Network Ports Explained: A Guide to Common Ports

What Are Network Ports?

A network port is a virtual endpoint that allows a computer to distinguish between different types of network traffic. While an IP address identifies a specific device on a network, a port number identifies a specific application or service on that device. Think of the IP address as the street address of a building, and the port number as the apartment number within that building.

Port numbers range from 0 to 65535 and are divided into three ranges. Ports 0 through 1023 are well-known ports assigned to common services by the Internet Assigned Numbers Authority (IANA). Ports 1024 through 49151 are registered ports that software vendors can reserve for their applications. Ports 49152 through 65535 are dynamic or ephemeral ports used temporarily by client applications for outgoing connections.

TCP vs UDP Ports

Ports operate within two main transport protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). TCP ports provide reliable, ordered delivery of data with error checking and flow control. When you load a web page, your browser establishes a TCP connection to the server's port 443, and TCP ensures every piece of data arrives intact and in order.

UDP ports provide faster but less reliable communication without the overhead of connection establishment and acknowledgment. This makes UDP ideal for applications where speed matters more than perfect delivery, such as video streaming, online gaming, and DNS queries. A service can listen on the same port number for both TCP and UDP independently, and some services use both protocols for different functions.

Well-Known Ports You Should Recognize

Several port numbers appear so frequently in networking that knowing them by heart is practically a requirement:

  • Port 80 (HTTP) and Port 443 (HTTPS) handle web traffic, with 443 being the encrypted standard
  • Port 22 (SSH) provides secure remote shell access and file transfer
  • Port 21 (FTP) handles file transfers, though SFTP over port 22 is now preferred
  • Port 25 (SMTP) sends email between mail servers, with 587 used for authenticated submission
  • Port 53 (DNS) handles domain name resolution over both TCP and UDP
  • Port 3306 (MySQL) and Port 5432 (PostgreSQL) are common database ports
  • Port 3389 (RDP) provides Windows Remote Desktop access

Knowing these ports helps with network troubleshooting, firewall configuration, and understanding what services are running on a system. When you see traffic on port 443, you immediately know it is encrypted web traffic. When port 22 is open, you know SSH access is available.

Firewalls and Port Filtering

Firewalls control which ports are accessible from the outside world and which outbound connections are permitted. A properly configured firewall blocks all unnecessary ports and only allows traffic on ports that correspond to services you intentionally want to expose. This principle of least privilege is fundamental to network security.

For a typical web server, you would open ports 80 and 443 for web traffic, port 22 for SSH management, and close everything else. For a home network, your router's firewall typically blocks all inbound connections by default and only allows responses to connections your devices initiated. Port forwarding rules create exceptions to this default by directing inbound traffic on a specific port to a specific device on your local network.

Port Scanning and Security

Port scanning is the process of probing a system to discover which ports are open and what services are running. Network administrators use port scanning as a diagnostic and security auditing tool to verify that only intended services are exposed. Attackers also use port scanning as a reconnaissance technique to find potential entry points.

An open port is not inherently dangerous, but every open port represents a potential attack surface. If the service listening on that port has vulnerabilities, an attacker could exploit them. This is why keeping software up to date, changing default ports for sensitive services, and using strong authentication are essential security practices. Regular port audits help ensure no unexpected services have been exposed.

Checking Your Own Ports

Understanding which ports are open on your systems is an important part of maintaining security. On your local machine, commands like "netstat" or "ss" show active connections and listening ports. For checking how your server appears from the internet, external port checking tools send a connection attempt from outside your network and report whether the port responds.

If you find unexpected open ports, investigate which process is listening on them. It could be a legitimate service you forgot about, an automatic update mechanism, or in rare cases, unauthorized software. A port checker that probes from outside your network shows you exactly what the rest of the internet can see, which is the perspective that matters most for security.

Related Articles

IP Address Formats: Binary, Decimal, and Hex Subnetting Explained: CIDR and Network Masks What Is an IP Address? Public vs Private