In information security, we consider secure ports those that encrypt the communication, or all the data that passes through them. But, you need to be aware that this does not mean that they cannot be successfully attacked by a hacker.
There are many different security attacks that can be carried out even if the communication is encrypted.
Let me give you a list of ports that are considered secure as they encrypt the data that passes through them.
Port 22 (SFTP, SSH)
Secure File Transfer Protocol (SFTP) uses port 22 to send the user login information encrypted to a server. Also, it encrypts the data transmitted during the connection.
As the information is encrypted, it is difficult for an attacker to get access to the plain data being transmitted.
Secure Shell or Secure Socket Shell (SSH) uses port 22 to make sure that the information sent between the host and a server is encrypted.
Port 587 (SMTP)
Simple Mail Transfer Protocol (SMPT) uses port 587 to encrypt emails being sent by a user.
This is the alternative to using port 25 which is not encrypted; therefore it is not secure.
Port 853 (DoT)
We can use DNS over TLS (DoT) to protect domain DNS information.
The protection in this case means that an attacker won’t modify the data while is in transit.
Port 443 (HTTPS)
HTTP over SSL (HTTPS) is used to transmit encrypted data between the browser and a web server.
It is recommended to use TLS instead of SSL.
Port 993 (IMAP)
Internet Message Access Protocol (IMAP) uses port 993 to encrypt the traffic when receiving emails from a server.
It uses SSL/TLS to encrypt the traffic, making it secure.
Port 2049 (NFS)
Network File System (NFS) is a protocol used for file servers.
It can use encryption to transmit/access files in a network.
NFS is recommended to use only behind a firewall in a trusted network as it is vulnerable to internet threats.
Port 636 (LDAPS)
Lightweight Directory Access Protocol Secure (LDAPS) adds SSL/TLS to protect information while is in transit.
It is the alternative to use LDAP in port 389.
Note: Always use the latest proven version of each protocol. Most of these protocols are secure until they are not. So, it is important to keep yourself updated with current security threats and new protocol developments.
In this post, you can read about unsecured ports.
