What it is
A quick reference for commonly used network ports and their associated services, useful for network troubleshooting, security auditing, and general understanding of network communication.
Installation
This is a reference document, not a software tool, so no installation is required.
Core Concepts
- Port Numbers: A 16-bit number (0-65535) that identifies a specific process or service on a network device. Ports are divided into three ranges:
- Well-Known Ports (0-1023): Reserved for critical system services. Usually require root/administrator privileges to bind to.
- Registered Ports (1024-49151): Available for use by applications and services. IANA (Internet Assigned Numbers Authority) maintains a registry.
- Dynamic/Private Ports (49152-65535): Used for ephemeral ports by clients and for private/unregistered services.
Commands / Usage
This is a reference, not a command-line tool. The "usage" is understanding which port number corresponds to which service.
TCP (Transmission Control Protocol) Ports
| Port | Protocol | Service | Description |
|---|---|---|---|
| 20 | TCP | FTP (Data) | File Transfer Protocol (active mode data connections). |
| 21 | TCP | FTP (Control) | File Transfer Protocol (command and control connections). |
| 22 | TCP | SSH | Secure Shell Remote Login protocol for secure access to remote machines. |
| 23 | TCP | Telnet | Unencrypted network protocol used for text-based communication, often for remote login. (Generally discouraged). |
| 25 | TCP | SMTP | Simple Mail Transfer Protocol for sending email. |
| 53 | TCP | DNS (Zone Transfer) | Domain Name System queries (often for zone transfers between DNS servers). |
| 69 | UDP | TFTP | Trivial File Transfer Protocol, a simple file transfer protocol. |
| 80 | TCP | HTTP | Hypertext Transfer Protocol, the foundation of data communication for the World Wide Web. |
| 110 | TCP | POP3 | Post Office Protocol version 3, used for retrieving email from a mail server. |
| 119 | TCP | NNTP | Network News Transfer Protocol, used for Usenet newsgroups. |
| 123 | UDP | NTP | Network Time Protocol for synchronizing clocks over a network. |
| 137 | UDP | NetBIOS Name Service | Network Basic Input/Output System name resolution. |
| 138 | UDP | NetBIOS Datagram Service | Network Basic Input/Output System datagram service for communication. |
| 139 | TCP | NetBIOS Session Service | Network Basic Input/Output System session service for file and printer sharing (SMB). |
| 143 | TCP | IMAP | Internet Message Access Protocol, used for accessing email on a remote mail server. |
| 161 | UDP | SNMP | Simple Network Management Protocol for network device management. |
| 162 | TCP | SNMP Trap | SNMP Trap receiver for receiving notifications from network devices. |
| 194 | TCP | IRC | Internet Relay Chat for real-time text messaging. |
| 389 | TCP | LDAP | Lightweight Directory Access Protocol for accessing and maintaining distributed directory information. |
| 443 | TCP | HTTPS | Hypertext Transfer Protocol Secure, the secure version of HTTP. |
| 445 | TCP | Microsoft-DS (SMB) | Server Message Block protocol for file and printer sharing in Windows networks. |
| 514 | TCP | Syslog | System Logging Protocol for sending log messages. |
| 546 | TCP | DHCPv6 Client | Dynamic Host Configuration Protocol for IPv6 client. |
| 547 | UDP | DHCPv6 Server | Dynamic Host Configuration Protocol for IPv6 server. |
| 587 | TCP | SMTP (Submission) | Mail Submission Agent (MSA) for sending email, often used with authentication. |
| 636 | TCP | LDAPS | Lightweight Directory Access Protocol over SSL/TLS for secure directory access. |
| 873 | TCP | rsync | Remote Synchronization protocol for efficient file transfer. |
| 993 | TCP | IMAPS | IMAP over SSL/TLS. |
| 995 | TCP | POP3S | POP3 over SSL/TLS. |
| 1433 | TCP | Microsoft SQL Server | Default port for Microsoft SQL Server. |
| 1521 | TCP | Oracle | Default port for Oracle Database. |
| 1723 | TCP | PPTP | Point-to-Point Tunneling Protocol for VPNs. |
| 3306 | TCP | MySQL | Default port for MySQL Database. |
| 3389 | TCP | RDP | Remote Desktop Protocol for remote graphical access to Windows machines. |
| 5432 | TCP | PostgreSQL | Default port for PostgreSQL Database. |
| 5900 | TCP | VNC | Virtual Network Computing for remote graphical desktop control. |
| 5985 | TCP | WinRM (HTTP) | Windows Remote Management over HTTP. |
| 5986 | TCP | WinRM (HTTPS) | Windows Remote Management over HTTPS. |
| 6379 | TCP | Redis | Default port for Redis in-memory data structure store. |
| 7000 | TCP | Docker Registry (HTTP) | Often used for unsecured Docker registry access. |
| 7001 | TCP | Docker Registry (HTTPS) | Often used for secured Docker registry access. |
| 8080 | TCP | HTTP-Alt / Proxy | Commonly used for alternative HTTP services, proxy servers, or development web servers. |
| 8443 | TCP | HTTPS-Alt | Alternative HTTPS port, often used for development or non-standard web applications. |
| 9090 | TCP | Cockpit | Web-based server administration interface. |
| 10000 | TCP | Webmin | Web-based system administration tool. |
| 27017 | TCP | MongoDB | Default port for MongoDB Database. |
| 30000 | TCP | Docker Daemon | Default port for Docker daemon communication. |
UDP (User Datagram Protocol) Ports
| Port | Protocol | Service | Description |
|---|---|---|---|
| 53 | UDP | DNS | Domain Name System queries (primary protocol for DNS lookups). |
| 67 | UDP | DHCP Server | Dynamic Host Configuration Protocol server for assigning IP addresses and network configurations. |
| 68 | UDP | DHCP Client | Dynamic Host Configuration Protocol client for requesting IP addresses. |
| 69 | UDP | TFTP | Trivial File Transfer Protocol, a simple file transfer protocol. |
| 123 | UDP | NTP | Network Time Protocol for synchronizing clocks over a network. |
| 161 | UDP | SNMP | Simple Network Management Protocol for network device management. |
| 500 | UDP | IKE | Internet Key Exchange protocol used for establishing IPsec security associations. |
| 518 | UDP | Apple Remote Desktop | Used by Apple Remote Desktop for management. |
| 520 | UDP | RIP | Routing Information Protocol, an older distance-vector routing protocol. |
| 5353 | UDP | mDNS | Multicast DNS for name resolution in local networks without a DNS server. |
| 5355 | UDP | LLMNR | Link-Local Multicast Name Resolution, similar to mDNS, used in Windows networks. |
| 4500 | UDP | NAT-T (IPsec) | NAT Traversal for IPsec, allowing IPsec to work through network address translators. |
| 3478 | UDP | STUN | Session Traversal Utilities for NAT, used to discover public IP address and port for NAT. |
| 3479 | UDP | TURN | Traversal Using Relays around NAT, used when STUN fails, relaying traffic through a server. |
| 5060 | UDP | SIP | Session Initiation Protocol, used for voice and video calls, instant messaging, and presence. |
| 5061 | UDP | SIP-TLS | SIP over TLS for secure voice and video communication. |
| 51820 | UDP | WireGuard | Modern VPN protocol. |
Common Patterns
-
Checking if a port is open (Linux/macOS):
nc -zv 192.168.1.100 80 # or telnet 192.168.1.100 22This attempts to connect to port 80 (HTTP) or 22 (SSH) on
192.168.1.100to see if a service is listening. -
Checking if a port is open (Windows PowerShell):
Test-NetConnection -ComputerName 192.168.1.100 -Port 443This tests connectivity to port 443 (HTTPS) on
192.168.1.100. -
Listing listening ports (Linux/macOS):
sudo netstat -tulnp # or sudo ss -tulnpThis shows TCP (
t) and UDP (u) listening (l) ports, along with the process ID (p) and name. -
Listing listening ports (Windows PowerShell):
Get-NetTCPConnection -State ListenThis lists all active TCP connections in a listening state.
-
Firewall rule examples (conceptual):
- Allowing inbound HTTP traffic:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT(Linux) - Allowing inbound SSH traffic:
ufw allow ssh(Ubuntu/Debian) - Denying all inbound traffic by default:
iptables -P INPUT DROP(Linux)
- Allowing inbound HTTP traffic:
Gotchas
- Port Forwarding vs. Port Mapping: While related, port forwarding (on routers) directs traffic from an external IP/port to an internal IP/port, while port mapping (e.g., in Docker) maps a host port to a container port.
- Ephemeral Ports: Client applications typically use dynamic (ephemeral) ports (49152-65535) for outgoing connections. These are assigned by the OS and can change.
- Service Misconfiguration: A service might be configured to run on a non-standard port. Always verify by checking the serviceβs configuration file or process list.
- Firewalls: Network firewalls (both host-based and network devices) can block access to ports, even if a service is running.
- UDP vs. TCP: Understanding whether a service uses TCP or UDP is crucial for troubleshooting. TCP is connection-oriented and reliable; UDP is connectionless and faster but less reliable. For example, DNS primarily uses UDP for queries but can use TCP for zone transfers.
- IANA Port Assignments: While IANA assigns ports, they can be overridden or used by different services, especially in custom or embedded systems. Always confirm with actual network analysis.