Common Network Port Reference
Search by port number, protocol, service name, or description — or filter by category.
| Port | Protocol | Service | Description |
|---|
Understanding Network Port Numbers
Every network connection relies on port numbers to route traffic to the correct application. At the transport layer of the TCP/IP model, TCP and UDP use 16-bit port numbers from 0 to 65,535. Those numbers distinguish between services running on the same host. Your browser sends web requests to port 80 (HTTP) or port 443 (HTTPS) on the remote server. The operating system assigns a temporary source port on your machine for the reply. Modern browsers also speak HTTP/3 over QUIC, which runs on UDP 443 rather than TCP. For a detailed walkthrough of each well-known port, read our companion article on common network ports explained.
Port numbers are divided into three well-defined ranges. Well-known ports (0–1023) cover core protocols. SSH runs on port 22, DNS on port 53, and SMTP on port 25. IANA manages these assignments, and they are consistent across virtually all operating systems. Registered ports (1024–49151) belong to specific applications and database services. MySQL on 3306, RDP on 3389, and PostgreSQL on 5432 are examples you meet in day-to-day administration. Dynamic or ephemeral ports (49152–65535) are assigned on the fly for short-lived client-side connections. One stale note worth correcting: port 465 is no longer deprecated. RFC 8314 (2018) re-registered it as the “submissions” port for SMTP over implicit TLS. It is now the recommended way for mail clients to submit email.
Knowing common port numbers supports several practical tasks. When configuring
firewall rules, you specify which TCP and UDP ports
to allow or block. Legitimate traffic passes while unnecessary services stay closed.
During security auditing, an open port scan reveals which services face the network.
That helps you find exposures before an attacker does. Rows flagged
exposure risk in the table mark services that internet scanners probe
constantly. Telnet, SMB, RDP, VNC, and unauthenticated database ports lead that list.
Keep them off the public internet — bind them to localhost or place them behind a VPN.
When troubleshooting connectivity,
the port number lets you test with telnet, nc, or
Test-NetConnection. That isolates whether the problem is a blocked port, a
stopped service, or a DNS resolution failure.
Use the list above as a quick reference for firewall configuration, network diagnostics, or security reviews. The search field filters the full table in real time, and the category chips narrow it to one service family. Checking email ports? Our SPF, DKIM & DMARC checker validates the records behind ports 25, 465, and 587. For TLS on 443, run the SSL certificate checker. Port 43 traffic means WHOIS — try the WHOIS lookup tool.
Frequently Asked Questions
What is the difference between TCP and UDP ports?
TCP ports carry connection-oriented traffic with delivery guarantees, used by web, email, and database services. UDP ports carry connectionless traffic with no delivery guarantee, used by DNS, DHCP, VoIP, and streaming. The same port number can exist on both: port 53 serves DNS over both TCP and UDP.
Which ports should never be exposed to the internet?
Telnet (23), SMB (445), RDP (3389), and VNC (5900) are constantly scanned and attacked. So are database ports like 3306, 5432, 6379, 9200, and 27017. Bind databases to localhost, and reach remote-access services through a VPN or identity-aware proxy instead of opening them publicly.
What are the three port number ranges?
Well-known ports run 0 through 1023 and are reserved by IANA for core protocols like SSH and DNS. Registered ports run 1024 through 49151 and belong to specific applications. Dynamic or ephemeral ports run 49152 through 65535 and are assigned on the fly for client-side connections.
Related Tools & Resources
Check out our other free networking tools. Find your public IP address, run a DNS record lookup, or perform a reverse DNS lookup. You can also calculate subnet details or convert addresses with the IP Binary Converter. Identify hardware via the MAC Address Lookup.