Question: What function do ports 21, 23, 25, 110 serve when protecting IP Traffic?
Ports 21, 23, 25, and 110 are used for specific network protocols that serve different functions when protecting IP traffic.
Port 21 is used for the File Transfer Protocol (FTP), which allows for the transfer of files between computers. It is often used by website administrators to upload and download website content. In terms of IP traffic protection, it is important to ensure that FTP connections are secure to prevent unauthorized access or data interception.
Port 23 is used for Telnet, a remote access protocol that allows a user to connect to a server or device remotely and execute commands as if they were physically present at the device. Telnet is an older protocol and has been largely replaced by more secure alternatives such as Secure Shell (SSH). In terms of IP traffic protection, Telnet connections can pose a security risk as they transmit data in clear text, making it easy for attackers to intercept and access sensitive information.
Port 25 is used for Simple Mail Transfer Protocol (SMTP), which is used to send and receive email messages. SMTP is often used by email clients such as Microsoft Outlook and Gmail to send and receive emails. In terms of IP traffic protection, SMTP connections must be secured to prevent unauthorized access or interception of emails containing sensitive information.
Port 110 is used for Post Office Protocol version 3 (POP3), which is used to retrieve email messages from a server. POP3 is often used by email clients to download emails from a server to a local computer. In terms of IP traffic protection, POP3 connections must also be secured to prevent unauthorized access or interception of emails containing sensitive information.
Through this process, certain routes are not considered for inclusion in the local route database.
Filters can be applied at the routers,
(output filtering) before the routes are announced or
(input filtering)as soon as a route is learned .
There are different reasons for filtering:
To ensure that the use of (RFC 1918) private address space does not leak out into the global Internet, networks should block these prefixes in both their output and input filtering. When a site is multihomed, announcing non-local routes to a neighbour different from the one it was learned from amounts to advertising the willingness to serve for transit. This is undesirable, unless suitable agreements are in place. You can avoid this issue by applying output filtering on these routes.
An ISP will typically perform input filtering on routes learned from a customer to restrict them to the addresses actually assigned to that customer.
Doing so makes address hijacking more difficult.
Similarly, an ISP will perform input filtering on routes learned from other ISPs to protect its customers from address hijacking. In some cases, routers have insufficient amounts of main memory to hold the full global BGP table. By applying input filtering on prefix length (eliminating all routes for prefixes longer than a given value), on AS count, or on some combination of the two, the local route database is limited to a subset of the global table. This practice is not recommended, as it can cause sub-optimal routing or even communication failures with small networks, and frustrate the traffic-engineering efforts of one's peers. In the past, route filtering was also used to prevent IPv4 blocks that are not yet delegated by IANA, commonly called bogon address space. As IANA has depleted its available IPv4 address space, this practice is no longer needed. Some networks are now blocking IPv4 prefixes that are being held at the Regional Internet Registries (RIR) and not yet delegated to any network. As RIRs delegate resources on a daily basis, this practice requires a daily update to the route filter. Unless a network has an automated and reliable tool to check the RIR databases, it is best not to perform this level of route filtering.