CYBERSECURITY LAB β€’ INTERACTIVE SIMULATION

πŸ”₯ See How Hackers Target Open Network Ports β€” Interactive Cyber Attack Simulation Lab

Step inside a real-world cybersecurity lab where you explore how attackers scan, exploit, and defend against TCP/UDP ports like SSH, DNS, HTTP, SMB, and databases.

By β€’ β€’ Cybersecurity Learning Platform
⚠️ CYBERSECURITY TRAINING ENVIRONMENT
All attacks shown here are SIMULATED for educational purposes only. No real systems are targeted.
Click to flip
Port 80
HTTP
Standard unencrypted web traffic used by websites.
Commonly Targeted
Attack Simulation
> scanning target...
> port 80 OPEN
> sniffing unencrypted traffic...
> possible credential exposure

Defensive Strategy

Redirect HTTP traffic to HTTPS and use TLS encryption to prevent packet sniffing and man-in-the-middle attacks.

βœ” Recommended: Use HTTPS (Port 443) + HSTS
Click to flip
Port 22
SSH
Secure remote server access used by administrators.
Brute Force Target
Attack Simulation
> scanning server...
> port 22 detected
> attempting password spray...
> login attempts blocked

Defensive Strategy

Use SSH keys, disable root login, enable MFA, and configure fail2ban to block brute-force attempts.

βœ” Recommended: SSH Keys + MFA + Fail2Ban
Click to flip
Port 53
DNS
Resolves domain names into IP addresses.
DNS Spoofing Risk
Attack Simulation
> intercepting DNS query...
> forged DNS response sent
> redirecting victim...
> phishing page loaded

Defensive Strategy

Use DNSSEC and encrypted DNS protocols to protect against spoofed DNS responses.

βœ” Recommended: DNSSEC + DNS over HTTPS
Click to flip
Port 3389
RDP
Windows Remote Desktop service.
High-Risk Exposure
Attack Simulation
> scanning remote host...
> RDP service exposed
> attempting exploit chain...
> firewall denied connection

Defensive Strategy

Never expose RDP directly to the internet. Use VPNs, MFA, and IP allowlisting.

βœ” Recommended: VPN + MFA + Restricted Access
Click to flip
Port 443
HTTPS
Secure encrypted web traffic used for modern websites and online transactions.
Secure Standard
Attack Simulation
> scanning encrypted traffic...
> TLS handshake detected
> interception attempt failed
> encryption protects data

Defensive Strategy

Use strong TLS versions (1.2/1.3), proper certificate management, and HSTS to enforce secure connections.

βœ” Recommended: TLS 1.3 + HSTS + Secure Certificates
Click to flip
Port 21
FTP
File Transfer Protocol used to upload and download files between systems.
Insecure by Default
Attack Simulation
> connecting to FTP server...
> credentials sent in plain text
> packet sniffing active
> data compromise possible

Defensive Strategy

Replace FTP with SFTP or FTPS to encrypt credentials and file transfers.

βœ” Recommended: SFTP / FTPS + Disable Plain FTP
Click to flip
Port 25
SMTP
Email sending protocol used by mail servers.
Spam & Abuse Target
Attack Simulation
> sending bulk email requests...
> spoofed sender detected
> spam filter triggered
> email blocked

Defensive Strategy

Use SPF, DKIM, and DMARC to prevent email spoofing and spam abuse.

βœ” Recommended: SPF + DKIM + DMARC
Click to flip
Port 110
POP3
Email retrieval protocol used to download emails from a mail server to a device.
Legacy Email Protocol
Attack Simulation
> connecting to POP3 server...
> credentials transmitted in plain text
> mailbox access attempted
> session intercepted

Defensive Strategy

Use POP3S (SSL/TLS) or switch to IMAP with encryption for safer email handling.

βœ” Recommended: POP3S / IMAPS + TLS Encryption
Click to flip
Port 143
IMAP
Email synchronization protocol used to access mail across multiple devices.
Multi-Device Email Sync
Attack Simulation
> syncing mailbox...
> session token intercepted
> email headers exposed
> unauthorized sync attempt blocked

Defensive Strategy

Always enforce IMAPS (port 993) with encrypted authentication and secure session handling.

βœ” Recommended: IMAPS + Secure Tokens + MFA
Click to flip
Port 445
SMB
Windows file sharing protocol used for network file access and printer sharing.
Ransomware Target
Attack Simulation
> scanning SMB shares...
> vulnerable endpoint detected
> exploiting file share access...
> ransomware deployment risk HIGH

Defensive Strategy

Disable SMBv1, restrict file sharing access, and use network segmentation to reduce exposure.

βœ” Recommended: SMBv2/3 + Firewall Rules + Segmentation
Click to flip
Port 3306
MySQL
Database service commonly used by websites and enterprise applications.
Database Exposure Risk
Attack Simulation
> probing MySQL service...
> weak credentials detected
> dumping database records...
> sensitive data exposed

Defensive Strategy

Restrict remote access, enforce strong passwords, and use least-privilege database accounts.

βœ” Recommended: Firewall + Strong Authentication + Backups
Click to flip
Port 5432
PostgreSQL
Advanced open-source relational database used in enterprise and cloud systems.
Privilege Escalation Risk
Attack Simulation
> scanning PostgreSQL instance...
> default role discovered
> querying internal tables...
> privilege escalation attempt blocked

Defensive Strategy

Disable unnecessary external access and audit database permissions regularly.

βœ” Recommended: RBAC + Network Restrictions + Monitoring
Click to flip
Port 6379
Redis
In-memory database and caching system often targeted when exposed publicly.
Remote Code Execution Risk
Attack Simulation
> unauthenticated Redis access...
> modifying server configuration...
> injecting malicious cron job...
> persistence mechanism detected

Defensive Strategy

Never expose Redis publicly and require authentication with protected mode enabled.

βœ” Recommended: Bind Localhost + AUTH + Firewall Rules
Click to flip
Port 27017
MongoDB
NoSQL database frequently used in web apps and cloud-native environments.
Public Exposure Risk
Attack Simulation
> open MongoDB instance found...
> browsing collections...
> customer records exposed...
> ransom note inserted into database

Defensive Strategy

Enable authentication, disable public exposure, and encrypt sensitive stored data.

βœ” Recommended: Access Control + Encryption + VPN Access
Click to flip
Port 8080
HTTP Proxy
Alternative web server and proxy port commonly used for testing and admin panels.
Admin Console Target
Attack Simulation
> scanning admin interface...
> outdated web console found...
> attempting default credentials...
> unauthorized dashboard access

Defensive Strategy

Secure admin panels with MFA, IP restrictions, and strong authentication policies.

βœ” Recommended: MFA + Reverse Proxy + Patch Management
Click to flip
Port 23
Telnet
Legacy remote access protocol that sends credentials without encryption.
Extremely Insecure
Attack Simulation
> sniffing Telnet session...
> plaintext password captured
> remote login established...
> attacker gained shell access

Defensive Strategy

Disable Telnet entirely and replace it with encrypted SSH access.

βœ” Recommended: Disable Telnet + Use SSH

Cybersecurity Port Quiz

Test your knowledge of ports, protocols, and attack scenarios.

1. Which port is commonly used for secure web traffic?

2. Which protocol is considered insecure because it sends passwords in plain text?

3. Which port is commonly targeted by ransomware attacks on Windows file shares?

4. Which port is used by SSH for secure remote login?

5. Which port is commonly used for DNS services?

6. What is the main risk of using Telnet (Port 23)?

7. Which protocol is used for secure file transfer?

8. Which port is associated with SMTP (email sending)?

9. Which attack is commonly associated with port 445?

10. A company wants to secure remote administrative access to servers. Which solution is BEST?

11. A firewall is BEST described as which of the following?

12. Which protocol ensures data encryption during web browsing?

13. A company experiences encrypted files and a ransom note. What type of attack occurred?

14. What is the PRIMARY purpose of a port scan?

15. Which security control BEST improves authentication security?

16. Which security principle ensures users only have the permissions they need to perform their job?

17. Which technology helps prevent DNS spoofing attacks?

18. What does β€œencryption at rest” protect?

19. What is the BEST way to reduce attack surface on a server?

20. Which type of malware spreads by copying itself across networks without user interaction?

21. What is the PRIMARY purpose of network segmentation?

Cybersecurity Learning Resources

Explore networking fundamentals, port security, and ethical hacking concepts used in real-world cybersecurity roles.

Visit AbabioLearns Platform β†’