Common Port Reference
190 ports found
| Port | Protocol | Service | Description | Category |
|---|---|---|---|---|
7 | TCP/UDP | Echo | Echo protocol (network testing) | Well-Known |
9 | TCP/UDP | Discard | Discard protocol / Wake-on-LAN (UDP) | Well-Known |
13 | TCP/UDP | Daytime | Daytime protocol (human-readable time) | Well-Known |
17 | TCP/UDP | QOTD | Quote of the Day protocol | Well-Known |
19 | TCP/UDP | Chargen | Character Generator protocol (network testing) | Well-Known |
20 | TCP | FTP-DATA insecure | FTP data transfer | Well-Known |
21 | TCP | FTP insecure | File Transfer Protocol control | Well-Known |
22 | TCP | SSH | Secure Shell remote login | Well-Known |
23 | TCP | Telnet insecure | Unencrypted remote login (deprecated) | Well-Known |
25 | TCP | SMTP | Simple Mail Transfer Protocol | Well-Known |
37 | TCP/UDP | Time | Time protocol (machine-readable time) | Well-Known |
43 | TCP | WHOIS | WHOIS directory service | Well-Known |
49 | TCP/UDP | TACACS | Terminal Access Controller Access-Control System | Well-Known |
53 | TCP/UDP | DNS | Domain Name System resolution | Well-Known |
67 | UDP | DHCP-S | Dynamic Host Configuration (server) | Well-Known |
68 | UDP | DHCP-C | Dynamic Host Configuration (client) | Well-Known |
69 | UDP | TFTP insecure | Trivial File Transfer Protocol | Well-Known |
70 | TCP | Gopher | Gopher document retrieval protocol (deprecated) | Well-Known |
79 | TCP | Finger insecure | Finger user information protocol (deprecated) | Well-Known |
80 | TCP | HTTP | HyperText Transfer Protocol (web) | Well-Known |
88 | TCP/UDP | Kerberos | Kerberos authentication system | Well-Known |
104 | TCP/UDP | DICOM | Digital Imaging and Communications in Medicine | Well-Known |
109 | TCP | POP2 | Post Office Protocol v2 (obsolete) | Well-Known |
110 | TCP | POP3 | Post Office Protocol v3 (email retrieval) | Well-Known |
111 | TCP/UDP | RPCbind | Sun Remote Procedure Call | Well-Known |
113 | TCP | Ident | Identification / Auth protocol | Well-Known |
119 | TCP | NNTP | Network News Transfer Protocol | Well-Known |
123 | UDP | NTP | Network Time Protocol | Well-Known |
135 | TCP/UDP | MS-RPC | Microsoft RPC / EPMAP | Well-Known |
137 | UDP | NetBIOS-NS | NetBIOS Name Service | Well-Known |
138 | UDP | NetBIOS-DGM | NetBIOS Datagram Service | Well-Known |
139 | TCP | NetBIOS-SSN | NetBIOS Session Service | Well-Known |
143 | TCP | IMAP | Internet Message Access Protocol | Well-Known |
161 | UDP | SNMP | Simple Network Management Protocol | Well-Known |
162 | UDP | SNMP-TRAP | SNMP Trap notifications | Well-Known |
177 | UDP | XDMCP | X Display Manager Control Protocol | Well-Known |
179 | TCP | BGP | Border Gateway Protocol (internet routing) | Well-Known |
194 | TCP | IRC | Internet Relay Chat | Well-Known |
220 | TCP/UDP | IMAP3 | Internet Message Access Protocol v3 | Well-Known |
389 | TCP/UDP | LDAP | Lightweight Directory Access Protocol | Well-Known |
427 | TCP/UDP | SLP | Service Location Protocol | Well-Known |
443 | TCP | HTTPS | HTTP Secure (SSL/TLS) | Well-Known |
445 | TCP | SMB | Server Message Block (Windows file sharing) | Well-Known |
464 | TCP/UDP | Kpasswd | Kerberos password change | Well-Known |
465 | TCP | SMTPS | SMTP over TLS (email submission) | Well-Known |
500 | UDP | IKE | Internet Key Exchange (IPsec VPN) | Well-Known |
512 | TCP | rexec insecure | Remote process execution (deprecated) | Well-Known |
513 | TCP | rlogin insecure | Remote login (deprecated) | Well-Known |
514 | TCP | RSH insecure | Remote Shell (deprecated) | Well-Known |
514 | UDP | Syslog | System log protocol | Well-Known |
515 | TCP | LPD | Line Printer Daemon (print spooling) | Well-Known |
517 | UDP | Talk | Talk — user-to-user chat protocol | Well-Known |
520 | UDP | RIP | Routing Information Protocol | Well-Known |
540 | TCP | UUCP | Unix-to-Unix Copy Protocol | Well-Known |
543 | TCP | Kerberos-Login | Kerberos login | Well-Known |
546 | UDP | DHCPv6-C | DHCPv6 client | Well-Known |
547 | UDP | DHCPv6-S | DHCPv6 server | Well-Known |
548 | TCP | AFP | Apple Filing Protocol (macOS file sharing) | Well-Known |
554 | TCP/UDP | RTSP | Real Time Streaming Protocol (media) | Well-Known |
563 | TCP | NNTPS | NNTP over TLS/SSL | Well-Known |
587 | TCP | SMTP-Sub | SMTP email submission (STARTTLS) | Well-Known |
591 | TCP | FileMaker | FileMaker Web Publishing | Well-Known |
623 | UDP | IPMI | Intelligent Platform Management Interface | Well-Known |
631 | TCP/UDP | IPP | Internet Printing Protocol (CUPS) | Well-Known |
636 | TCP | LDAPS | LDAP over TLS/SSL | Well-Known |
646 | TCP/UDP | LDP | MPLS Label Distribution Protocol | Well-Known |
694 | UDP | Linux-HA | Linux-HA heartbeat | Well-Known |
749 | TCP/UDP | Kerberos-Admin | Kerberos administration | Well-Known |
853 | TCP | DNS-TLS | DNS over TLS (DoT) | Well-Known |
860 | TCP | iSCSI | Internet Small Computer Systems Interface | Well-Known |
873 | TCP | rsync | rsync file synchronization | Well-Known |
902 | TCP/UDP | VMware | VMware ESXi host agent | Well-Known |
992 | TCP | Telnets | Telnet over TLS/SSL | Well-Known |
989 | TCP | FTPS-DATA | FTP data over TLS | Well-Known |
990 | TCP | FTPS | FTP control over TLS | Well-Known |
993 | TCP | IMAPS | IMAP over TLS/SSL | Well-Known |
995 | TCP | POP3S | POP3 over TLS/SSL | Well-Known |
1080 | TCP | SOCKS | SOCKS proxy protocol | Registered |
1099 | TCP | Java-RMI | Java Remote Method Invocation | Registered |
1119 | TCP/UDP | Battle.net | Blizzard Battle.net gaming service | Registered |
1194 | UDP | OpenVPN | OpenVPN default port | Registered |
1344 | TCP | ICAP | Internet Content Adaptation Protocol | Registered |
1352 | TCP | HCL-Notes | HCL Notes (formerly Lotus Notes) | Registered |
1414 | TCP | IBM-MQ | IBM MQ message queuing | Registered |
1433 | TCP | MSSQL | Microsoft SQL Server database | Registered |
1434 | UDP | MSSQL-Mon | Microsoft SQL Server browser | Registered |
1521 | TCP | Oracle DB | Oracle Database default listener | Registered |
1604 | TCP | Citrix-ICA | Citrix ICA (Independent Computing Architecture) | Registered |
1701 | UDP | L2TP | Layer 2 Tunneling Protocol VPN | Registered |
1716 | TCP | Minecraft-Net | Minecraft network protocol | Registered |
1723 | TCP | PPTP insecure | Point-to-Point Tunneling Protocol VPN | Registered |
1812 | UDP | RADIUS | RADIUS authentication | Registered |
1813 | UDP | RADIUS-Acct | RADIUS accounting | Registered |
1883 | TCP | MQTT insecure | MQTT messaging protocol (IoT, unencrypted) | Registered |
1900 | UDP | UPnP | Universal Plug and Play / SSDP discovery | Registered |
2049 | TCP/UDP | NFS | Network File System | Registered |
2000 | TCP | Cisco-SCCP | Cisco Skinny Client Control Protocol (VoIP) | Registered |
2082 | TCP | cPanel-HTTP | cPanel control panel (HTTP) | Registered |
2083 | TCP | cPanel | cPanel control panel (SSL) | Registered |
2086 | TCP | WHM | WHM (WebHost Manager) HTTP | Registered |
2087 | TCP | WHM-SSL | WHM (WebHost Manager) HTTPS | Registered |
2095 | TCP | cPanel-Mail | cPanel webmail (HTTP) | Registered |
2096 | TCP | cPanel-Mail-SSL | cPanel webmail (HTTPS) | Registered |
2181 | TCP | ZooKeeper | Apache ZooKeeper client | Registered |
2222 | TCP | DirectAdmin | DirectAdmin control panel / alternative SSH | Registered |
2375 | TCP | Docker insecure | Docker daemon (unencrypted) | Registered |
2376 | TCP | Docker-TLS | Docker daemon over TLS | Registered |
3000 | TCP | Dev-HTTP | Common development web server (Node.js, React) | Registered |
3128 | TCP | Squid | Squid HTTP proxy | Registered |
3260 | TCP | iSCSI | iSCSI initiator (storage networking) | Registered |
3268 | TCP | LDAP-GC | LDAP Global Catalog (Active Directory) | Registered |
3269 | TCP | LDAPS-GC | LDAP Global Catalog over TLS (Active Directory) | Registered |
3283 | TCP/UDP | Apple-RD | Apple Remote Desktop | Registered |
3306 | TCP | MySQL | MySQL / MariaDB database | Registered |
3389 | TCP | RDP | Remote Desktop Protocol (Windows) | Registered |
3478 | TCP/UDP | STUN | Session Traversal Utilities for NAT (WebRTC) | Registered |
3544 | UDP | Teredo | Teredo IPv6 tunneling | Registered |
3690 | TCP | SVN | Apache Subversion version control | Registered |
4000 | TCP | Dev-HTTP | Alternative development web server | Registered |
4200 | TCP | Angular | Angular CLI development server | Registered |
4222 | TCP | NATS | NATS messaging system | Registered |
4369 | TCP | EPMD | Erlang Port Mapper Daemon (RabbitMQ) | Registered |
4443 | TCP | Alt-HTTPS | Alternative HTTPS port | Registered |
4500 | UDP | IKEv2-NAT | IKEv2 IPsec NAT traversal | Registered |
4789 | UDP | VXLAN | Virtual Extensible LAN (container networking) | Registered |
5000 | TCP | Dev-HTTP | Development server / Flask default | Registered |
5044 | TCP | Logstash | Logstash Beats input (ELK stack) | Registered |
5060 | TCP/UDP | SIP | Session Initiation Protocol (VoIP) | Registered |
5061 | TCP | SIP-TLS | SIP over TLS (secure VoIP) | Registered |
5349 | TCP | TURNS | TURN over TLS (WebRTC relay) | Registered |
5353 | UDP | mDNS | Multicast DNS / Bonjour (Apple, Avahi) | Registered |
5355 | TCP/UDP | LLMNR | Link-Local Multicast Name Resolution (Windows) | Registered |
5432 | TCP | PostgreSQL | PostgreSQL database | Registered |
5601 | TCP | Kibana | Kibana analytics dashboard (ELK stack) | Registered |
5671 | TCP | AMQPS | AMQP over TLS (RabbitMQ secure) | Registered |
5672 | TCP | AMQP | Advanced Message Queuing Protocol (RabbitMQ) | Registered |
5900 | TCP | VNC | Virtual Network Computing | Registered |
5938 | TCP | TeamViewer | TeamViewer remote access | Registered |
5985 | TCP | WinRM | Windows Remote Management (HTTP) | Registered |
5986 | TCP | WinRM-HTTPS | Windows Remote Management (HTTPS) | Registered |
6000 | TCP | X11 insecure | X Window System display server | Registered |
6379 | TCP | Redis | Redis in-memory data store | Registered |
6443 | TCP | Kubernetes | Kubernetes API server | Registered |
6514 | TCP | Syslog-TLS | Syslog over TLS | Registered |
6881 | TCP/UDP | BitTorrent | BitTorrent peer-to-peer file sharing | Registered |
7001 | TCP | WebLogic | Oracle WebLogic Server | Registered |
7474 | TCP | Neo4j | Neo4j graph database HTTP interface | Registered |
7687 | TCP | Neo4j-Bolt | Neo4j Bolt binary protocol | Registered |
7946 | TCP/UDP | Docker-Swarm | Docker Swarm node communication | Registered |
8000 | TCP | Dev-HTTP | Development server (Django, Python http.server) | Registered |
8009 | TCP | Tomcat-AJP | Apache Tomcat AJP connector | Registered |
8069 | TCP | Odoo | Odoo ERP web interface | Registered |
8080 | TCP | HTTP-Alt | Alternative HTTP port / proxy | Registered |
8086 | TCP | InfluxDB | InfluxDB HTTP API | Registered |
8161 | TCP | ActiveMQ | Apache ActiveMQ web console | Registered |
8443 | TCP | HTTPS-Alt | Alternative HTTPS port | Registered |
8500 | TCP | Consul | HashiCorp Consul HTTP API | Registered |
8545 | TCP | Ethereum | Ethereum JSON-RPC API | Registered |
8883 | TCP | MQTT-TLS | MQTT over TLS (IoT messaging) | Registered |
8888 | TCP | Jupyter | Jupyter Notebook / JupyterLab | Registered |
8983 | TCP | Solr | Apache Solr search platform | Registered |
9000 | TCP | Dev-HTTP | Alternative development server port | Registered |
9042 | TCP | Cassandra | Apache Cassandra CQL native transport | Registered |
9090 | TCP | Prometheus | Prometheus monitoring server | Registered |
9092 | TCP | Kafka | Apache Kafka broker | Registered |
9100 | TCP | JetDirect | HP JetDirect / network printer raw printing | Registered |
9160 | TCP | Cassandra-Thrift | Apache Cassandra Thrift API (deprecated) | Registered |
9200 | TCP | Elasticsearch | Elasticsearch REST API | Registered |
9300 | TCP | Elasticsearch | Elasticsearch node communication | Registered |
9389 | TCP | AD-WS | Active Directory Web Services | Registered |
9418 | TCP | Git insecure | Git protocol (unauthenticated) | Registered |
9443 | TCP | HTTPS-Alt2 | Alternative HTTPS (VMware, various) | Registered |
10000 | TCP | Webmin | Webmin web-based system administration | Registered |
10250 | TCP | Kubelet | Kubernetes Kubelet API | Registered |
11211 | TCP/UDP | Memcached | Memcached distributed cache | Registered |
11371 | TCP | HKP | OpenPGP HTTP key server protocol | Registered |
15672 | TCP | RabbitMQ | RabbitMQ management console | Registered |
16443 | TCP | MicroK8s | Kubernetes MicroK8s API server | Registered |
17500 | TCP/UDP | Dropbox | Dropbox LAN sync discovery | Registered |
19132 | UDP | Minecraft-BE | Minecraft Bedrock Edition game server | Registered |
24800 | TCP | Synergy | Synergy keyboard/mouse sharing | Registered |
25565 | TCP | Minecraft | Minecraft Java Edition game server | Registered |
25672 | TCP | RabbitMQ-Node | RabbitMQ inter-node communication | Registered |
26257 | TCP | CockroachDB | CockroachDB distributed SQL database | Registered |
27015 | TCP/UDP | Steam | Steam / Source engine game servers | Registered |
27017 | TCP | MongoDB | MongoDB database | Registered |
27018 | TCP | MongoDB-Shard | MongoDB shardsvr | Registered |
27019 | TCP | MongoDB-Config | MongoDB configsvr | Registered |
28015 | TCP | Rust | Rust game server | Registered |
32400 | TCP | Plex | Plex Media Server | Registered |
About This Tool
How Network Ports Work
A network port is a 16-bit number (0–65535) that identifies a specific process or service on a networked device. When data arrives at a host, the operating system uses the destination port number to determine which application should receive it. Ports work in combination with IP addresses to form a complete socket address: an IP address identifies the host, and a port number identifies the application on that host.
Ports exist within two transport protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). TCP provides reliable, ordered, and error-checked delivery through a three-way handshake and acknowledgment mechanism. UDP provides faster but unreliable delivery without connection setup — suitable for real-time applications where some packet loss is acceptable. Some services use both TCP and UDP on the same port number for different purposes.
Well-Known Ports (0–1023)
Well-known ports, also called system ports, are assigned by IANA to standardized internet services and protocols. These ports require root or administrator privileges to bind on most operating systems, providing a security boundary between trusted system services and unprivileged user applications. The most important well-known ports include port 80 for HTTP web traffic, port 443 for HTTPS encrypted web traffic, port 22 for SSH remote access, port 25 for SMTP email relay, and port 53 for DNS name resolution.
Email involves several well-known ports: port 25 for server-to-server SMTP relay, port 587 for client-to-server SMTP submission with STARTTLS, port 465 for SMTP submission over implicit TLS, port 110 for POP3 mail retrieval, port 995 for POP3S (POP3 over TLS), port 143 for IMAP mail access, and port 993 for IMAPS (IMAP over TLS). Understanding these distinctions helps configure email clients, servers, and firewall rules correctly.
Registered Ports (1024–49151)
Registered ports are used by applications and services that are not core internet protocols but are widely recognized. Any application can use these ports without elevated privileges. IANA maintains a registry of registered port assignments, but registration is voluntary and the list is not exhaustive. Common registered ports include port 3306 for MySQL, port 5432 for PostgreSQL, port 27017 for MongoDB, port 6379 for Redis, port 3389 for Windows Remote Desktop, and port 8080 as a common HTTP alternative for development and proxies.
Modern cloud-native infrastructure adds several important registered ports: port 6443 for the Kubernetes API server, port 2376 for Docker daemon over TLS, port 9200 for Elasticsearch, port 9090 for Prometheus monitoring, and port 15672 for the RabbitMQ management console. DevOps engineers and developers regularly encounter these ports when configuring container orchestration, service meshes, monitoring stacks, and message brokers.
Dynamic and Ephemeral Ports (49152–65535)
Dynamic ports, also called ephemeral or private ports, are not assigned to specific services. The operating system allocates them temporarily to client-side connections. When your web browser connects to a server, the server listens on port 443, but your browser is assigned a random port from the ephemeral range for the return traffic. This ephemeral port is included in outgoing packets so the server knows where to send the response, and the operating system uses it to match incoming packets to the correct application.
The exact range for ephemeral ports varies by operating system. Linux defaults to 32768–60999, Windows uses 49152–65535 (matching the IANA recommendation), and older BSD systems traditionally used 1024–4999. This range can be configured via kernel parameters or registry settings when necessary — for example, high-traffic servers may expand the range to avoid running out of ephemeral ports under heavy load.
Insecure Ports and Their Secure Alternatives
Several widely used port assignments correspond to protocols that transmit data in cleartext, making them vulnerable to eavesdropping and interception on untrusted networks. Port 21 (FTP) and port 20 (FTP data) transmit files and credentials without encryption — SFTP (over SSH port 22) or FTPS (ports 989/990) should be used instead. Port 23 (Telnet) sends all data including passwords in cleartext — SSH on port 22 is the secure replacement that has made Telnet obsolete for remote administration.
Port 80 (HTTP) transmits web content without encryption, enabling passive monitoring and active injection of content. HTTPS on port 443 encrypts traffic with TLS. Port 1723 (PPTP VPN) uses weak encryption algorithms that have been cryptographically broken — OpenVPN (port 1194), WireGuard, or IKEv2 (port 500/4500) are secure alternatives. Port 9418 (the native Git protocol) provides unauthenticated read access to repositories — Git over SSH or HTTPS is preferred in production environments.
Ports in Firewall and Security Configuration
Firewall rules use port numbers to control which network services are accessible from the internet or between network segments. A typical web server configuration allows inbound TCP on ports 80 and 443 from any source, allows TCP on port 22 only from management IP ranges, and blocks all other inbound connections. This principle of allowing only necessary traffic, known as the principle of least privilege, minimizes the attack surface exposed to potential adversaries.
Port scanning tools such as nmap use connection attempts to different port numbers to identify which services are running on a host. Security teams use authorized port scans during vulnerability assessments to find unintended open ports that might indicate misconfigured services or malware. Network intrusion detection systems watch for port scans and attempts to connect to well-known malware command-and-control ports. Understanding common port assignments is foundational knowledge for anyone working in network security, system administration, or DevOps.
Database and Application Server Ports
Database servers use well-known registered ports that should be firewalled from public access in production environments. MySQL and MariaDB use port 3306, PostgreSQL uses port 5432, MongoDB uses port 27017, Redis uses port 6379, and Microsoft SQL Server uses port 1433. Oracle Database uses port 1521 for its default listener. These ports should only be accessible to application servers and administrators, never directly from the internet.
Application servers and development environments commonly use ports in the 3000–9999 range. Node.js and React development servers often run on port 3000, Python Flask defaults to port 5000, Ruby on Rails uses port 3000, and common alternatives include ports 4000, 4200 (Angular), 5173 (Vite), and 8080. When containerizing applications with Docker, internal container ports are mapped to host ports, making port reference knowledge essential for writing correct port mapping configurations.
Frequently Asked Questions
Yes, Common Port Reference is totally free :)
Yes, you can install the webapp as PWA.
Yes, any data related to Common Port Reference only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.
TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) ports are 16-bit numbers (0–65535) that identify specific applications or services on a networked device. When data arrives at a host, the port number tells the operating system which application should receive it. TCP provides reliable, ordered delivery with error checking, making it suitable for web, email, and file transfers. UDP provides faster, connectionless delivery without guaranteed delivery, making it suitable for DNS queries, video streaming, and gaming.
Well-known ports are port numbers 0–1023 assigned by IANA (Internet Assigned Numbers Authority) to standard network services. They require elevated (root/administrator) privileges to bind on most operating systems. Examples include port 80 for HTTP, port 443 for HTTPS, port 22 for SSH, port 25 for SMTP, and port 53 for DNS. These assignments are defined in RFC 1340 and are globally recognized.
Registered ports are port numbers 1024–49151 that are registered with IANA for specific services but do not require elevated privileges to bind. They are used by well-known applications and protocols that emerged after the well-known range was filled. Examples include port 3306 for MySQL, port 5432 for PostgreSQL, port 3389 for RDP, port 6379 for Redis, and port 8080 as an HTTP alternative.
Dynamic (ephemeral) ports are port numbers 49152–65535 that are not assigned to specific services. The operating system assigns them temporarily to client-side connections — when your browser connects to a web server, the server uses port 80 or 443, but your browser is assigned a random ephemeral port for the return traffic. These ports are also called private ports and are never registered with IANA.
Some ports are associated with protocols that transmit data in cleartext without encryption, making them vulnerable to eavesdropping and man-in-the-middle attacks. Examples include port 21 (FTP), port 23 (Telnet), port 80 (HTTP), and port 1723 (PPTP VPN). For Telnet, SSH (port 22) is the secure replacement. For FTP, SFTP (over SSH) or FTPS (port 990) are the secure alternatives. For HTTP, HTTPS (port 443) should be used instead.
Firewalls use port numbers as part of their rules to allow or block network traffic. A rule might allow inbound TCP traffic on port 443 (HTTPS) while blocking port 23 (Telnet). Stateful firewalls track connections and automatically allow return traffic for established connections. Understanding which services use which ports is essential for writing effective firewall rules that allow necessary services while minimizing the attack surface.