Data Link Layer

The data link layer provides the upper layers access to the network media. It is responsible for controlling access to the media, encapsulating packets into appropriately sized frames for the media used, physical addressing, the exchange of frames between nodes on the local network, and error detection.Overview

Media Access Control

Layer 2, Local Area Network Technologies
and their Media Access Control Characteristics

Ethernet Wireless Ethernet	Token Ring FDDI
Contention Based (first come first serve)	Deterministic Control Based
Collisions	No Collisions
Send anytime (non-deterministic)	Wait for your turn (deterministic)
Physical Star Topology Logical Multi-Access or Bus Topology	Token Ring = Physical Star, Logical Ring Topology FDDI = Physical Dual Ring, Logical Ring
efficient use of bandwidth (send anytime)	Inefficient use of bandwidth (you have to wait your turn)
CSMA/CD (ethernet) CSMA/CA (wireless ethernet)	Token Passing

Control Based Access - Controlled access means that devices or nodes take turns in sequence. It is deterministic in that there is scheduled access of the medium. If one device is putting data on the network then no other device can. Well ordered and predictable throughput, can be an inefficient use of bandwidth, as a device has to wait it's turn.

Contention Based Access - Contention based access is also called non-deterministic. This means that the devices on the network don't need to take turns using shared media. However, to avoid total chaos, a Carrier Sense Multiple Access (CSMA) process is used to make sure the media is not in use before a device begins to transmit. Though devices attempt to make sure the media is not busy, data collisions still occur with contention based access. Also, as more nodes are added to the network, the probability of collisions increases.

CSMA-CD (Carrier Sense Multi-Access with Collision Detection) is a media access method in which an ethernet host detects if a signal is being transmitted. If no signal is detected on the wire, then the host will transmit. There does exist the possibility that two or more hosts may sense the absence of a signal and transmit at the same time. If this happens, there is a collision of signals.

CSMA-CA (Carrier Sense Multi-Access with Collision Avoidance) stands for Collision Sense Multiple Access with Collision Avoidance. This is used for wireless media access control. It uses a send and reply like the TCP three way hand shake, in this way it reserves the right to send before sending. After each message is sent the hosts associated to the wireless access point run a randomization algorithm which sets a random priority on who gets to send next. That along with many control fields help to mitigate some of the interferences and other radio related wireless problems.

Network Topologies

Physical Topology versus Logical Topology - The physical topology is the arrangement of devices (nodes) and how they are physically connected to the network.

The logical topology is the way data is transferred from one device (node) to another regardless of how the devices are physically connected. It is also related to how each host sees other hosts on the network and how each host accesses the media. A network's logical topology is not necessarily the same as its physical topology. For instance, in an Ethernet network, computers are often connected to a switch or hub forming a physical star topology, but logically the way the data travels is a bus or multi-access topology. In a Token Ring network, computers are connected to a MAU multistation access unit, forming a physical star, but logically information travels clockwise from host to host in a ring topology. In FDDI, the physical topology is a dual ring (expensive) and logically it is also a ring. For additional information see: http://en.wikipedia.org/wiki/Network_topology

Topologies
Star
Bus or Multi-Access
Ring or Dual Ring
Point-to-Point
Mesh
Full Mesh

Point to Point Topology - directly connects two nodes. All frames are placed on the media by one node and taken off by the other. It can be both a physical and logical topology. Physically it is two nodes directly connected. Logically it is two nodes virtually connected directly, but passing through a network. It does not include the other devices in separate locations, that the data travels through. In this way it forms a virtual circuit between the two nodes. A virtual Circuit is a logical connection between two nodes and end users do not notice the intermedate devices.

Multi Access Topology - means that the nodes are communicating on the same shared media. Only one node can use the media at a time, and every node sees every frame on the medium. Of course, only the node to which the frame is addressed actually processes the frame. When sharing media, CSMA/CD and token passing are used to reduce collisions.

Ring Topology - In a physical ring topology each device is connected to two neighboring devices creating a physical ring almost like a physical bus. In a logical ring topology each node receives a frame in turn, and if the frame is not addressed to that node, it passes it on. In a Token Ring network, a node cannot send data on the network unless it has the token, the token is then passed to the next node and so on in a logical ring. For more information see:http://en.wikipedia.org/wiki/Ring_network

Data Link Layer Sub Layers 

LLC - Logical Link Control sub layer - Helps interface with the upper layers meaning the Network layer. Logical Link Control (LLC) places information in the frame that identifies which Network layer protocol is being used. This information allows multiple Layer 3 protocols, such as IP, IPX, Apple Talk, and DECNet, to utilize the different types of local media and interfaces, like Ethernet, Token Ring, different WAN serial protocols and interfaces such as PPP, HDLC, etc. .

MAC - Media Access Control sub layer - Media Access Control provides data link layer addressing with source and destination MAC addresses. These addresses are 48 bit physical addresses, usually written in hexadecimal format and burned into the NIC. Media Access Control is also responsible for marking the beginning and the ending of a frame with a start-of-frame and an end-of-frame delimiter. For more information see: http://en.wikipedia.org/wiki/Media_Access_Control 

Layer 2 Frames

Layer 2 frame characteristics are similar to other layers. There is a header, the data payload, and the trailer. The specifics of the frame differ in regards to the type of frame in question. There are LAN layer 2 technology frames (Ethernet, Token Ring) and WAN layer 2 technology frames (PPP, HDLC). One of the main differences is that ethernet frames have source and destination MAC addresses in their frame headers and serial technologies like PPP and HDLC do not.

 

Application Layer

The Application Layer is the layer closest to the end user. When you are using a program that is going to send something or contact someone over the internet you are using a network application that operates at the Application Layer. Each program/application that sends data over a network is identified by a particular protocol, at Layer 4 this protocol is associated with a port number. For example a web browser like Internet Explorer requests and receives pages from web servers its protocol is HTTP the hyper text transfer protocol and its correlative port number is port 80.

The applications that we use at Layer 7, the Application Layer are web browsers (HTTP) like Internet Explorer, a file transfer programs (FTP) like Filezilla, email clients (SMTP) like Microsoft Outlook Express and all flavors of Instant Messaging programs and P2P applications. There are also processes that run in the background that run at Layer 7, like DHCP which automates the process of requesting and receiving an IP address from a DHCP server. If you want to see these protocols in action all you need to do is use Wireshark. For instance, if we use the example of DHCP we learn that initiating DHCP involves a DHCP client talking to a DHCP server. The process is: 1. Client sends a DHCP DISCOVER 2. Server responds with a DHCP OFFER 3. Client sends a DHCP REQUEST 4. Server responds with a DHCP ACKnowledgement You can see the process of a client obtaining an IP address with DHCP in Wireshark (see video tutorial below).

This is a diagram of the OSI and TCP/IP Models and how they correspond to PDUs, Protocols and Devices  

This is a visual diagram of the process data goes through when sent over a network in a layered architecture

Transport Layer

Transport Layer

Share

The transport layer of both the OSI and TCP/IP models is very important. At this layer the data being prepared to be sent over the internet is broken into pieces called segments.Overview 

The PDU or protocol data unit at this layer is called a segment. Their are two main protocols that function at this layer TCP and UDP. TCP or transmission control protocol is a very reliable and connection oriented protocol. TCP is characterized as being reliable because of the fact that it will only send data once a three way handshake has first been established, it uses sequence numbers to track all segments and it also uses system of syns and acks (acknowledgments), and it will not send new data until an acknowledgement has been received for data already sent. If the acknowledgement is not received it will resend data. UDP or user datagram protocol on the other hand is not reliable, it is a best effort delivery system, a connectionless protocol, that does not require an established connection with another computer before sending data. UDP's advantage is the fact that its header fields or control information is a lot smaller than TCP's so there is a lot less to process and as a result it is a faster  but less reliable protocol.

TCP	UDP
segments- sequence numbers,acknowledgements, many header fields, lots of overhead	datagrams- no sequence numbering, few header fields,little overhead = fast
reliability -due to sequence numbering, and resending of data if no acknowledgement is received	unreliable - sends all data regardless of whether or not it was received
connection oriented - Three way handshake receiving computer prior to sending data	connectionless -  no handshake to establish connection
source and destination port numbers in the header	source and destination port numbers in the header
flow control - dynamically change the windows size to not overwhelm the receiver with data	no flow control

Here is a short list of some of the most useful port numbers. You should memorize these ports.

Port Number	Protocol
80	HTTP
23	Telnet
20,21	FTP
22	SSH
25	SMTP
53	DNS
110	POP

Well Known Ports	0 - 1023
Registered Ports	1024 - 49151
Dynamic Ports	49152 - 65535

List of TCP and UDP port numbers

This is a list of Internet socket port numbers used by protocols of the Transport Layer of the Internet Protocol Suite for the establishment 

of host-to-host communications.

Originally, these port numbers were used by the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP), but are

 used also for the Stream Control Transmission Protocol(SCTP), and the Datagram Congestion Control Protocol (DCCP). SCTP and

DCCP services usually use a port number that matches the service of the corresponding TCP or UDP implementation if they exist. The

 Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.^[1]

 However, many unofficial uses of both well-known and registered port numbers occur in practice.

The port numbers are divided into three ranges: the well-known ports, the registered ports, and the dynamic or private ports. The well-known ports are those from 0 through 1023. Examples include:

• 20 & 21: File Transfer Protocol (FTP)
• 22: Secure Shell (SSH)
• 23: Telnet remote login service
• 25: Simple Mail Transfer Protocol (SMTP)
• 53: Domain Name System (DNS) service
• 80: Hypertext Transfer Protocol (HTTP) used in the World Wide Web
• 110: Post Office Protocol (POP3)
• 119: Network News Transfer Protocol (NNTP)
• 143: Internet Message Access Protocol (IMAP)
• 161: Simple Network Management Protocol (SNMP)
• 443: HTTP Secure (HTTPS)

Use	Description	Color
Official	Port is registered with IANA for the application	white
Unofficial	Port is not registered with IANA for the application	blue
Multiple use	Multiple applications are known to use this port.	yellow

Table legend Well-known ports

The port numbers in the range from 0 to 1023 are the well-known ports. They are used by system processes that provide widely-used 

types of network services. On Unix-like operating systems, a process must execute with superuser privileges to be able to bind a network

 socket to an IP address using one of the well-known ports.

Port	TCP	UDP	Description	Status
0		UDP	Reserved	Official
1	TCP	UDP	TCP Port Service Multiplexer (TCPMUX)	Official
2	TCP	UDP	CompressNET[2] Management Utility[3]	Official
3	TCP	UDP	CompressNET[2] Compression Process[4]	Official
4	TCP	UDP	Unassigned	Official
5	TCP	UDP	Remote Job Entry	Official
7	TCP	UDP	Echo Protocol	Official
8	TCP	UDP	Unassigned	Official
9	TCP	UDP	Discard Protocol	Official
10	TCP	UDP	Unassigned	Official
11	TCP	UDP	Active Users (systat service)[5][6]	Official
12	TCP	UDP	Unassigned	Official
13	TCP	UDP	Daytime Protocol (RFC 867)	Official
14	TCP	UDP	Unassigned	Official
15	TCP	UDP	Previously netstat service[5]	Unofficial
16	TCP	UDP	Unassigned	Official
17	TCP	UDP	Quote of the Day	Official
18	TCP	UDP	Message Send Protocol	Official
19	TCP	UDP	Character Generator Protocol (CHARGEN)	Official
20	TCP		FTP—data transfer	Official
21	TCP		FTP—control (command)	Official
22	TCP		Secure Shell (SSH)—used for secure logins, file transfers (scp, sftp) and port forwarding	Official
23	TCP		Telnet protocol—unencrypted text communications	Official
24	TCP	UDP	Priv-mail : any private mail system.	Official
25	TCP		Simple Mail Transfer Protocol (SMTP)—used for e-mail routing between mail servers	Official
26	TCP	UDP	Unassigned	Official
27	TCP	UDP	NSW User System FE	Official
29	TCP	UDP	MSG ICP	Official
33	TCP	UDP	Display Support Protocol	Official
35	TCP	UDP	Any private printer server protocol	Official
37	TCP	UDP	TIME protocol	Official
39	TCP	UDP	Resource Location Protocol[7] (RLP)—used for determining the location of higher level services from hosts on a network	Official
40	TCP	UDP	Unassigned	Official
42	TCP	UDP	ARPA Host Name Server Protocol	Official
42	TCP	UDP	Windows Internet Name Service	Unofficial
43	TCP		WHOIS protocol	Official
47	TCP	UDP	NI FTP[7]	Official
49	TCP	UDP	TACACS Login Host protocol	Official
50	TCP	UDP	Remote Mail Checking Protocol[8]	Official
51	TCP	UDP	IMP Logical Address Maintenance	Official
52	TCP	UDP	XNS (Xerox Network Systems) Time Protocol	Official
53	TCP	UDP	Domain Name System (DNS)	Official
54	TCP	UDP	XNS (Xerox Network Systems) Clearinghouse	Official
55	TCP	UDP	ISI Graphics Language (ISI-GL)	Official
56	TCP	UDP	XNS (Xerox Network Systems) Authentication	Official
56	TCP	UDP	Route Access Protocol (RAP)[9]	Unofficial
57	TCP		Mail Transfer Protocol (RFC 780)	Official
58	TCP	UDP	XNS (Xerox Network Systems) Mail	Official
67		UDP	Bootstrap Protocol (BOOTP) Server; also used by Dynamic Host Configuration Protocol (DHCP)	Official
68		UDP	Bootstrap Protocol (BOOTP) Client; also used by Dynamic Host Configuration Protocol (DHCP)	Official
69		UDP	Trivial File Transfer Protocol (TFTP)	Official
70	TCP		Gopher protocol	Official
71	TCP		NETRJS protocol	Official
72	TCP		NETRJS protocol	Official
73	TCP		NETRJS protocol	Official
74	TCP		NETRJS protocol	Official
79	TCP		Finger protocol	Official
80	TCP		Hypertext Transfer Protocol (HTTP)	Official[10]
81	TCP		Torpark—Onion routing	Unofficial
82		UDP	Torpark—Control	Unofficial
88	TCP	UDP	Kerberos—authentication system	Official
90	TCP	UDP	dnsix (DoD Network Security for Information Exchange) Securit Attribute Token Map	Official
90	TCP	UDP	PointCast (dotcom)	Unofficial
99	TCP		WIP Message protocol	Unofficial
101	TCP		NIC host name	Official
102	TCP		ISO-TSAP (Transport Service Access Point) Class 0 protocol[11]	Official
104	TCP	UDP	ACR/NEMA Digital Imaging and Communications in Medicine	Official
105	TCP	UDP	CCSO Nameserver Protocol (Qi/Ph)	Official
107	TCP		Remote TELNET Service[12] protocol	Official
108	TCP	UDP	SNA Gateway Access Server [1]	Official
109	TCP		Post Office Protocol v2 (POP2)	Official
110	TCP		Post Office Protocol v3 (POP3)	Official
111	TCP	UDP	ONC RPC (SunRPC)	Official
113	TCP		ident—Authentication Service/Identification Protocol,[13] used by IRC servers to identify users	Official
113		UDP	Authentication Service[13] (auth)	Official
115	TCP		Simple File Transfer Protocol (SFTP)	Official
117	TCP		UUCP Path Service	Official
118	TCP	UDP	SQL (Structured Query Language) Services	Official
119	TCP		Network News Transfer Protocol (NNTP)—retrieval of newsgroup messages	Official
123		UDP	Network Time Protocol (NTP)—used for time synchronization	Official
135	TCP	UDP	DCE endpoint resolution	Official
135	TCP	UDP	Microsoft EPMAP (End Point Mapper), also known as DCE/RPC Locator service,[14] used to remotely manage services including DHCP server, DNSserver and WINS. Also used by DCOM	Unofficial
137	TCP	UDP	NetBIOS NetBIOS Name Service	Official
138	TCP	UDP	NetBIOS NetBIOS Datagram Service	Official
139	TCP	UDP	NetBIOS NetBIOS Session Service	Official
143	TCP		Internet Message Access Protocol (IMAP)—management of email messages	Official
152	TCP	UDP	Background File Transfer Program (BFTP)[15]	Official
153	TCP	UDP	SGMP, Simple Gateway Monitoring Protocol	Official
156	TCP	UDP	SQL Service	Official
158	TCP	UDP	DMSP, Distributed Mail Service Protocol[16]	Unofficial
161		UDP	Simple Network Management Protocol (SNMP)	Official
162	TCP	UDP	Simple Network Management Protocol Trap (SNMPTRAP)[17]	Official
170	TCP		Print-srv, Network PostScript	Official
175	TCP		VMNET (IBM z/VM, z/OS & z/VSE - Network Job Entry(NJE))	Official
177	TCP	UDP	X Display Manager Control Protocol (XDMCP)	Official
179	TCP		BGP (Border Gateway Protocol)	Official
194	TCP	UDP	Internet Relay Chat (IRC)	Official
199	TCP	UDP	SMUX, SNMP Unix Multiplexer	Official
201	TCP	UDP	AppleTalk Routing Maintenance	Official
209	TCP	UDP	The Quick Mail Transfer Protocol	Official
210	TCP	UDP	ANSI Z39.50	Official
213	TCP	UDP	Internetwork Packet Exchange (IPX)	Official
218	TCP	UDP	Message posting protocol (MPP)	Official
220	TCP	UDP	Internet Message Access Protocol (IMAP), version 3	Official
259	TCP	UDP	ESRO, Efficient Short Remote Operations	Official
264	TCP	UDP	BGMP, Border Gateway Multicast Protocol	Official
280	TCP	UDP	http-mgmt	Official
308	TCP		Novastor Online Backup	Official
311	TCP		Mac OS X Server Admin (officially AppleShare IP Web administration)	Official
318	TCP	UDP	PKIX TSP, Time Stamp Protocol	Official
319		UDP	Precision time protocol event messages	Official
320		UDP	Precision time protocol general messages	Official
350	TCP	UDP	MATIP-Type A, Mapping of Airline Traffic over Internet Protocol	Official
351	TCP	UDP	MATIP-Type B, Mapping of Airline Traffic over Internet Protocol	Official
366	TCP	UDP	ODMR, On-Demand Mail Relay	Official
369	TCP	UDP	Rpc2portmap	Official
370	TCP		codaauth2—Coda authentication server	Official
370		UDP	codaauth2—Coda authentication server	Official
370		UDP	securecast1—Outgoing packets to NAI's servers [18][dead link]	Unofficial
371	TCP	UDP	ClearCase albd	Official
383	TCP	UDP	HP data alarm manager	Official
384	TCP	UDP	A Remote Network Server System	Official
387	TCP	UDP	AURP, AppleTalk Update-based Routing Protocol[19]	Official
389	TCP	UDP	Lightweight Directory Access Protocol (LDAP)	Official
401	TCP	UDP	UPS Uninterruptible Power Supply	Official
427	TCP	UDP	Service Location Protocol (SLP)	Official
443	TCP		HTTPS (Hypertext Transfer Protocol over SSL/TLS)	Official
444	TCP	UDP	SNPP, Simple Network Paging Protocol (RFC 1568)	Official
445	TCP		Microsoft-DS Active Directory, Windows shares	Official
445	TCP		Microsoft-DS SMB file sharing	Official
464	TCP	UDP	Kerberos Change/Set password	Official
465	TCP		URL Rendesvous Directory for SSM (Cisco protocol)	Official
475	TCP	UDP	tcpnethaspsrv (Aladdin Knowledge Systems Hasp services, TCP/IP version)	Official
497	TCP		Dantz Retrospect	Official
500		UDP	Internet Security Association and Key Management Protocol (ISAKMP)	Official
502	TCP	UDP	Modbus, Protocol	Unofficial
504	TCP	UDP	Citadel—multiservice protocol for dedicated clients for the Citadel groupware system	Official
512	TCP		Rexec, Remote Process Execution	Official
512		UDP	comsat, together with biff	Official
513	TCP		rlogin	Official
513		UDP	Who[20]	Official
514	TCP		Shell—used to execute non-interactive commands on a remote system (Remote Shell, rsh, remsh)	Official
514		UDP	Syslog—used for system logging	Official
515	TCP		Line Printer Daemon—print service	Official
517		UDP	Talk	Official
518		UDP	NTalk	Official
520	TCP		efs, extended file name server	Official
520		UDP	Routing Information Protocol (RIP)	Official
524	TCP	UDP	NetWare Core Protocol (NCP) is used for a variety things such as access to primary NetWare server resources, Time Synchronization, etc.	Official
525		UDP	Timed, Timeserver	Official
530	TCP	UDP	RPC	Official
531	TCP	UDP	AOL Instant Messenger	Unofficial
532	TCP		netnews	Official
533		UDP	netwall, For Emergency Broadcasts	Official
540	TCP		UUCP (Unix-to-Unix Copy Protocol)	Official
542	TCP	UDP	commerce (Commerce Applications)	Official
543	TCP		klogin, Kerberos login	Official
544	TCP		kshell, Kerberos Remote shell	Official
545	TCP		OSIsoft PI (VMS), OSISoft PI Server Client Access	Unofficial
546	TCP	UDP	DHCPv6 client	Official
547	TCP	UDP	DHCPv6 server	Official
548	TCP		Apple Filing Protocol (AFP) over TCP	Official
550	TCP	UDP	new-rwho, new-who[20]	Official
554	TCP	UDP	Real Time Streaming Protocol (RTSP)	Official
556	TCP		Remotefs, RFS, rfs_server	Official
560		UDP	rmonitor, Remote Monitor	Official
561		UDP	monitor	Official
563	TCP	UDP	NNTP protocol over TLS/SSL (NNTPS)	Official
587	TCP		e-mail message submission[21] (SMTP)	Official
591	TCP		FileMaker 6.0 (and later) Web Sharing (HTTP Alternate, also see port 80)	Official
593	TCP	UDP	HTTP RPC Ep Map, Remote procedure call over Hypertext Transfer Protocol, often used by Distributed Component Object Model services and Microsoft Exchange Server	Official
604	TCP		TUNNEL profile,[22] a protocol for BEEP peers to form an application layer tunnel	Official
623		UDP	ASF Remote Management and Control Protocol (ASF-RMCP)	Official
631	TCP	UDP	Internet Printing Protocol (IPP)	Official
631	TCP	UDP	Common Unix Printing System (CUPS)	Unofficial
635	TCP	UDP	RLZ DBase	Official
636	TCP	UDP	Lightweight Directory Access Protocol over TLS/SSL (LDAPS)	Official
639	TCP	UDP	MSDP, Multicast Source Discovery Protocol	Official
641	TCP	UDP	SupportSoft Nexus Remote Command (control/listening): A proxy gateway connecting remote control traffic	Official
646	TCP	UDP	LDP, Label Distribution Protocol, a routing protocol used in MPLS networks	Official
647	TCP		DHCP Failover protocol[23]	Official
648	TCP		RRP (Registry Registrar Protocol)[24]	Official
651	TCP	UDP	IEEE-MMS	Official
653	TCP	UDP	SupportSoft Nexus Remote Command (data): A proxy gateway connecting remote control traffic	Official
654	TCP		Media Management System (MMS) Media Management Protocol (MMP)[25]	Official
657	TCP	UDP	IBM RMC (Remote monitoring and Control) protocol, used by System p5 AIX Integrated Virtualization Manager (IVM)[26] and Hardware Management Console to connect managed logical partitions (LPAR) to enable dynamic partition reconfiguration	Official
660	TCP		Mac OS X Server administration	Official
666		UDP	Doom, first online first-person shooter	Official
666	TCP		airserv-ng, aircrack-ng's server for remote-controlling wireless devices	Unofficial
674	TCP		ACAP (Application Configuration Access Protocol)	Official
691	TCP		MS Exchange Routing	Official
694	TCP	UDP	Linux-HA High availability Heartbeat	Official
695	TCP		IEEE-MMS-SSL (IEEE Media Management System over SSL)[27]	Official
698		UDP	OLSR (Optimized Link State Routing)	Official
700	TCP		EPP (Extensible Provisioning Protocol), a protocol for communication between domain name registries and registrars (RFC 5734)	Official
701	TCP		LMP (Link Management Protocol (Internet)),[28] a protocol that runs between a pair of nodes and is used to manage traffic engineering (TE) links	Official
702	TCP		IRIS[29][30] (Internet Registry Information Service) over BEEP (Blocks Extensible Exchange Protocol)[31] (RFC 3983)	Official
706	TCP		Secure Internet Live Conferencing (SILC)	Official
711	TCP		Cisco Tag Distribution Protocol[32][33][34]—being replaced by the MPLS Label Distribution Protocol[35]	Official
712	TCP		Topology Broadcast based on Reverse-Path Forwarding routing protocol (TBRPF) (RFC 3684)	Official
749	TCP	UDP	Kerberos (protocol) administration	Official
750		UDP	kerberos-iv, Kerberos version IV	Official
751	TCP	UDP	kerberos_master, Kerberos authentication	Unofficial
752		UDP	passwd_server, Kerberos Password (kpasswd) server	Unofficial
753	TCP		Reverse Routing Header (rrh)[36]	Official
753		UDP	Reverse Routing Header (rrh)	Official
753		UDP	userreg_server, Kerberos userreg server	Unofficial
754	TCP		tell send	Official
754	TCP		krb5_prop, Kerberos v5 slave propagation	Unofficial
754		UDP	tell send	Official
760	TCP	UDP	krbupdate [kreg], Kerberos registration	Unofficial
782	TCP		Conserver serial-console management server	Unofficial
783	TCP		SpamAssassin spamd daemon	Unofficial
808	TCP		Microsoft Net.TCP Port Sharing Service	Official
829	TCP		Certificate Management Protocol[37]	Unofficial
843	TCP		Adobe Flash[38]	Official
847	TCP		DHCP Failover protocol	Official
848	TCP	UDP	Group Domain Of Interpretation (GDOI) protocol	Official
860	TCP		iSCSI (RFC 3720)	Official
873	TCP		rsync file synchronisation protocol	Official USA only
888	TCP		cddbp, CD DataBase (CDDB) protocol (CDDBP)	Unofficial
897	TCP	UDP	Brocade SMI-S RPC	Unofficial
898	TCP	UDP	Brocade SMI-S RPC SSL	Unofficial
901	TCP		Samba Web Administration Tool (SWAT)	Unofficial
901	TCP		VMware Virtual Infrastructure Client (UDP from server being managed to management console)	Unofficial
901		UDP	VMware Virtual Infrastructure Client (UDP from server being managed to management console)	Unofficial
902	TCP		ideafarm-door	Official
902	TCP		VMware Server Console (TCP from management console to server being Managed)	Unofficial
902		UDP	ideafarm-door	Official
902		UDP	VMware Server Console (UDP from server being managed to management console)	Unofficial
903	TCP		VMware Remote Console [39]	Unofficial
904	TCP		VMware Server Alternate (if 902 is in use, i.e. SUSE linux)	Unofficial
911	TCP		Network Console on Acid (NCA)—local tty redirection over OpenSSH	Unofficial
944		UDP	Network File System (protocol) Service	Unofficial
953	TCP	UDP	Domain Name System (DNS) RNDC Service	Unofficial
973		UDP	Network File System (protocol) over IPv6 Service	Unofficial
981	TCP		SofaWare Technologies Remote HTTPS management for firewall devices running embedded Check Point FireWall-1 software	Unofficial
989	TCP	UDP	FTPS Protocol (data): FTP over TLS/SSL	Official
990	TCP	UDP	FTPS Protocol (control): FTP over TLS/SSL	Official
991	TCP	UDP	NAS (Netnews Administration System)[40]	Official
992	TCP	UDP	TELNET protocol over TLS/SSL	Official
993	TCP		Internet Message Access Protocol over SSL (IMAPS)	Official
995	TCP		Post Office Protocol 3 over TLS/SSL (POP3S)	Official
999	TCP		ScimoreDB Database System	Unofficial
1002	TCP		Opsware agent (aka cogbot)	Unofficial
1023	TCP	UDP	Reserved[1]	Official