List of Common Well Known Ports

Here is the list of common well known ports used in various Operating Systems. Some Services may listen to the applications at different ports, for example We can modify the DNS and Apache configuration files to let them listen on different custom port rather than their default port.

20 – FTP Data (For transferring FTP data)
21 – FTP Control (For starting FTP connection)
22 – SSH(For secure remote administration which uses SSL to encrypt the transmission)
23 – Telnet (For insecure remote administration
25 – SMTP(Mail Transfer Agent for e-mail server such as SEND mail)
53 – DNS(Special service which uses both TCP and UDP)

67 – Bootp
68 – DHCP
69 – TFTP(Trivial file transfer protocol uses udp protocol for connection less transmission of data)
80 – HTTP/WWW(apache)
88 – Kerberos
110 – POP3(Mail delivery Agent)

123 – NTP(Network time protocol used for time syncing uses UDP protocol)
137 – NetBIOS(nmbd)
139 – SMB-Samba(smbd)
143 – IMAP
161 – SNMP(For network monitoring)
389 – LDAP(For centralized administration)
443 – HTTPS(HTTP+SSL for secure web access)
514 – Syslogd(udp port)
636 – ldaps(both tcp and udp)
873 – rsync
989 – FTPS-data
990 – FTPS
993 – IMAPS
1194 – openVPN
1812 – RADIUS
995 – POP3s
2049 – NFS(nfsd, rpc.nfsd, rpc, portmap)
2401 – CVS server
3306 – MySql
3690 – SVN

There are total 65536 Ports and the limitation is because of the TCP/IP Stack having only 16 Bit. Some higher Level Ports such as higher than 10,000 might be used as the Custom Designated Ports for some Services, since not many programs listen on these Port Numbers.

How to See Which Ports are being Used?

If you want to know what ports are open on the system or what programs are listening on what Sockets, there are various tools to help you out. Mainly used tools are nmap and netstat. These two powerful tools can pretty much give you everything you need to know about ports in your system.

Netstat is a program which can print the routing table and interface statistics etc. However, when passed few flags with this command, it can also give you an idea which programs are listening on what ports and on what State ( Established, Closed, Listen). An output looks something as below:

ubuntu-server:~$ sudo netstat -atp
[sudo] password for user:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:46934 *:* LISTEN 3421/(wsgi:maas)
tcp 0 0 localhost:3350 *:* LISTEN 3314/xrdp-sesman
tcp 0 0 *:ssh *:* LISTEN 1276/sshd
tcp 0 0 localhost:ipp *:* LISTEN 25852/cupsd
tcp 0 0 *:3128 *:* LISTEN 3122/squid3
tcp 0 0 localhost:postgresql *:* LISTEN 2116/postgres
tcp 0 0 localhost:953 *:* LISTEN 1536/named
tcp 0 0 *:53530 *:* LISTEN 3211/rpc.mountd
tcp 0 0 localhost:954 *:* LISTEN 1536/named
tcp 0 0 *:iscsi-target *:* LISTEN 1388/tgtd
tcp 0 0 *:3389 *:* LISTEN 3312/xrdp
tcp 0 0 *:microsoft-ds *:* LISTEN 840/smbd
tcp 0 0 *:44894 *:* LISTEN 3211/rpc.mountd
tcp 0 0 *:53120 *:* LISTEN 3420/(wsgi:maas)
tcp 0 0 *:nfs *:* LISTEN -

Similarly, nmap, also known as Network Mapper, can list the open ports on a Local or Remote System. There are numerous flags to be used in conjunction with nmap and more information can be read on the Nmap Official Website. Running this command as a root user will be the best idea as the results will be more productive.

A sample output of the Command (when scanned for TCP Ports) looks like this:

user@ubuntu-server:~$ sudo nmap -sT localhost
Starting Nmap 6.40 ( ) at 2015-06-04 23:07
Nmap scan report for localhost (
Host is up (0.00042s latency).
Not shown: 981 closed ports
22/tcp open ssh
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
631/tcp open ipp
902/tcp open iss-realsecure

Flag -sT forces the utility to scan only the opened TCP ports on a Localhost. Same command can be run for Remote Hosts as well. I hope this post help you. Please feel free to comment in the section below. Thanks for reading it.


Share your thoughts