Network
Port Number Reference
A reference list of common TCP/UDP port numbers and what uses them — FTP, SSH, HTTP, HTTPS, MySQL, Redis, and more. Useful for configuring firewall rules and troubleshooting "connection refused" errors, with a live search filter.
| Port | Protocol | TCP/UDP | Range | Used for |
|---|---|---|---|---|
| 20 | FTP (Data) | TCP | Well-known | Used for FTP data transfer (active mode). Increasingly replaced by SFTP and FTPS. |
| 21 | FTP (Control) | TCP | Well-known | Used for the FTP control connection, which carries commands and responses. |
| 22 | SSH | TCP | Well-known | Used for encrypted remote login via SSH, and file transfer via SCP/SFTP. |
| 23 | Telnet | TCP | Well-known | Used for unencrypted remote login via Telnet. SSH is recommended instead due to eavesdropping risk. |
| 25 | SMTP | TCP | Well-known | Used for SMTP mail relay between mail servers. |
| 53 | DNS | TCP/UDP | Well-known | Used for DNS name resolution. Ordinary queries use UDP; zone transfers and large responses use TCP. |
| 67 | DHCP (Server) | UDP | Well-known | Used by a DHCP server to hand out IP addresses to clients. |
| 68 | DHCP (Client) | UDP | Well-known | Used by a DHCP client to request an IP address assignment. |
| 69 | TFTP | UDP | Well-known | Used for unauthenticated, lightweight file transfer via TFTP, commonly for firmware updates on network devices. |
| 80 | HTTP | TCP | Well-known | Used for unencrypted web page delivery via HTTP. |
| 110 | POP3 | TCP | Well-known | Used by mail clients to download email via POP3. |
| 123 | NTP | UDP | Well-known | Used for time synchronization between computers via NTP. |
| 143 | IMAP | TCP | Well-known | Used for managing and syncing mail across multiple devices via IMAP. |
| 161 | SNMP | UDP | Well-known | Used for monitoring and querying network device status via SNMP. |
| 162 | SNMP Trap | UDP | Well-known | Used to receive SNMP traps, unsolicited notifications sent by devices. |
| 194 | IRC | TCP | Well-known | Used for real-time chat via IRC. |
| 389 | LDAP | TCP | Well-known | Used for querying directory services (user and organization data) via LDAP. |
| 443 | HTTPS | TCP | Well-known | Used for secure web page delivery via HTTPS (HTTP over TLS). |
| 445 | SMB | TCP | Well-known | Used for Windows file and printer sharing via SMB. |
| 465 | SMTPS | TCP | Well-known | Used for encrypted mail submission via SMTPS (SMTP over TLS). |
| 587 | SMTP Submission | TCP | Well-known | The standard port mail clients use to submit outgoing mail to a mail server. |
| 636 | LDAPS | TCP | Well-known | Used for encrypted directory service communication via LDAPS (LDAP over TLS). |
| 993 | IMAPS | TCP | Well-known | Used for encrypted mail sync via IMAPS (IMAP over TLS). |
| 995 | POP3S | TCP | Well-known | Used for encrypted mail retrieval via POP3S (POP3 over TLS). |
| 1433 | MSSQL | TCP | Registered | Used for Microsoft SQL Server database connections. |
| 3306 | MySQL | TCP | Registered | Used for MySQL/MariaDB database connections. |
| 3389 | RDP | TCP | Registered | Used for Windows Remote Desktop connections via RDP. |
| 5432 | PostgreSQL | TCP | Registered | Used for PostgreSQL database connections. |
| 5900 | VNC | TCP | Registered | Used for remote desktop screen sharing via VNC. |
| 6379 | Redis | TCP | Registered | Used for connections to the Redis in-memory data store. |
| 8080 | HTTP (Alt) | TCP | Registered | A common alternate HTTP port, often used by proxy servers and development web servers. |
| 8443 | HTTPS (Alt) | TCP | Registered | A common alternate HTTPS port, often used by application servers such as Tomcat. |
| 9200 | Elasticsearch | TCP | Registered | Used for connections to the Elasticsearch REST API. |
| 27017 | MongoDB | TCP | Registered | Used for MongoDB database connections. |
Tips
- When writing firewall rules, open only the ports you actually need and default-deny everything else — the security fundamentals haven't changed in decades.
- If you see "connection refused," first check whether the service is actually listening on that port with tools like
netstat -anorss -tlnp. - Well-known ports (0–1023) like 80 and 443 usually require administrator privileges to bind on most operating systems, which is why non-privileged apps often use alternates like 8080.
- The same service often uses a different port for its plaintext and encrypted variants (e.g. 80/HTTP vs 443/HTTPS, 21/FTP vs 990/FTPS) — don't mix them up.
- The port numbers in this reference apply directly to security group rules in cloud environments like AWS, GCP, and Azure.
Frequently Asked Questions
iptables, ufw, a cloud security group, etc.) is blocking traffic to that port.
Side Note — Why do port numbers only go up to 65535?
Port numbers are limited to the 0–65535 range because the port number field in the TCP/UDP header is defined as 16 bits (2 bytes). Two to the power of 16 is 65536, so excluding port 0, the usable range is 1 through 65535. This design was fixed when TCP/IP was standardized in the early 1980s and has never changed since.
IANA (the Internet Assigned Numbers Authority) divides all ports into three ranges. Ports 0–1023, the "well-known ports," are reserved for widely used services like HTTP and SSH. Ports 1024–49151, the "registered ports," can be requested and registered by companies or projects. Ports 49152–65535 are "dynamic/private ports," freely used by clients as temporary source ports.
Even famous ports like 80 (HTTP) and 443 (HTTPS) weren't assigned their current purpose from the start. Port 443 was allocated for HTTPS in 1994, when Netscape requested it from IANA while developing SSL (Secure Sockets Layer).
To reduce the risk of port-scanning attacks, some production servers change the default SSH port (22) away from its standard value, a technique sometimes called "port knocking." This is security through obscurity, though, and is never a substitute for fundamentals like strong authentication and keeping software patched.