What is a network port?

A network port is a virtual endpoint for network communication. Think of an IP address as a building's street address and ports as individual apartment numbers. Each port number (0-65535) identifies a specific service or application. When data arrives at an IP address, the port number tells the operating system which application should receive it.

What is the difference between TCP and UDP ports?

TCP (Transmission Control Protocol) provides reliable, ordered delivery with error checking and retransmission of lost data. It's used for web browsing (HTTP/HTTPS), email, and file transfers. UDP (User Datagram Protocol) is faster but less reliable — it sends data without confirming receipt. UDP is ideal for real-time applications like video streaming, gaming, and DNS queries where speed matters more than guaranteed delivery.

How many network ports are there?

There are 65,536 ports (0-65535), divided into three ranges: Well-Known Ports (0-1023) are assigned to common services like HTTP (80) and HTTPS (443). Registered Ports (1024-49151) are assigned to specific applications by IANA. Dynamic/Private Ports (49152-65535) are used temporarily by client applications for outgoing connections.

How do I check if a port is open?

You can check if a port is open using the Port Scanner tool on NetTool. Enter the target hostname or IP address and the port number(s) you want to check. The tool will report whether each port is open (accepting connections), closed (reachable but not accepting), or filtered (blocked by a firewall). You can also use command-line tools like telnet, nc (netcat), or nmap.

Why should I close unused ports?

Every open port is a potential entry point for attackers. Unused open ports increase your attack surface without providing any benefit. Closing unnecessary ports reduces the risk of unauthorized access, port-based exploits, and data exfiltration. It's a fundamental security practice to only keep ports open that are actively needed for your services.

Common Network Ports Reference: A Complete Guide

March 31, 2026 · 12 min read

Table of Contents

What Are Network Ports?
TCP vs UDP: Understanding Transport Protocols
Port Number Ranges and Classifications
Essential Ports Every Admin Should Know
Web Server and HTTP Ports
Database and Application Ports
Email Server Ports
Security Considerations and Best Practices
Scanning and Monitoring Ports
Troubleshooting Common Port Issues
Frequently Asked Questions
Related Articles

What Are Network Ports?

Network ports are virtual communication endpoints that allow multiple services to run on a single device. If an IP address is like a building's street address, ports are the individual apartment numbers inside that building. When data travels across the internet, it's directed to a specific IP address and port number, ensuring it reaches the right application.

Every time you browse the web, send an email, transfer a file, or stream video, your device uses network ports to manage these different conversations simultaneously. Your web browser might be talking to port 443 on a web server while your email client communicates with port 993 on a mail server — all at the same time, on the same internet connection.

Port numbers range from 0 to 65,535. Each number can be associated with a specific service or application. Some port numbers are standardized and universally recognized (like port 80 for HTTP), while others are dynamically assigned as needed. Understanding common port numbers is fundamental knowledge for anyone working with networks, servers, or web applications.

Quick tip: Think of ports as channels on a television. Your TV receives signals on one cable, but you can watch different channels by tuning to different frequencies. Similarly, your computer receives network traffic on one network interface, but different applications listen on different port numbers.

Ports work at the Transport Layer (Layer 4) of the OSI model. When an application wants to communicate over a network, it binds to a specific port number. The operating system then routes incoming traffic destined for that port to the correct application. This multiplexing capability is what makes modern networking possible — without ports, you could only run one network application at a time.

You can check which ports are currently in use on your system with our Port Scanner Tool, which helps identify open ports and the services running on them.

TCP vs UDP: Understanding Transport Protocols

Before diving into specific port numbers, it's important to understand the two main transport protocols that use ports: TCP and UDP. These protocols determine how data is transmitted between devices, and each has distinct characteristics that make them suitable for different applications.

TCP (Transmission Control Protocol)

TCP is the reliable, connection-oriented protocol. It establishes a connection before sending data (the "three-way handshake"), ensures every packet arrives in the correct order, and retransmits any lost data. Think of TCP like a phone call — you establish a connection, have a conversation, and both sides know when the call ends.

Key characteristics of TCP:

Connection-oriented: Establishes a dedicated connection before data transfer begins
Reliable delivery: Guarantees that all packets arrive and in the correct sequence
Error checking: Detects corrupted packets and requests retransmission
Flow control: Prevents overwhelming the receiver with too much data at once
Slower but dependable: The overhead of reliability mechanisms adds latency

TCP is ideal for applications where accuracy matters more than speed: web browsing (HTTP/HTTPS), email (SMTP, IMAP, POP3), file transfers (FTP, SFTP), and remote administration (SSH, Telnet). When you load a webpage, every image, stylesheet, and script must arrive completely and correctly — missing even one byte would corrupt the file.

UDP (User Datagram Protocol)

UDP is the fast, connectionless protocol. It sends data without establishing a connection, doesn't guarantee delivery, and doesn't care about packet order. Think of UDP like sending postcards — you drop them in the mail and hope they arrive, but you don't get confirmation.

Key characteristics of UDP:

Connectionless: No handshake or connection setup required
Unreliable delivery: Packets may be lost, duplicated, or arrive out of order
No error correction: Corrupted packets are simply discarded
No flow control: Sends data as fast as the application generates it
Faster with less overhead: Minimal protocol overhead means lower latency

UDP is perfect for real-time applications where speed matters more than perfection: video streaming, online gaming, VoIP calls (Skype, Zoom), DNS queries, and live broadcasts. If a few video frames are lost during a livestream, it's better to keep playing than to pause and wait for retransmission.

Pro tip: Some applications use both TCP and UDP on the same port number. For example, DNS primarily uses UDP port 53 for quick queries, but falls back to TCP port 53 for large responses that exceed UDP's packet size limits. Always check which protocol a service requires when configuring firewalls.

Port Number Ranges and Classifications

The Internet Assigned Numbers Authority (IANA) divides the 65,536 available port numbers into three distinct ranges, each serving a different purpose in network communications.

Range	Port Numbers	Description	Common Uses
Well-Known Ports	`0-1023`	Reserved for system services and common protocols	HTTP, HTTPS, FTP, SSH, SMTP, DNS
Registered Ports	`1024-49151`	Assigned to specific services by IANA upon request	Database servers, custom applications, enterprise software
Dynamic/Private Ports	`49152-65535`	Available for temporary or private use	Ephemeral ports for client connections, testing, development

Well-Known Ports (0-1023)

These ports require root or administrator privileges to bind on Unix-like systems. They're standardized across the internet, meaning port 80 always means HTTP and port 443 always means HTTPS. This consistency allows clients and servers to communicate without configuration.

Operating systems protect these ports to prevent malicious applications from impersonating critical services. On Linux, only processes running as root can listen on ports below 1024. This security measure ensures that when you connect to port 22, you're actually reaching the SSH daemon, not a rogue application.

Registered Ports (1024-49151)

Software vendors and organizations can register ports in this range with IANA for their specific applications. While not as strictly enforced as well-known ports, these assignments help prevent conflicts. For example, Microsoft SQL Server traditionally uses port 1433, while MySQL uses 3306.

These ports don't require special privileges to use, making them ideal for user-level applications and services. However, the registration is more of a gentleman's agreement — nothing technically prevents you from running a different service on a registered port.

Dynamic/Private Ports (49152-65535)

These ephemeral ports are automatically assigned by your operating system when an application initiates an outbound connection. When your browser connects to a web server, it might use port 54321 as its source port while connecting to the server's port 443. The server's response comes back to your port 54321, allowing your OS to route it to the correct browser tab.

These ports are recycled quickly — once a connection closes, the port becomes available for reuse. You'll never manually configure these ports; they're managed entirely by the TCP/IP stack.

Essential Ports Every Admin Should Know

Certain ports are so fundamental to internet operations that every system administrator, developer, and IT professional should have them memorized. These ports handle the core services that make modern networking possible.

Port	Protocol	Service	Description
`20/21`	TCP	FTP	File Transfer Protocol (data/control)
`22`	TCP	SSH	Secure Shell for remote administration
`23`	TCP	Telnet	Unencrypted remote access (deprecated)
`25`	TCP	SMTP	Simple Mail Transfer Protocol
`53`	TCP/UDP	DNS	Domain Name System
`80`	TCP	HTTP	Hypertext Transfer Protocol
`110`	TCP	POP3	Post Office Protocol v3
`143`	TCP	IMAP	Internet Message Access Protocol
`443`	TCP	HTTPS	HTTP Secure (encrypted)
`3389`	TCP	RDP	Remote Desktop Protocol

Port 22 - SSH (Secure Shell)

SSH is the backbone of secure remote server administration. It provides encrypted command-line access to remote systems, replacing the insecure Telnet protocol. Beyond simple terminal access, SSH supports secure file transfers (SFTP), port forwarding, and tunneling other protocols through its encrypted connection.

System administrators use SSH daily to manage servers, deploy code, troubleshoot issues, and automate tasks. The protocol uses public-key cryptography for authentication, making it significantly more secure than password-based systems. Most cloud servers and Linux systems have SSH enabled by default on port 22.

Security tip: Change SSH from port 22 to a non-standard port (like 2222 or 22222) to reduce automated attack attempts. While this is "security through obscurity" and not a replacement for strong authentication, it dramatically reduces log noise from bot scans.

Port 53 - DNS (Domain Name System)

DNS is the internet's phone book, translating human-readable domain names (like example.com) into IP addresses that computers use to communicate. Every time you visit a website, your device queries a DNS server on port 53 to resolve the domain name.

DNS primarily uses UDP for speed, but switches to TCP for large responses or zone transfers between DNS servers. Without DNS, you'd need to memorize IP addresses for every website you visit. Our DNS Lookup Tool lets you query DNS records and troubleshoot resolution issues.

Port 80 and 443 - HTTP and HTTPS

These are the ports of the World Wide Web. Port 80 handles unencrypted HTTP traffic, while port 443 handles encrypted HTTPS traffic. Modern browsers automatically redirect HTTP to HTTPS for security, making port 443 the de facto standard for web traffic.

When you type a URL without specifying a port, browsers assume port 80 for http:// and port 443 for https://. Web servers like Apache, Nginx, and IIS listen on these ports by default. The shift to HTTPS everywhere has made port 443 one of the most heavily used ports on the internet.

Web Server and HTTP Ports

Web applications use several ports beyond the standard HTTP/HTTPS pair. Understanding these alternative ports is crucial for developers running local development servers, configuring reverse proxies, and managing web application deployments.

Common Web Development Ports

Port 8000: Python's SimpleHTTPServer and Django development server default
Port 8080: Alternative HTTP port, commonly used for proxy servers and development
Port 8443: Alternative HTTPS port for testing SSL/TLS configurations
Port 3000: Node.js and React development servers (Create React App, Next.js)
Port 4200: Angular CLI development server default
Port 5000: Flask development server and ASP.NET Core default
Port 5173: Vite development server (modern frontend tooling)
Port 8888: Jupyter Notebook default port

These non-standard ports allow developers to run multiple web applications simultaneously on the same machine. You might have a React frontend on port 3000, a Node.js API on port 5000, and a Python service on port 8000 — all running at the same time during development.

Reverse Proxy and Load Balancer Ports

Production environments often use reverse proxies like Nginx or HAProxy to distribute traffic across multiple backend servers. These proxies listen on standard ports (80/443) and forward requests to backend applications running on higher ports (8080, 8081, 8082, etc.).

This architecture provides several benefits: SSL termination at the proxy level, load balancing across multiple application instances, centralized logging and monitoring, and the ability to run applications as non-root users on high-numbered ports.

Pro tip: When developing locally, use port numbers that match your production environment's internal routing. If your production app runs on port 8080 behind a proxy, develop on 8080 locally. This consistency prevents port-related bugs when deploying.

Database and Application Ports

Database servers use specific ports for client connections. Knowing these ports is essential for configuring firewalls, setting up database connections, and troubleshooting connectivity issues.

Port	Database/Service	Protocol	Notes
`1433`	Microsoft SQL Server	TCP	Default instance; named instances use dynamic ports
`3306`	MySQL/MariaDB	TCP	Most popular open-source database port
`5432`	PostgreSQL	TCP	Advanced open-source relational database
`6379`	Redis	TCP	In-memory data store and cache
`27017`	MongoDB	TCP	NoSQL document database
`5984`	CouchDB	TCP	Document-oriented NoSQL database
`9042`	Cassandra	TCP	Distributed NoSQL database
`9200`	Elasticsearch	TCP	Search and analytics engine (HTTP API)
`11211`	Memcached	TCP	Distributed memory caching system

Database Security Considerations

Database ports should never be exposed directly to the internet. These services are designed for internal network communication and lack the security hardening needed for public exposure. Exposing a database port publicly is one of the most common security mistakes in cloud deployments.

Best practices for database port security:

Bind to localhost only: Configure databases to listen on 127.0.0.1 instead of 0.0.0.0
Use firewall rules: Restrict access to specific IP addresses or subnets
VPN or SSH tunneling: Access remote databases through encrypted tunnels
Cloud security groups: Use AWS Security Groups or Azure NSGs to control access
Strong authentication: Never use default credentials; enforce complex passwords

Many data breaches occur because databases are accidentally exposed on public IP addresses with weak or default credentials. Tools like Shodan regularly scan the internet for exposed database ports, making them easy targets for attackers.

Message Queue and Cache Ports

Modern applications rely on message queues and caching systems for performance and scalability. These services have their own standard ports:

RabbitMQ: 5672 (AMQP), 15672 (Management UI)
Apache Kafka: 9092 (broker), 2181 (Zookeeper)
Redis: 6379 (default), 26379 (Sentinel), 16379 (Cluster bus)
Memcached: 11211

Email Server Ports

Email systems use multiple ports for different functions: sending mail, receiving mail, and accessing mailboxes. Understanding these ports is crucial for configuring email servers and troubleshooting delivery issues.

SMTP Ports (Sending Email)

Port 25 (SMTP): The original email transmission port. Mail servers use port 25 to communicate with each other. However, many ISPs block outbound port 25 connections from residential IP addresses to prevent spam. This port should only be used for server-to-server communication, never for client-to-server submission.

Port 587 (SMTP Submission): The modern standard for email clients to submit messages to mail servers. This port requires authentication and typically uses STARTTLS to encrypt the connection. If you're configuring an email client, use port 587 with TLS encryption.

Port 465 (SMTPS): SMTP over implicit SSL/TLS. This port was briefly deprecated but has been officially reinstated. Some email providers prefer port 465 over 587 because the connection is encrypted from the start, rather than upgrading with STARTTLS.

IMAP and POP3 Ports (Receiving Email)

Port 110 (POP3): Post Office Protocol version 3 downloads emails from the server to your device and typically deletes them from the server. POP3 is simpler but less flexible than IMAP. The unencrypted nature of port 110 makes it unsuitable for modern use.

Port 995 (POP3S): POP3 over SSL/TLS provides encrypted email retrieval. Use this instead of port 110 if you must use POP3.

Port 143 (IMAP): Internet Message Access Protocol allows you to access email on the server without downloading it. IMAP supports folders, flags, and synchronization across multiple devices. Like port 110, unencrypted IMAP should be avoided.