Protocols, Ports & TCP vs UDP
What is a protocol?
A protocol is a set of rules for how devices communicate over a network.
Just as humans use languages to understand each other, computers use protocols. Without an agreed protocol, two machines exchange bytes that mean nothing to each other.
Common ones you will meet constantly:
| Protocol | Job |
|---|---|
| HTTP | transfers web pages |
| HTTPS | secure (encrypted) version of HTTP |
| FTP | transfers files |
| SSH | secure remote access to a shell |
| DNS | converts domain names into IP addresses |
| SMTP | sends email |
Ports: rooms inside a building
If an IP address is a building's street address, a port is a specific room inside it. One server (one IP) can run many services at once, each listening on its own port, so the port number says which program should receive the packet.
The four to know cold: 22 SSH, 80 HTTP, 443 HTTPS, 53 DNS.
TCP vs UDP
Two transport protocols carry almost everything, and they make opposite trade-offs:
TCP → reliable, ordered, error-recovery (web, email, SSH, file transfer)
UDP → connectionless, no recovery, fast (gaming, streaming, voice, DNS)
- TCP sets up a connection (the SYN/SYN-ACK/ACK handshake), guarantees delivery, and re-sends lost data. Choose it when every byte must arrive correctly.
- UDP just fires packets and hopes. There is no handshake and no re-send. Choose it when speed matters more than perfection, a dropped frame in a video call is better than a frozen call.
A quick test: would you rather the data be late but perfect (TCP) or fast but lossy (UDP)? Your answer picks the protocol.
Try it
Run ss (or netstat) in the terminal to see which ports are listening on a host, and notice the protocol column. Then nmap example.com shows the same idea from the outside: which ports a remote host has open.