Port Reference Guide
BetaThis tool is in beta. Some features may change or have limited functionality.Interactive reference for common network ports used by system administrators and security architects. Search by port number or service, filter by protocol and category, with security notes.
82 ports found
| Port | Protocol | Service | Description | Category | Security |
|---|---|---|---|---|---|
| 80 | TCP | HTTP | Hypertext Transfer Protocol (unencrypted) | Web | Insecure |
| 443 | TCP | HTTPS | HTTP over TLS/SSL (encrypted) | Web | Safe |
| 8080 | TCP | HTTP Alt | Alternative HTTP port, commonly used for proxies | Web | Caution |
| 8443 | TCP | HTTPS Alt | Alternative HTTPS port | Web | Safe |
| 25 | TCP | SMTP | Simple Mail Transfer Protocol (unencrypted) | Insecure | |
| 465 | TCP | SMTPS | SMTP over SSL (implicit TLS) | Safe | |
| 587 | TCP | SMTP Submission | Mail submission with STARTTLS | Safe | |
| 110 | TCP | POP3 | Post Office Protocol v3 (unencrypted) | Insecure | |
| 995 | TCP | POP3S | POP3 over SSL/TLS | Safe | |
| 143 | TCP | IMAP | Internet Message Access Protocol (unencrypted) | Insecure | |
| 993 | TCP | IMAPS | IMAP over SSL/TLS | Safe | |
| 20 | TCP | FTP Data | FTP data transfer channel | File Transfer | Insecure |
| 21 | TCP | FTP Control | FTP command/control channel (unencrypted) | File Transfer | Insecure |
| 22 | TCP | SFTP/SSH | Secure File Transfer over SSH | File Transfer | Safe |
| 69 | UDP | TFTP | Trivial File Transfer Protocol (no auth) | File Transfer | Insecure |
| 989 | TCP | FTPS Data | FTP data over TLS/SSL | File Transfer | Safe |
| 990 | TCP | FTPS Control | FTP control over TLS/SSL | File Transfer | Safe |
| 22 | TCP | SSH | Secure Shell for encrypted remote login | Remote Access | Safe |
| 23 | TCP | Telnet | Unencrypted remote terminal access | Remote Access | Insecure |
| 3389 | TCP | RDP | Microsoft Remote Desktop Protocol | Remote Access | Caution |
| 5900 | TCP | VNC | Virtual Network Computing remote display | Remote Access | Caution |
| 53 | TCP/UDP | DNS | Domain Name System resolution | DNS & Network | Caution |
| 67 | UDP | DHCP Server | Dynamic Host Configuration Protocol server | DNS & Network | Caution |
| 68 | UDP | DHCP Client | Dynamic Host Configuration Protocol client | DNS & Network | Caution |
| 123 | UDP | NTP | Network Time Protocol synchronization | DNS & Network | Caution |
| 161 | UDP | SNMP | Simple Network Management Protocol | DNS & Network | Caution |
| 162 | UDP | SNMP Trap | SNMP trap notifications | DNS & Network | Caution |
| 853 | TCP | DNS over TLS | Encrypted DNS queries over TLS | DNS & Network | Safe |
| 3306 | TCP | MySQL | MySQL / MariaDB database server | Database | Caution |
| 5432 | TCP | PostgreSQL | PostgreSQL database server | Database | Caution |
| 1433 | TCP | MSSQL | Microsoft SQL Server | Database | Caution |
| 1521 | TCP | Oracle DB | Oracle database listener | Database | Caution |
| 27017 | TCP | MongoDB | MongoDB NoSQL database | Database | Caution |
| 6379 | TCP | Redis | Redis in-memory data store | Database | Caution |
| 9200 | TCP | Elasticsearch | Elasticsearch REST API | Database | Caution |
| 5984 | TCP | CouchDB | Apache CouchDB REST API | Database | Caution |
| 9042 | TCP | Cassandra | Apache Cassandra CQL native transport | Database | Caution |
| 11211 | TCP | Memcached | Memcached distributed caching | Database | Caution |
| 500 | UDP | IKE | Internet Key Exchange for IPSec VPN | Security & VPN | Safe |
| 1194 | TCP/UDP | OpenVPN | OpenVPN tunneling protocol | Security & VPN | Safe |
| 1723 | TCP | PPTP | Point-to-Point Tunneling Protocol (weak encryption) | Security & VPN | Insecure |
| 4500 | UDP | IPSec NAT-T | IPSec NAT traversal | Security & VPN | Safe |
| 51820 | UDP | WireGuard | WireGuard modern VPN protocol | Security & VPN | Safe |
| 5222 | TCP | XMPP Client | XMPP/Jabber client connection | Messaging | Caution |
| 5269 | TCP | XMPP Server | XMPP server-to-server federation | Messaging | Caution |
| 6667 | TCP | IRC | Internet Relay Chat (unencrypted) | Messaging | Insecure |
| 6697 | TCP | IRC TLS | IRC over TLS/SSL | Messaging | Safe |
| 1883 | TCP | MQTT | Message Queuing Telemetry Transport (IoT) | Messaging | Caution |
| 8883 | TCP | MQTT TLS | MQTT over TLS/SSL | Messaging | Safe |
| 5672 | TCP | AMQP | Advanced Message Queuing Protocol (RabbitMQ) | Messaging | Caution |
| 5671 | TCP | AMQP TLS | AMQP over TLS/SSL | Messaging | Safe |
| 3000 | TCP | Dev Server | Common development server (Node.js, React) | Development | Caution |
| 4200 | TCP | Angular CLI | Angular development server default | Development | Caution |
| 5173 | TCP | Vite | Vite development server default | Development | Caution |
| 8000 | TCP | Python/PHP Dev | Common dev port for Python/PHP/Laravel | Development | Caution |
| 9090 | TCP | Prometheus | Prometheus monitoring web UI | Development | Caution |
| 3100 | TCP | Grafana Loki | Grafana Loki log aggregation | Development | Caution |
| 2375 | TCP | Docker (unenc) | Docker daemon API (unencrypted) | Container & Orchestration | Insecure |
| 2376 | TCP | Docker TLS | Docker daemon API over TLS | Container & Orchestration | Safe |
| 6443 | TCP | Kubernetes API | Kubernetes API server (HTTPS) | Container & Orchestration | Safe |
| 10250 | TCP | Kubelet | Kubernetes Kubelet API | Container & Orchestration | Caution |
| 2379 | TCP | etcd Client | etcd key-value store client API | Container & Orchestration | Caution |
| 2380 | TCP | etcd Peer | etcd peer-to-peer communication | Container & Orchestration | Caution |
| 8500 | TCP | Consul | HashiCorp Consul HTTP API | Container & Orchestration | Caution |
| 554 | TCP | RTSP | Real Time Streaming Protocol | Media | Caution |
| 1935 | TCP | RTMP | Real-Time Messaging Protocol (streaming) | Media | Caution |
| 8554 | TCP | RTSP Alt | Alternative RTSP port | Media | Caution |
| 3128 | TCP | Squid Proxy | Squid web proxy cache | Proxy & Load Balancing | Caution |
| 8081 | TCP | HTTP Proxy | Common HTTP proxy alternative port | Proxy & Load Balancing | Caution |
| 9443 | TCP | HTTPS Proxy | Alternative HTTPS proxy port | Proxy & Load Balancing | Safe |
| 514 | UDP | Syslog | System log message transport | Monitoring | Caution |
| 6514 | TCP | Syslog TLS | Syslog over TLS (encrypted) | Monitoring | Safe |
| 9100 | TCP | Node Exporter | Prometheus Node Exporter metrics | Monitoring | Caution |
| 3000 | TCP | Grafana | Grafana dashboards web UI | Monitoring | Caution |
| 5601 | TCP | Kibana | Kibana data visualization for Elasticsearch | Monitoring | Caution |
| 8080 | TCP | Jenkins | Jenkins CI/CD server default | CI/CD | Caution |
| 9000 | TCP | SonarQube | SonarQube code quality analysis | CI/CD | Caution |
| 8200 | TCP | Vault | HashiCorp Vault secrets management | CI/CD | Safe |
| 9092 | TCP | Kafka | Apache Kafka message broker | Message Queues | Caution |
| 4369 | TCP | EPMD | Erlang Port Mapper (RabbitMQ discovery) | Message Queues | Caution |
| 15672 | TCP | RabbitMQ Mgmt | RabbitMQ management web UI | Message Queues | Caution |
| 4222 | TCP | NATS | NATS messaging system | Message Queues | Caution |
Why Use Port Reference Guide?
Understanding network ports is essential for system architects designing secure infrastructure, firewall administrators writing access control rules, and security teams performing penetration tests or incident response.
This interactive reference covers the most commonly used TCP and UDP ports with security ratings and detailed notes. Use it to quickly identify what services run on specific ports, assess their security implications, and make informed decisions about which ports to open or block in your firewall configurations.
Frequently Asked Questions
What is a network port?
A network port is a virtual endpoint for communication. It's a 16-bit number (0-65535) that identifies a specific process or service on a device. When combined with an IP address, a port creates a unique socket for network communication. For example, web servers typically listen on port 443 (HTTPS).
What is the difference between TCP and UDP?
TCP (Transmission Control Protocol) provides reliable, ordered delivery with error checking and flow control. It's used for web browsing, email, and file transfers. UDP (User Datagram Protocol) is faster but unreliable — it doesn't guarantee delivery or order. It's used for DNS queries, video streaming, and gaming.
Which ports should I block in my firewall?
Block all ports that aren't needed for your services. Common ports to block include: 23 (Telnet - unencrypted), 21 (FTP - unencrypted), 135-139 (NetBIOS), 445 (SMB), and 1433/3306 (databases) from external access. Always use the principle of least privilege — only open ports that are absolutely necessary.
What are well-known ports?
Well-known ports (0-1023) are assigned by IANA for common services. Registered ports (1024-49151) are for vendor applications. Dynamic/private ports (49152-65535) are used for temporary connections. On Unix/Linux systems, binding to well-known ports requires root privileges.
How do I check which ports are open on my server?
Use `netstat -tlnp` or `ss -tlnp` on Linux to see listening ports. On Windows, use `netstat -an`. For external scanning, tools like nmap can probe a host's open ports. Always ensure you have authorization before scanning — unauthorized port scanning may violate security policies or laws.