Each socket that a program uses to communicate over the network has a protocol type, usually TCP or UDP, and a port number to identify it to other processes on the local and remote systems. Port numbers range from 0 to 65535 and typically are stored in two-byte unsigned integers in host order and transmitted in network order.
Each protocol has its own set of 65536 port numbers. However, an organization usually registers both the TCP and UDP protocol for a port number. This accounts for many named services showing as having both a TCP and a UDP port but using only one of them.
There are three ranges of port numbers, shown in Table C.1.
Well-known ports (0 1023) are assigned by the IANA (Internet Assigned Numbers Authority). On Linux (and UNIX) systems, only a process running as root may open one of these ports and listen on it. This security provision is so that if a particular server crashes or is not running, a rogue ordinary user cannot listen on the port and learn the secrets of the universe. Some services, such as rshd, trust that the root process on the remote system that is requesting local service is not malevolent.
Anyone may request that an unused port number be assigned to them and receive it if that entity can justify its use. One of these port numbers was assigned at the request of Larry Gee and this author. IANA may be reached at
Table C.2. Well-Known Port Numbers
Keyword | Port | Description |
---|
| 0/tcp | Reserved |
| 0/udp | Reserved |
tcpmux | 1/tcp | TCP Port Service Multiplexer |
tcpmux | 1/udp | TCP Port Service Multiplexer |
rje | 5/tcp | Remote Job Entry (unused) |
rje | 5/udp | Remote Job Entry (unused) |
echo | 7/tcp | Echo |
echo | 7/udp | Echo |
discard | 9/tcp | Discard |
discard | 9/udp | Discard |
systat | 11/tcp | Active Users |
systat | 11/udp | Active Users |
daytime | 13/tcp | Daytime (RFC 867[*]) |
daytime | 13/udp | Daytime (RFC 867) |
qotd | 17/tcp | Quote of the Day |
qotd | 17/udp | Quote of the Day |
chargen | 19/tcp | Character Generator |
chargen | 19/udp | Character Generator |
ftp-data | 20/tcp | File Transfer [Default Data] |
ftp-data | 20/udp | File Transfer [Default Data] |
ftp | 21/tcp | File Transfer [Control] |
ftp | 21/udp | File Transfer [Control] |
ssh | 22/tcp | SSH Remote Login Protocol |
ssh | 22/udp | pcAnywhere (unofficial) |
telnet | 23/tcp | Telnet |
telnet | 23/udp | Telnet |
smtp | 25/tcp | Simple Mail Transfer Protocol [Sendmail] |
smtp | 25/udp | Simple Mail Transfer Protocol [Sendmail] |
time | 37/tcp | Time |
time | 37/udp | Time |
name | 42/tcp | Host Name Server (not DNS) |
name | 42/udp | Host Name Serve (not DNS) |
nameserver | 42/tcp | Host Name Serve (not DNS) |
nameserver | 42/udp | Host Name Serve (not DNS) |
nicname | 43/tcp | Who Is |
nicname | 43/udp | Who Is |
domain | 53/tcp | Domain Name Server (DNS/named) |
domain | 53/udp | Domain Name Server (DNS/named) |
whois++ | 63/tcp | whois++ |
whois++ | 63/udp | whois++ |
sql*net | 66/tcp | Oracle SQL*NET |
sql*net | 66/udp | Oracle SQL*NET |
bootps | 67/tcp | Bootstrap Protocol Server |
bootps | 67/udp | Bootstrap Protocol Server |
bootpc | 68/tcp | Bootstrap Protocol Client |
bootpc | 68/udp | Bootstrap Protocol Client |
tftp | 69/tcp | Trivial File Transfer Protocol |
tftp | 69/udp | Trivial File Transfer Protocol |
gopher | 70/tcp | Gopher |
gopher | 70/udp | Gopher |
finger | 79/tcp | Finger |
finger | 79/udp | Finger |
http | 80/tcp | World Wide Web HTTP |
http | 80/udp | World Wide Web HTTP (not used) |
www | 80/tcp | World Wide Web HTTP |
www | 80/udp | World Wide Web HTTP (not used) |
www-http | 80/tcp | World Wide Web HTTP |
www-http | 80/udp | World Wide Web HTTP |
kerberos | 88/tcp | Kerberos |
kerberos | 88/udp | Kerberos |
hostname | 101/tcp | NIC Host Name Server |
hostname | 101/udp | NIC Host Name Server |
pop2 | 109/tcp | Post Office Protocol - V 2 (rarely used) |
pop2 | 109/udp | Post Office Protocol - V 2 (rarely used) |
pop3 | 110/tcp | Post Office Protocol - V 3 |
pop3 | 110/udp | Post Office Protocol - V 3 |
sunrpc | 111/tcp | SUN Remote Procedure Call [portmap] |
sunrpc | 111/udp | SUN Remote Procedure Call [portmap] |
ident | 113/tcp | |
auth | 113/tcp | Authentication Service |
auth | 113/udp | Authentication Service |
nntp | 119/tcp | Network News Transfer Protocol |
nntp | 119/udp | Network News Transfer Protocol |
ntp | 123/tcp | Network Time Protocol |
ntp | 123/udp | Network Time Protocol |
netbios-ns | 137/tcp | NETBIOS Name Service |
netbios-ns | 137/udp | NETBIOS Name Service |
netbios-dgm | 138/tcp | NETBIOS Datagram Service |
netbios-dgm | 138/udp | NETBIOS Datagram Service |
netbios-ssn | 139/tcp | NETBIOS Session Service |
netbios-ssn | 139/udp | NETBIOS Session Service |
imap | 143/tcp | Internet Message Access Protocol |
imap | 143/udp | Internet Message Access Protocol |
snmp | 161/tcp | Simple Network Management Protocol [SNMP] |
snmp | 161/udp | Simple Network Management Protocol [SNMP] |
irc | 194/tcp | Internet Relay Chat Protocol |
irc | 194/udp | Internet Relay Chat Protocol |
at-rtmp | 201/tcp | AppleTalk Routing Maintenance |
at-rtmp | 201/udp | AppleTalk Routing Maintenance |
at-nbp | 202/tcp | AppleTalk Name Binding |
at-nbp | 202/udp | AppleTalk Name Binding |
at-echo | 204/tcp | AppleTalk Echo |
at-echo | 204/udp | AppleTalk Echo |
at-zis | 206/tcp | AppleTalk Zone Information |
at-zis | 206/udp | AppleTalk Zone Information |
ipx | 213/tcp | IPX [Novell] |
ipx | 213/udp | IPX [Novell] |
imap3 | 220/tcp | Interactive Mail Access Protocol v3 |
imap3 | 220/udp | Interactive Mail Access Protocol v3 |
dtk | 365/tcp | DTK (Deception Tool Kit) |
dtk | 365/udp | DTK (Deception Tool Kit) |
https | 443/tcp | http protocol over TLS/SSL |
https | 443/udp | http protocol over TLS/SSL |
comsat | 512/udp | |
biff | 512/udp | mail system: to notify users |
login | 513/tcp | remote login à la telnet |
who | 513/udp | who's logged in |
shell | 514/tcp | exec, with authentication |
syslog | 514/udp | |
printer | 515/tcp | spooler [lpd] |
printer | 515/udp | spooler [lpd] |
talk | 517/tcp | Talk |
talk | 517/udp | Talk |
ntalk | 518/tcp | New Talk |
ntalk | 518/udp | New Talk |
utime | 519/tcp | unixtime |
utime | 519/udp | unixtime |
router | 520/udp | local routing process (RIP) |
ncp | 524/tcp | NCP |
ncp | 524/udp | NCP |
timed | 525/tcp | timeserver |
timed | 525/udp | timeserver |
netnews | 532/tcp | readnews |
netnews | 532/udp | readnews |
netwall | 533/tcp | for emergency broadcasts |
netwall | 533/udp | for emergency broadcasts |
uucp | 540/tcp | uucpd |
uucp | 540/udp | uucpd |
uucp-rlogin | 541/tcp | uucp-rlogin |
uucp-rlogin | 541/udp | uucp-rlogin |
klogin | 543/tcp | Kerberos rlogin |
klogin | 543/udp | Kerberos rlogin |
kshell | 544/tcp | krcmd [Kerberos rsh] |
kshell | 544/udp | krcmd [Kerberos rsh] |
new-rwho | 550/tcp | new-who |
new-rwho | 550/udp | new-who |
snews | 563/tcp | NNTP over SSL |
9pfs | 564/tcp | plan 9 file service [Bell Labs] |
9pfs | 564/udp | plan 9 file service [Bell Labs] |
whoami | 565/tcp | whoami |
whoami | 565/udp | whoami |
nmap | 689/tcp | nmap |
nmap | 689/udp | nmap |
flexlm | 744/tcp | Flexible License Manager |
flexlm | 744/udp | Flexible License Manager |
kerberos-adm | 749/tcp | kerberos admin. |
kerberos-adm | 749/udp | kerberos admin. |
kerberos-iv | 750/udp | kerberos version iv |
nas | 991/tcp | Netnews Administration System |
nas | 991/udp | Netnews Administration System |
telnets | 992/tcp | telnet protocol over TLS/SSL |
telnets | 992/udp | telnet protocol over TLS/SSL |
imaps | 993/tcp | imap4 protocol over TLS/SSL |
imaps | 993/udp | imap4 protocol over TLS/SSL |
ircs | 994/tcp | irc protocol over TLS/SSL |
ircs | 994/udp | irc protocol over TLS/SSL |
pop3s | 995/tcp | pop3 protocol over TLS/SSL |
pop3s | 995/udp | pop3 protocol over TLS/SSL |