Common Port Reference
75 ports found
| Port | Protocol | Service | Description | Category |
|---|---|---|---|---|
20 | TCP | FTP-DATA insecure | FTP data transfer | Well-Known |
21 | TCP | FTP insecure | File Transfer Protocol control | Well-Known |
22 | TCP | SSH | Secure Shell remote login | Well-Known |
23 | TCP | Telnet insecure | Unencrypted remote login (deprecated) | Well-Known |
25 | TCP | SMTP | Simple Mail Transfer Protocol | Well-Known |
53 | TCP/UDP | DNS | Domain Name System resolution | Well-Known |
67 | UDP | DHCP-S | Dynamic Host Configuration (server) | Well-Known |
68 | UDP | DHCP-C | Dynamic Host Configuration (client) | Well-Known |
69 | UDP | TFTP insecure | Trivial File Transfer Protocol | Well-Known |
80 | TCP | HTTP | HyperText Transfer Protocol (web) | Well-Known |
88 | TCP/UDP | Kerberos | Kerberos authentication system | Well-Known |
110 | TCP | POP3 | Post Office Protocol v3 (email retrieval) | Well-Known |
111 | TCP/UDP | RPCbind | Sun Remote Procedure Call | Well-Known |
119 | TCP | NNTP | Network News Transfer Protocol | Well-Known |
123 | UDP | NTP | Network Time Protocol | Well-Known |
135 | TCP/UDP | MS-RPC | Microsoft RPC / EPMAP | Well-Known |
137 | UDP | NetBIOS-NS | NetBIOS Name Service | Well-Known |
138 | UDP | NetBIOS-DGM | NetBIOS Datagram Service | Well-Known |
139 | TCP | NetBIOS-SSN | NetBIOS Session Service | Well-Known |
143 | TCP | IMAP | Internet Message Access Protocol | Well-Known |
161 | UDP | SNMP | Simple Network Management Protocol | Well-Known |
162 | UDP | SNMP-TRAP | SNMP Trap notifications | Well-Known |
179 | TCP | BGP | Border Gateway Protocol (internet routing) | Well-Known |
194 | TCP | IRC | Internet Relay Chat | Well-Known |
389 | TCP/UDP | LDAP | Lightweight Directory Access Protocol | Well-Known |
443 | TCP | HTTPS | HTTP Secure (SSL/TLS) | Well-Known |
445 | TCP | SMB | Server Message Block (Windows file sharing) | Well-Known |
465 | TCP | SMTPS | SMTP over TLS (email submission) | Well-Known |
500 | UDP | IKE | Internet Key Exchange (IPsec VPN) | Well-Known |
514 | UDP | Syslog | System log protocol | Well-Known |
515 | TCP | LPD | Line Printer Daemon (print spooling) | Well-Known |
520 | UDP | RIP | Routing Information Protocol | Well-Known |
546 | UDP | DHCPv6-C | DHCPv6 client | Well-Known |
547 | UDP | DHCPv6-S | DHCPv6 server | Well-Known |
587 | TCP | SMTP-Sub | SMTP email submission (STARTTLS) | Well-Known |
631 | TCP/UDP | IPP | Internet Printing Protocol (CUPS) | Well-Known |
636 | TCP | LDAPS | LDAP over TLS/SSL | Well-Known |
853 | TCP | DNS-TLS | DNS over TLS (DoT) | Well-Known |
989 | TCP | FTPS-DATA | FTP data over TLS | Well-Known |
990 | TCP | FTPS | FTP control over TLS | Well-Known |
993 | TCP | IMAPS | IMAP over TLS/SSL | Well-Known |
995 | TCP | POP3S | POP3 over TLS/SSL | Well-Known |
1080 | TCP | SOCKS | SOCKS proxy protocol | Registered |
1194 | UDP | OpenVPN | OpenVPN default port | Registered |
1433 | TCP | MSSQL | Microsoft SQL Server database | Registered |
1434 | UDP | MSSQL-Mon | Microsoft SQL Server browser | Registered |
1521 | TCP | Oracle DB | Oracle Database default listener | Registered |
1723 | TCP | PPTP insecure | Point-to-Point Tunneling Protocol VPN | Registered |
2049 | TCP/UDP | NFS | Network File System | Registered |
2181 | TCP | ZooKeeper | Apache ZooKeeper client | Registered |
2375 | TCP | Docker insecure | Docker daemon (unencrypted) | Registered |
2376 | TCP | Docker-TLS | Docker daemon over TLS | Registered |
3000 | TCP | Dev-HTTP | Common development web server port | Registered |
3306 | TCP | MySQL | MySQL / MariaDB database | Registered |
3389 | TCP | RDP | Remote Desktop Protocol (Windows) | Registered |
4000 | TCP | Dev-HTTP | Alternative development web server | Registered |
4443 | TCP | Alt-HTTPS | Alternative HTTPS port | Registered |
5000 | TCP | Dev-HTTP | Development server / Flask default | Registered |
5060 | TCP/UDP | SIP | Session Initiation Protocol (VoIP) | Registered |
5061 | TCP | SIP-TLS | SIP over TLS (secure VoIP) | Registered |
5432 | TCP | PostgreSQL | PostgreSQL database | Registered |
5900 | TCP | VNC | Virtual Network Computing | Registered |
6379 | TCP | Redis | Redis in-memory data store | Registered |
6443 | TCP | Kubernetes | Kubernetes API server | Registered |
8080 | TCP | HTTP-Alt | Alternative HTTP port / proxy | Registered |
8443 | TCP | HTTPS-Alt | Alternative HTTPS port | Registered |
8883 | TCP | MQTT-TLS | MQTT over TLS (IoT messaging) | Registered |
9000 | TCP | Dev-HTTP | Alternative development server port | Registered |
9090 | TCP | Prometheus | Prometheus monitoring server | Registered |
9200 | TCP | Elasticsearch | Elasticsearch REST API | Registered |
9300 | TCP | Elasticsearch | Elasticsearch node communication | Registered |
9418 | TCP | Git insecure | Git protocol (unauthenticated) | Registered |
11211 | TCP/UDP | Memcached | Memcached distributed cache | Registered |
15672 | TCP | RabbitMQ | RabbitMQ management console | Registered |
27017 | TCP | MongoDB | MongoDB database | Registered |
About This Tool
How Network Ports Work
A network port is a 16-bit number (0–65535) that identifies a specific process or service on a networked device. When data arrives at a host, the operating system uses the destination port number to determine which application should receive it. Ports work in combination with IP addresses to form a complete socket address: an IP address identifies the host, and a port number identifies the application on that host.
Ports exist within two transport protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). TCP provides reliable, ordered, and error-checked delivery through a three-way handshake and acknowledgment mechanism. UDP provides faster but unreliable delivery without connection setup — suitable for real-time applications where some packet loss is acceptable. Some services use both TCP and UDP on the same port number for different purposes.
Well-Known Ports (0–1023)
Well-known ports, also called system ports, are assigned by IANA to standardized internet services and protocols. These ports require root or administrator privileges to bind on most operating systems, providing a security boundary between trusted system services and unprivileged user applications. The most important well-known ports include port 80 for HTTP web traffic, port 443 for HTTPS encrypted web traffic, port 22 for SSH remote access, port 25 for SMTP email relay, and port 53 for DNS name resolution.
Email involves several well-known ports: port 25 for server-to-server SMTP relay, port 587 for client-to-server SMTP submission with STARTTLS, port 465 for SMTP submission over implicit TLS, port 110 for POP3 mail retrieval, port 995 for POP3S (POP3 over TLS), port 143 for IMAP mail access, and port 993 for IMAPS (IMAP over TLS). Understanding these distinctions helps configure email clients, servers, and firewall rules correctly.
Registered Ports (1024–49151)
Registered ports are used by applications and services that are not core internet protocols but are widely recognized. Any application can use these ports without elevated privileges. IANA maintains a registry of registered port assignments, but registration is voluntary and the list is not exhaustive. Common registered ports include port 3306 for MySQL, port 5432 for PostgreSQL, port 27017 for MongoDB, port 6379 for Redis, port 3389 for Windows Remote Desktop, and port 8080 as a common HTTP alternative for development and proxies.
Modern cloud-native infrastructure adds several important registered ports: port 6443 for the Kubernetes API server, port 2376 for Docker daemon over TLS, port 9200 for Elasticsearch, port 9090 for Prometheus monitoring, and port 15672 for the RabbitMQ management console. DevOps engineers and developers regularly encounter these ports when configuring container orchestration, service meshes, monitoring stacks, and message brokers.
Dynamic and Ephemeral Ports (49152–65535)
Dynamic ports, also called ephemeral or private ports, are not assigned to specific services. The operating system allocates them temporarily to client-side connections. When your web browser connects to a server, the server listens on port 443, but your browser is assigned a random port from the ephemeral range for the return traffic. This ephemeral port is included in outgoing packets so the server knows where to send the response, and the operating system uses it to match incoming packets to the correct application.
The exact range for ephemeral ports varies by operating system. Linux defaults to 32768–60999, Windows uses 49152–65535 (matching the IANA recommendation), and older BSD systems traditionally used 1024–4999. This range can be configured via kernel parameters or registry settings when necessary — for example, high-traffic servers may expand the range to avoid running out of ephemeral ports under heavy load.
Insecure Ports and Their Secure Alternatives
Several widely used port assignments correspond to protocols that transmit data in cleartext, making them vulnerable to eavesdropping and interception on untrusted networks. Port 21 (FTP) and port 20 (FTP data) transmit files and credentials without encryption — SFTP (over SSH port 22) or FTPS (ports 989/990) should be used instead. Port 23 (Telnet) sends all data including passwords in cleartext — SSH on port 22 is the secure replacement that has made Telnet obsolete for remote administration.
Port 80 (HTTP) transmits web content without encryption, enabling passive monitoring and active injection of content. HTTPS on port 443 encrypts traffic with TLS. Port 1723 (PPTP VPN) uses weak encryption algorithms that have been cryptographically broken — OpenVPN (port 1194), WireGuard, or IKEv2 (port 500/4500) are secure alternatives. Port 9418 (the native Git protocol) provides unauthenticated read access to repositories — Git over SSH or HTTPS is preferred in production environments.
Ports in Firewall and Security Configuration
Firewall rules use port numbers to control which network services are accessible from the internet or between network segments. A typical web server configuration allows inbound TCP on ports 80 and 443 from any source, allows TCP on port 22 only from management IP ranges, and blocks all other inbound connections. This principle of allowing only necessary traffic, known as the principle of least privilege, minimizes the attack surface exposed to potential adversaries.
Port scanning tools such as nmap use connection attempts to different port numbers to identify which services are running on a host. Security teams use authorized port scans during vulnerability assessments to find unintended open ports that might indicate misconfigured services or malware. Network intrusion detection systems watch for port scans and attempts to connect to well-known malware command-and-control ports. Understanding common port assignments is foundational knowledge for anyone working in network security, system administration, or DevOps.
Database and Application Server Ports
Database servers use well-known registered ports that should be firewalled from public access in production environments. MySQL and MariaDB use port 3306, PostgreSQL uses port 5432, MongoDB uses port 27017, Redis uses port 6379, and Microsoft SQL Server uses port 1433. Oracle Database uses port 1521 for its default listener. These ports should only be accessible to application servers and administrators, never directly from the internet.
Application servers and development environments commonly use ports in the 3000–9999 range. Node.js and React development servers often run on port 3000, Python Flask defaults to port 5000, Ruby on Rails uses port 3000, and common alternatives include ports 4000, 4200 (Angular), 5173 (Vite), and 8080. When containerizing applications with Docker, internal container ports are mapped to host ports, making port reference knowledge essential for writing correct port mapping configurations.
Frequently Asked Questions
Yes, Common Port Reference is totally free :)
Yes, you can install the webapp as PWA.
Yes, any data related to Common Port Reference only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.
TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) ports are 16-bit numbers (0–65535) that identify specific applications or services on a networked device. When data arrives at a host, the port number tells the operating system which application should receive it. TCP provides reliable, ordered delivery with error checking, making it suitable for web, email, and file transfers. UDP provides faster, connectionless delivery without guaranteed delivery, making it suitable for DNS queries, video streaming, and gaming.
Well-known ports are port numbers 0–1023 assigned by IANA (Internet Assigned Numbers Authority) to standard network services. They require elevated (root/administrator) privileges to bind on most operating systems. Examples include port 80 for HTTP, port 443 for HTTPS, port 22 for SSH, port 25 for SMTP, and port 53 for DNS. These assignments are defined in RFC 1340 and are globally recognized.
Registered ports are port numbers 1024–49151 that are registered with IANA for specific services but do not require elevated privileges to bind. They are used by well-known applications and protocols that emerged after the well-known range was filled. Examples include port 3306 for MySQL, port 5432 for PostgreSQL, port 3389 for RDP, port 6379 for Redis, and port 8080 as an HTTP alternative.
Dynamic (ephemeral) ports are port numbers 49152–65535 that are not assigned to specific services. The operating system assigns them temporarily to client-side connections — when your browser connects to a web server, the server uses port 80 or 443, but your browser is assigned a random ephemeral port for the return traffic. These ports are also called private ports and are never registered with IANA.
Some ports are associated with protocols that transmit data in cleartext without encryption, making them vulnerable to eavesdropping and man-in-the-middle attacks. Examples include port 21 (FTP), port 23 (Telnet), port 80 (HTTP), and port 1723 (PPTP VPN). For Telnet, SSH (port 22) is the secure replacement. For FTP, SFTP (over SSH) or FTPS (port 990) are the secure alternatives. For HTTP, HTTPS (port 443) should be used instead.
Firewalls use port numbers as part of their rules to allow or block network traffic. A rule might allow inbound TCP traffic on port 443 (HTTPS) while blocking port 23 (Telnet). Stateful firewalls track connections and automatically allow return traffic for established connections. Understanding which services use which ports is essential for writing effective firewall rules that allow necessary services while minimizing the attack surface.