:42,780 Most commonly, you're going to see SIP is used 41 00:01:42,780 --> 00:01:46,200 for communication services like voiceover IP applications 42 00:01:46,200 --> 00:01:48,840 that allow you to make phone calls over the internet. 43 00:01:48,840 --> 00:01:51,240 Now, the session initiation protocol can utilize 44 00:01:51,240 --> 00:01:54,030 multiple ports, but traditionally it's going to operate 45 00:01:54,030 --> 00:01:57,451 over Port 5060 on both UDP 46 00:01:57,451 --> 00:02:00,120 and TCP for unencrypted signaling, 47 00:02:00,120 --> 00:02:03,810 and it's going to use Port 5061 using TCP 48 00:02:03,810 --> 00:02:06,210 for encrypted signaling with TLS 49 00:02:06,210 --> 00:02:08,610 or the transport layer security. 50 00:02:08,610 --> 00:02:11,160 The third one we have is what's known as LDAP 51 00:02:11,160 --> 00:02:13,950 or the Lightweight Directory Access Protocol. 52 00:02:13,950 --> 00:02:16,620 Now, the lightweight Directory Access Protocol is actually 53 00:02:16,620 --> 00:02:18,000 a protocol for accessing 54 00:02:18,000 --> 00:02:20,520 and maintaining distributed directory information services 55 00:02:20,520 --> 00:02:22,320 over an IP network. 56 00:02:22,320 --> 00:02:25,380 LDAP is used to look up information in a directory listing, 57 00:02:25,380 --> 00:02:27,300 and it's commonly used in email programs 58 00:02:27,300 --> 00:02:28,800 to find out personal information, 59 00:02:28,800 --> 00:02:31,470 like a person's email address, their phone number, 60 00:02:31,470 --> 00:02:33,300 the department they're in inside of the company, 61 00:02:33,300 --> 00:02:36,750 and things like that from your internal company servers. 62 00:02:36,750 --> 00:02:38,040 When you use LDAP, 63 00:02:38,040 --> 00:02:42,853 it's going to communicate over Port 389 using both TCP and UDP. 64 00:02:43,890 --> 00:02:46,530 Now, unfortunately, LDAP is insecure 65 00:02:46,530 --> 00:02:49,470 and it transmits all that information in plain text. 66 00:02:49,470 --> 00:02:53,310 To overcome this, we have created something known as LDAPS 67 00:02:53,310 --> 00:02:55,770 or LDAP over SSL. 68 00:02:55,770 --> 00:02:58,740 Now, LDAPS is going to be a version of LDAP 69 00:02:58,740 --> 00:03:00,390 that's encrypted with SSL 70 00:03:00,390 --> 00:03:03,630 or in newer versions, TLS for increased security. 71 00:03:03,630 --> 00:03:06,810 You should use LDAPS or LDAPS anytime that you have 72 00:03:06,810 --> 00:03:08,370 a connection that needs to be protected, 73 00:03:08,370 --> 00:03:10,740 due to the sensitive nature of the data being accessed 74 00:03:10,740 --> 00:03:14,550 and manipulated, essentially LDAPS is going to run 75 00:03:14,550 --> 00:03:17,700 over Port 636 using TCP, 76 00:03:17,700 --> 00:03:19,260 and this ensures that the data exchange 77 00:03:19,260 --> 00:03:21,990 during the LDAP sessions is being securely encrypted 78 00:03:21,990 --> 00:03:24,300 before it's sent from the server to a client 79 00:03:24,300 --> 00:03:26,490 or from a client to a server. 80 00:03:26,490 --> 00:03:29,640 So remember, each of these different network service ports 81 00:03:29,640 --> 00:03:31,080 and protocols is going to provide us 82 00:03:31,080 --> 00:03:33,720 with some essential services that support the complex needs 83 00:03:33,720 --> 00:03:35,280 of our modern networks. 84 00:03:35,280 --> 00:03:37,470 When we're dealing with NTP, we're dealing with 85 00:03:37,470 --> 00:03:39,480 the network time protocol that's being used 86 00:03:39,480 --> 00:03:42,330 to ensure all devices on a network agree on the time 87 00:03:42,330 --> 00:03:43,920 and this is really important 88 00:03:43,920 --> 00:03:45,960 inside of our large scale networks. 89 00:03:45,960 --> 00:03:49,800 NTP is going to operate over Port 123. 90 00:03:49,800 --> 00:03:51,630 The next one you need to remember is SIP, 91 00:03:51,630 --> 00:03:53,760 or the Session Initiation Protocol, 92 00:03:53,760 --> 00:03:57,810 which operates over reports 5060 and 5061, 93 00:03:57,810 --> 00:03:59,640 and SIP is going to be used in various forms 94 00:03:59,640 --> 00:04:01,080 of communication over the internet, 95 00:04:01,080 --> 00:04:03,660 including voiceover IP services. 96 00:04:03,660 --> 00:04:07,410 The final one you need to remember is LDAP and LDAPS. 97 00:04:07,410 --> 00:04:09,660 LDAP is the insecure version that provides 98 00:04:09,660 --> 00:04:11,970 directory services and allows for the retrieval 99 00:04:11,970 --> 00:04:14,760 and management of relevant information across the network 100 00:04:14,760 --> 00:04:17,370 using Port 389. 101 00:04:17,370 --> 00:04:20,160 When we want security, we're going to use LDAPS 102 00:04:20,160 --> 00:04:23,160 or LDAPS over Port 636, 103 00:04:23,160 --> 00:04:25,800 which provides secure directory service transactions 104 00:04:25,800 --> 00:04:28,350 that protects your sensitive data during the transmission 105 00:04:28,350 --> 00:04:30,783 by placing it inside of an encrypted tunnel.