Whether you’re a network administrator, cybersecurity professional, or IT enthusiast, understanding network ports is crucial for troubleshooting, security, and system management. This Common Ports Cheat sheet covers over 200 common network ports, their services, and practical applications.
What Are Network Ports?
Network ports are virtual endpoints in your computer’s operating system that allow different applications and services to communicate over a network. Think of them as numbered doors – each service knocks on a specific door (port number) to establish communication.
Your computer uses two main types of ports:
- Physical ports: Hardware connections like USB, Ethernet, and HDMI
- Network ports: Software-defined communication channels (the focus of this guide)
Understanding Port Categories
Network ports are divided into three main categories:
- System/Well-Known Ports (0-1023): Reserved for system services and widely-used protocols
- User/Registered Ports (1024-49151): Assigned to specific applications and services
- Dynamic/Private Ports (49152-65535): Used for temporary connections and client-side communications
Complete Network Ports Reference Table
System Ports (0-1023)
| Port | Protocol | Service | Description |
|---|---|---|---|
| 7 | TCP/UDP | Echo | Network testing service that echoes back received data |
| 19 | TCP/UDP | Chargen | Character generator for network testing |
| 20 | TCP | FTP Data | File Transfer Protocol data channel |
| 21 | TCP | FTP Control | File Transfer Protocol control channel |
| 22 | TCP | SSH/SCP | Secure Shell for remote access and file transfer |
| 23 | TCP | Telnet | Unencrypted remote terminal access (deprecated) |
| 25 | TCP | SMTP | Simple Mail Transfer Protocol for email sending |
| 37 | TCP/UDP | Time | Network time protocol (legacy) |
| 42 | TCP/UDP | WINS | Windows Internet Name Service replication |
| 43 | TCP | WHOIS | Domain registration information lookup |
| 49 | TCP/UDP | TACACS | Terminal Access Controller Access Control System |
| 53 | TCP/UDP | DNS | Domain Name System for name resolution |
| 67 | UDP | DHCP Server | Dynamic Host Configuration Protocol server |
| 68 | UDP | DHCP Client | Dynamic Host Configuration Protocol client |
| 69 | UDP | TFTP | Trivial File Transfer Protocol |
| 70 | TCP | Gopher | Early internet protocol (mostly obsolete) |
| 79 | TCP | Finger | User information protocol |
| 80 | TCP | HTTP | Hypertext Transfer Protocol for web browsing |
| 88 | TCP/UDP | Kerberos | Network authentication protocol |
| 102 | TCP | MS Exchange | Microsoft Exchange MTA Stacks |
| 110 | TCP | POP3 | Post Office Protocol version 3 for email retrieval |
| 113 | TCP | Ident | Identification protocol |
| 119 | TCP | NNTP | Network News Transfer Protocol (Usenet) |
| 123 | UDP | NTP | Network Time Protocol for time synchronization |
| 135 | TCP | MS RPC | Microsoft Remote Procedure Call |
| 137 | UDP | NetBIOS-NS | NetBIOS Name Service |
| 138 | UDP | NetBIOS-DGM | NetBIOS Datagram Service |
| 139 | TCP | NetBIOS-SSN | NetBIOS Session Service |
| 143 | TCP | IMAP4 | Internet Message Access Protocol version 4 |
| 161 | UDP | SNMP | Simple Network Management Protocol |
| 162 | UDP | SNMP Trap | SNMP trap notifications |
| 177 | UDP | XDMCP | X Display Manager Control Protocol |
| 179 | TCP | BGP | Border Gateway Protocol for routing |
| 194 | TCP | IRC | Internet Relay Chat |
| 201 | TCP | AppleTalk | Apple networking protocol |
| 264 | TCP/UDP | BGMP | Border Gateway Multicast Protocol |
| 318 | TCP/UDP | TSP | Time Stamp Protocol |
| 389 | TCP/UDP | LDAP | Lightweight Directory Access Protocol |
| 443 | TCP | HTTPS | HTTP Secure (HTTP over SSL/TLS) |
| 445 | TCP | SMB | Server Message Block (Microsoft file sharing) |
| 464 | TCP/UDP | Kerberos | Kerberos password changing |
| 465 | TCP | SMTPS | SMTP over SSL (deprecated, use 587) |
| 497 | TCP | Retrospect | Dantz Retrospect backup software |
| 500 | UDP | ISAKMP | Internet Security Association Key Management |
| 512 | TCP | rexec | Remote execution (insecure) |
| 513 | TCP | rlogin | Remote login (insecure) |
| 514 | UDP | Syslog | System logging protocol |
| 515 | TCP | LPD/LPR | Line Printer Daemon/Line Printer Remote |
| 520 | UDP | RIP | Routing Information Protocol |
| 521 | UDP | RIPng | RIP next generation for IPv6 |
| 540 | TCP | UUCP | Unix-to-Unix Copy Protocol |
| 554 | TCP/UDP | RTSP | Real Time Streaming Protocol |
| 563 | TCP | NNTPS | NNTP over SSL |
| 587 | TCP | SMTP | Message Submission (preferred over port 25) |
| 591 | TCP | FileMaker | FileMaker database |
| 593 | TCP/UDP | MS DCOM | Microsoft Distributed Component Object Model |
| 631 | TCP/UDP | IPP | Internet Printing Protocol |
| 636 | TCP | LDAPS | LDAP over SSL |
| 639 | TCP/UDP | MSDP | Multicast Source Discovery Protocol |
| 646 | TCP | LDP | Label Distribution Protocol (MPLS) |
| 691 | TCP | MS Exchange | Microsoft Exchange routing |
| 860 | TCP | iSCSI | Internet Small Computer System Interface |
| 873 | TCP | rsync | Remote synchronization utility |
| 902 | TCP | VMware | VMware Server Console |
| 989 | TCP | FTPS Data | FTP over SSL data channel |
| 990 | TCP | FTPS Control | FTP over SSL control channel |
| 993 | TCP | IMAPS | IMAP4 over SSL |
| 995 | TCP | POP3S | POP3 over SSL |
User/Registered Ports (1024-49151)
| Port | Protocol | Service | Description |
|---|---|---|---|
| 1025 | TCP | MS RPC | Microsoft RPC high port |
| 1026-1029 | TCP | Windows Messenger | Windows Messenger service |
| 1080 | TCP | SOCKS | SOCKS proxy protocol |
| 1194 | UDP | OpenVPN | Open source VPN solution |
| 1214 | TCP | Kazaa | Peer-to-peer file sharing (legacy) |
| 1241 | TCP | Nessus | Vulnerability scanner |
| 1311 | TCP | Dell OpenManage | Dell server management |
| 1337 | TCP | WASTE | Encrypted private P2P network |
| 1433 | TCP | MS SQL Server | Microsoft SQL Server database |
| 1434 | UDP | MS SQL Monitor | Microsoft SQL Server monitoring |
| 1512 | TCP | WINS | Windows Internet Name Service |
| 1521 | TCP | Oracle | Oracle database listener |
| 1589 | UDP | Cisco VQP | VLAN Query Protocol |
| 1701 | UDP | L2TP | Layer 2 Tunneling Protocol |
| 1723 | TCP | PPTP | Point-to-Point Tunneling Protocol |
| 1725 | UDP | Steam | Valve Steam gaming platform |
| 1741 | TCP | CiscoWorks | Cisco network management |
| 1755 | TCP/UDP | MS Media | Windows Media Services |
| 1812 | UDP | RADIUS Auth | Remote Authentication Dial-In User Service |
| 1813 | UDP | RADIUS Acct | RADIUS accounting |
| 1863 | TCP | MSN Messenger | Microsoft instant messaging (legacy) |
| 1985 | UDP | Cisco HSRP | Hot Standby Router Protocol |
| 2000 | TCP | Cisco SCCP | Skinny Client Control Protocol |
| 2002 | TCP | Cisco ACS | Access Control Server |
| 2049 | TCP/UDP | NFS | Network File System |
| 2082 | TCP | cPanel | Web hosting control panel |
| 2083 | TCP | cPanel SSL | cPanel over SSL |
| 2100 | TCP | Oracle XDB | Oracle XML database |
| 2222 | TCP | DirectAdmin | Web hosting control panel |
| 2302 | TCP/UDP | Halo | Halo gaming |
| 2375 | TCP | Docker | Docker REST API (insecure) |
| 2376 | TCP | Docker | Docker REST API (secure) |
| 2483 | TCP | Oracle DB | Oracle database |
| 2484 | TCP | Oracle DB | Oracle database SSL |
| 2967 | TCP | Symantec AV | Symantec antivirus |
| 3000 | TCP | Node.js | Common Node.js development port |
| 3050 | TCP | Interbase | Interbase/Firebird database |
| 3074 | TCP/UDP | Xbox Live | Microsoft Xbox Live gaming |
| 3124 | TCP | HTTP Proxy | HTTP proxy service |
| 3128 | TCP | Squid Proxy | Squid web proxy cache |
| 3222 | TCP | GLBP | Gateway Load Balancing Protocol |
| 3260 | TCP | iSCSI Target | iSCSI target service |
| 3306 | TCP | MySQL | MySQL database server |
| 3389 | TCP | RDP | Remote Desktop Protocol |
| 3478 | TCP/UDP | STUN | Session Traversal Utilities for NAT |
| 3689 | TCP | iTunes | Apple iTunes music sharing |
| 3690 | TCP | Subversion | SVN version control system |
| 3724 | TCP | World of Warcraft | Blizzard gaming |
| 3784 | TCP/UDP | Ventrilo | Voice communication software |
| 3785 | TCP/UDP | Ventrilo | Voice communication software |
| 4000 | TCP | Diablo II | Blizzard gaming |
| 4333 | TCP | mSQL | Mini SQL database |
| 4444 | TCP | Metasploit | Security testing framework |
| 4664 | TCP | Google Desktop | Google Desktop search |
| 4672 | UDP | eMule | Peer-to-peer file sharing |
| 4899 | TCP | Radmin | Remote administration tool |
| 5000 | TCP | UPnP | Universal Plug and Play |
| 5001 | TCP | Slingbox | Slingbox media streaming |
| 5004 | UDP | RTP | Real-time Transport Protocol |
| 5005 | UDP | RTCP | RTP Control Protocol |
| 5050 | TCP | Yahoo Messenger | Yahoo instant messaging |
| 5060 | TCP/UDP | SIP | Session Initiation Protocol |
| 5190 | TCP | AIM/ICQ | AOL Instant Messenger |
| 5222 | TCP | XMPP Client | Extensible Messaging and Presence Protocol |
| 5223 | TCP | XMPP SSL | XMPP over SSL |
| 5269 | TCP | XMPP Server | XMPP server-to-server |
| 5353 | UDP | mDNS | Multicast DNS (Bonjour) |
| 5432 | TCP | PostgreSQL | PostgreSQL database |
| 5500 | TCP | VNC | Virtual Network Computing |
| 5631 | TCP | pcAnywhere | Symantec pcAnywhere |
| 5632 | UDP | pcAnywhere | Symantec pcAnywhere |
| 5800 | TCP | VNC HTTP | VNC over HTTP |
| 5900 | TCP | VNC | VNC remote desktop |
| 5984 | TCP | CouchDB | Apache CouchDB database |
| 6000 | TCP | X11 | X Window System |
| 6001 | TCP | X11 | X Window System forwarding |
| 6112 | TCP/UDP | Battle.net | Blizzard gaming platform |
| 6129 | TCP | DameWare | Remote administration |
| 6257 | TCP | WinMX | Peer-to-peer file sharing |
| 6346 | TCP/UDP | Gnutella | Peer-to-peer network |
| 6347 | TCP/UDP | Gnutella | Peer-to-peer network |
| 6379 | TCP | Redis | Redis database |
| 6500 | TCP/UDP | GameSpy | Gaming service |
| 6566 | TCP | SANE | Scanner Access Now Easy |
| 6588 | TCP | AnalogX | AnalogX proxy |
| 6665-6669 | TCP | IRC | Internet Relay Chat |
| 6679 | TCP | IRC SSL | IRC over SSL |
| 6697 | TCP | IRC SSL | IRC over SSL |
| 6699 | TCP | Napster | Peer-to-peer file sharing |
| 6881-6999 | TCP/UDP | BitTorrent | BitTorrent P2P protocol |
| 6891-6901 | TCP | Windows Live | Windows Live Messenger |
| 6970 | UDP | QuickTime | Apple QuickTime streaming |
| 7000 | TCP | Cassandra | Apache Cassandra database |
| 7212 | TCP | GhostSurf | Anonymizer proxy |
| 7648 | TCP | CU-SeeMe | Video conferencing |
| 7649 | TCP | CU-SeeMe | Video conferencing |
| 8000 | TCP | HTTP Alt | Alternative HTTP port |
| 8008 | TCP | HTTP Alt | Alternative HTTP port |
| 8080 | TCP | HTTP Proxy | HTTP proxy/alternative web port |
| 8086 | TCP | Kaspersky | Kaspersky antivirus |
| 8087 | TCP | Kaspersky | Kaspersky antivirus |
| 8118 | TCP | Privoxy | Privacy proxy |
| 8200 | TCP | VMware Server | VMware infrastructure |
| 8443 | TCP | HTTPS Alt | Alternative HTTPS port |
| 8500 | TCP | Adobe ColdFusion | ColdFusion application server |
| 8767 | TCP/UDP | TeamSpeak | Voice communication |
| 8834 | TCP | Nessus | Nessus vulnerability scanner |
| 9000 | TCP | SonarQube | Code quality platform |
| 9100 | TCP | HP JetDirect | HP printer management |
| 9101 | TCP | Bacula | Backup software director |
| 9102 | TCP | Bacula | Backup software file daemon |
| 9103 | TCP | Bacula | Backup software storage daemon |
| 9119 | TCP | MXit | Mobile instant messaging |
| 9200 | TCP | Elasticsearch | Elasticsearch search engine |
| 9300 | TCP | Elasticsearch | Elasticsearch transport |
| 9418 | TCP | Git | Git version control |
| 9800 | TCP | WebDAV | Web Distributed Authoring |
| 9999 | TCP | Urchin | Web analytics |
| 10000 | TCP | Webmin | Web-based system administration |
| 10050 | TCP | Zabbix Agent | Zabbix monitoring agent |
| 10051 | TCP | Zabbix Server | Zabbix monitoring server |
| 10113 | TCP | NetIQ | NetIQ monitoring |
| 11211 | TCP/UDP | Memcached | Distributed caching system |
| 11371 | TCP | OpenPGP | PGP key server |
| 12035 | TCP/UDP | Second Life | Virtual world platform |
| 12036 | TCP/UDP | Second Life | Virtual world platform |
| 13720 | TCP | NetBackup | Symantec backup software |
| 13721 | TCP | NetBackup | Symantec backup software |
| 14567 | TCP/UDP | Battlefield | EA gaming |
| 15118 | TCP | Dipnet/Oddbob | Malware (historical) |
| 19226 | TCP | AdminSecure | Panda antivirus |
| 19638 | TCP | Ensim | Web hosting control panel |
| 20000 | TCP | Usermin | Web-based user administration |
| 24800 | TCP | Synergy | Keyboard/mouse sharing |
| 25565 | TCP | Minecraft | Minecraft gaming server |
| 25999 | TCP | Xfire | Gaming communication |
| 26000 | TCP/UDP | Quake | id Software gaming |
| 27015 | TCP/UDP | Steam | Steam gaming platform |
| 27017 | TCP | MongoDB | MongoDB database |
| 28960 | TCP/UDP | Call of Duty | Activision gaming |
| 32400 | TCP | Plex | Plex media server |
| 33434 | UDP | Traceroute | Network diagnostic tool |
| 37777 | TCP | Dahua | Dahua security cameras |
| 50000 | TCP | SAP | SAP application server |
Most Important Ports Every IT Professional Should Know
Essential Web Ports
- Port 80 (HTTP): Standard web traffic – every website you visit uses this
- Port 443 (HTTPS): Secure web traffic – essential for online banking, shopping, and secure sites
- Port 8080: Alternative web port – commonly used for development and proxy servers like Burp Suite proxy.
Critical Email Ports
- Port 25 (SMTP): Email sending between servers
- Port 587 (SMTP): Email submission from clients (preferred over port 25)
- Port 110 (POP3): Email retrieval (downloads emails to device)
- Port 143 (IMAP): Email access (emails stay on server)
- Port 993 (IMAPS): Secure IMAP
- Port 995 (POP3S): Secure POP3
Database Ports
- Port 3306 (MySQL): World’s most popular open-source database
- Port 5432 (PostgreSQL): Advanced open-source database
- Port 1433 (SQL Server): Microsoft’s enterprise database
- Port 1521 (Oracle): Oracle enterprise database
- Port 27017 (MongoDB): Popular NoSQL database
Remote Access Ports
- Port 22 (SSH): Secure remote access for Linux/Unix systems
- Port 3389 (RDP): Remote Desktop for Windows systems
- Port 23 (Telnet): Insecure remote access (avoid using)
Security Considerations
Ports to Monitor for Security
- Port 1337: Often used by hackers and malware
- Port 31337: Back Orifice trojan
- Port 12345: NetBus trojan
- Port 27374: Sub7 trojan
Common Attack Vectors
- Port 445 (SMB): Frequently targeted by ransomware like WannaCry
- Port 135 (RPC): Often exploited in Windows networks
- Port 139 (NetBIOS): Legacy Windows networking, should be blocked externally
Best Practices
- Close unnecessary ports: Only open ports you actually need
- Use firewalls: Block unused ports at network and host levels
- Regular scanning: Use tools like Nmap to audit open ports
- Monitor traffic: Watch for unusual activity on critical ports
- Use secure alternatives: Replace Telnet (23) with SSH (22), HTTP (80) with HTTPS (443)
Troubleshooting Common Port Issues
Port Already in Use
If you encounter “port already in use” errors:
- Check what’s using the port:
netstat -tulpn | grep :PORT - Stop the conflicting service
- Choose an alternative port
- Restart your application
Port Blocked by Firewall
To test if a port is blocked:
- Use telnet:
telnet hostname port - Use nmap:
nmap -p PORT hostname - Check firewall rules
- Verify port forwarding on routers
Network Connectivity Issues
Common troubleshooting steps:
- Verify the service is running
- Check if the port is open locally
- Test from another machine
- Examine firewall logs
- Verify DNS resolution
TCP vs UDP: Understanding the Difference
TCP (Transmission Control Protocol)
- Connection-oriented: Establishes a connection before sending data
- Reliable: Guarantees data delivery and order
- Error checking: Detects and corrects errors
- Slower: Due to overhead from reliability features
- Use cases: Web browsing, email, file transfer
UDP (User Datagram Protocol)
- Connectionless: Sends data without establishing a connection
- Fast: Minimal overhead
- Unreliable: No guarantee of delivery or order
- No error correction: Data may be lost or corrupted
- Use cases: Video streaming, online gaming, DNS lookups
Port Ranges and Their Uses
System Ports (0-1023)
Reserved for system services and require administrator privileges to bind to. These are standardized across all operating systems.
User Ports (1024-49151)
Available for user applications. Many are registered with IANA for specific services, but can be used by any application.
Dynamic Ports (49152-65535)
Used for temporary connections, typically by client applications when connecting to servers.
Modern Port Considerations
Cloud Services
- Port 2375/2376: Docker API
- Port 6443: Kubernetes API
- Port 9200: Elasticsearch
- Port 5672: RabbitMQ
Development Tools
- Port 3000: Node.js development
- Port 4200: Angular development
- Port 8000: Django development
- Port 5000: Flask development
Container Orchestration
- Port 2379/2380: etcd
- Port 10250: Kubelet
- Port 10256: Kube-proxy
Conclusion
Understanding network ports is fundamental to network administration, security, and troubleshooting. This comprehensive guide covers the most important/common ports you’ll encounter in modern IT environments. Remember to:
- Keep your systems updated
- Close unnecessary ports
- Monitor network traffic
- Use secure protocols when possible
- Regular security audits
Whether you’re configuring firewalls, troubleshooting connectivity issues, or securing your network, this common ports cheat sheet will serve as your quick reference guide.
Bookmark this page for quick reference, and remember that network security is an ongoing process that requires constant attention and updates.
FAQs
Most common questions about the the networking ports from the public,
What are the most common ports?
HTTP – Port 80.
HTTPS – 443.
FTP – 21.
FTPS / SSH – 22.
POP3 – 110.
POP3 SSL – 995.
IMAP – 143.
IMAP SSL – 993.
What is the common service port?
The services and its port numbers are used to differentiate between various services that execute over transport protocols such as TCP/IP, UDP, and SCTP.
What is port 445 commonly used for?
TCP port 445 is used for direct TCP/IP MS Networking access without the need for a NetBIOS layer. This service is only implemented in the more recent verions of Windows (e.g. Windows 2K / XP). The SMB protocol is used among other things for file sharing in Windows NT/2K/XP.
What port 8080 is typically used for?
Generally, the services and its port numbers are used to differentiate between various services that execute over transport protocols such as TCP/IP, UDP, DCCP, and SCTP.
– System Ports (0-1023)
– User Ports (1024-49151)
– Dynamic / Private Ports (49152-65535)
What is port 443?
Port 443 is the standard port for all secured HTTP traffic, meaning it’s absolutely essential for most modern web activity. Encryption is necessary to protect information, as it makes its way between your computer and a web server.
Should I block port 445?
It is recommend blocking port 445 on internal firewalls to segment your network. This will prevent internal spreading of the ransomware. Note that blocking TCP 445 will prevent file and printer sharing. If this is required for business, you may need to leave the port open on some internal firewalls.
Why is Port 0 reserved?
Port 0 is a wildcard port that tells the system to find a suitable port number. Unlike most port numbers, port 0 is a reserved port in TCP/IP networking, meaning that it should not be used in TCP or UDP messages.
What is TCP UDP?
TCP is a connection-oriented protocol and UDP is a connection-less protocol. TCP establishes a connection between a sender and receiver before data can be sent. UDP does not establish a connection before sending data.
Is TCP faster than UDP?
A key difference between TCP and UDP is speed, as TCP is comparatively slower than UDP. Overall, UDP is a much faster, simpler, and efficient protocol, however, retransmission of lost data packets is only possible with TCP.
Is UDP secure?
The connection-oriented methods of TCP make security much easier to implement in that protocol in UDP. However, there are encryption standards available for UDP. The main option that directly aims at security UDP is the Datagram Transport Layer Security protocol or DTLS.
