Port 22 is the well-known port number that is usually used for SSH connection.
SSH provides a secure connection to the remote device in which the communication is encrypted so it provides safety to the data and network.
Port 22 protocol
This port supports both TCP/UDP connections; it depends upon the application that what type of connection will be used. Some applications use UDP while others use TCP communication.
SSH uses the TCP protocol which is used for creating a reliable connection. On the other hand, applications like pcAnywhere use UDP protocol to communicate on port 22. To establish a connection to the remote device, pcanywhere software can be used. This software is developed by Symantec Company.
One of the most well know SSH clients is putty, you can see in the image below that putty uses port 22 for the SSH connection.
We can use putty for the telnet connection as well however Telnet does not provide security as it sends the traffic over the unencrypted connection.
Secure port 22
For proper security of our network devices, we must secure port 22 on our devices. We can use a firewall to allow traffic from only authorized devices in our network. A strong password should be configured for the allowed SSH connections.
Port security should be configured on both hardware and software layers. There are different types of devices available to secure the ports at different layers so we should use whatever we have to secure the information.
If we are not using port 22 in our network then it should be closed using the firewall or access list. Closing the port saves the network from cyber-attacks. If the port is open, it does not matter how strong the security is because an attacker may find a loophole to break in so the best option is to close the port when it is not in use.
There are known viruses and Trojans that use this port to attack the network.
How to check if port 22 is open
In Linux, we can use the tool NMAP. This tool will scan the port and let us know the state of the port in clear text.
In windows, we can use the application PortQry.exe. This application is easy to use and provides us graphical user interface. It will check and let us know if the port is listening or not listening. If the port is listening then it means that it is open.
Port 22 in packet tracer
In packet tracer, we can generate the SSH traffic to test the SSH connectivity and you can see in the image below that the SSH traffic will be sent on the destination port 22.
We can also create an access list to manage the SSH port. A firewall application available in the end device can be used as well to block or allow SSH traffic.
You can create a simulation lab in packet tracer to secure the TCP port 22 and try different ways to block the connection on this port.