Top 30 Common Ports Every IT Professional Should Know
Understanding network ports is essential for troubleshooting, securing systems, and managing network infrastructure. Here's everything you need to know.
March 24, 2026
What Are Network Ports?
Think of an IP address like a building's street address and a port number like an apartment number within that building. Ports allow multiple services to run on a single device simultaneously. Port numbers range from 0 to 65535 and are divided into three categories:
- Well-Known Ports (0-1023): Reserved for system services and common protocols
- Registered Ports (1024-49151): Assigned to specific applications by IANA
- Dynamic/Private Ports (49152-65535): Used for temporary client connections
Advertisement
Web Service Ports
Port 80 - HTTP
Unencrypted web traffic. When you visit a website without HTTPS, your browser connects on port 80. Data travels in plain text, making it vulnerable to eavesdropping.
Use case: Legacy websites, internal tools, redirecting to HTTPS
Security risk: Credentials and sensitive data exposed to interception
Port 443 - HTTPS
Encrypted web traffic using SSL/TLS. The modern standard for all websites handling user data. Your browser performs a TLS handshake to establish a secure, encrypted connection.
Use case: Banking, e-commerce, social media, email services
Security: End-to-end encryption prevents eavesdropping and tampering
Port 8080 - HTTP Alternate
Alternative web server port, commonly used for development servers and proxy services. Used when port 80 is already occupied or when you need administrator privileges.
Use case: Development servers (Node.js, Flask), Apache Tomcat, proxy servers
Email Service Ports
Port 25 - SMTP
Mail servers use this to send emails to other mail servers. Originally designed without authentication, many ISPs now block it due to spam abuse.
Use case: Server-to-server email relay
Issue: Commonly blocked by ISPs, use port 587 for client submissions
Port 587 - SMTP Submission
Used by email clients (Outlook, Thunderbird) to submit outgoing mail. Requires authentication and typically uses STARTTLS encryption.
Use case: Sending emails from Gmail, Outlook, business email
Security: Requires authentication, supports encryption
Port 110 - POP3
Downloads emails from server to your device and typically deletes them from the server. An older protocol with synchronization limitations across multiple devices.
Downside: No sync between devices, loses emails if device crashes
Port 143/993 - IMAP/IMAPS
Modern email protocol that keeps emails on the server and syncs across all devices. Port 993 adds SSL/TLS encryption (always use this).
Use case: Gmail, Outlook, modern email clients
Advantage: Changes on one device appear everywhere instantly
File Transfer Ports
Port 21 - FTP
File Transfer Protocol transmits usernames, passwords, and file contents in plain text. Major security flaw—never use FTP for sensitive data.
Critical flaw: Credentials easily captured with Wireshark
Modern alternative: Use SFTP (port 22) or FTPS instead
Port 22 - SSH/SFTP
Secure Shell provides encrypted remote access and secure file transfer. Everything sent through SSH is encrypted with strong cryptography.
Use case: Managing Linux servers, secure file transfer (SFTP), Git operations
Authentication: Passwords or (better) SSH key pairs
Port 445 - SMB
Windows file sharing protocol. Allows network drives, printer sharing, and domain authentication. SMBv1 has critical vulnerabilities (WannaCry ransomware exploited it).
Major risk: WannaCry (2017) infected 200,000+ computers via SMBv1
Action required: Disable SMBv1 immediately, use SMBv3
Advertisement
Remote Access Ports
Port 3389 - RDP
Remote Desktop Protocol allows full graphical remote access to Windows machines. Commonly targeted by attackers for brute-force attacks.
Security: Never expose to internet directly—use VPN or change default port
Port 5900 - VNC
Virtual Network Computing provides cross-platform remote desktop access. Less secure than RDP—always use over VPN.
Use case: Remote support for Linux/Mac/Windows systems
Port 23 - Telnet
Unencrypted remote terminal access. Obsolete and dangerous—replaced entirely by SSH.
Warning: Sends passwords in plain text. Never use Telnet.
Database Ports
Database ports should never be exposed to the internet. Bind them to localhost or restrict access by IP.
- Port 3306 - MySQL/MariaDB: Most common database for web apps
- Port 5432 - PostgreSQL: Enterprise-grade relational database
- Port 1433 - MS SQL Server: Microsoft's database for .NET apps
- Port 27017 - MongoDB: NoSQL database for JSON documents
- Port 6379 - Redis: In-memory cache and message broker
Security best practice: Configure authentication and use firewall rules to restrict access.
DNS and Network Services
Port 53 - DNS
Domain Name System translates human-readable domain names (google.com) into IP addresses (142.250.185.46). Without DNS, you'd have to memorize IP addresses for every website.
Protocol: UDP for queries, TCP for zone transfers
Port 67/68 - DHCP
Dynamic Host Configuration Protocol automatically assigns IP addresses to devices on a network. Your router is typically the DHCP server.
Ports: 67 (server), 68 (client)
Port 123 - NTP
Network Time Protocol synchronizes computer clocks. Critical for security certificates, logging, and time-sensitive applications.
Port 161/162 - SNMP
Simple Network Management Protocol monitors and manages network devices (routers, switches, servers).
Ports: 161 (queries), 162 (traps/alerts)
Quick Reference Table
| Port | Protocol | Service | Security |
|---|---|---|---|
| 80 | TCP | HTTP | Unencrypted |
| 443 | TCP | HTTPS | Encrypted |
| 22 | TCP | SSH | Encrypted |
| 21 | TCP | FTP | Unencrypted |
| 25 | TCP | SMTP | Varies |
| 587 | TCP | SMTP (Submission) | Encrypted |
| 53 | UDP/TCP | DNS | Varies |
| 110 | TCP | POP3 | Unencrypted |
| 143 | TCP | IMAP | Unencrypted |
| 993 | TCP | IMAPS | Encrypted |
| 3306 | TCP | MySQL | Configure |
| 5432 | TCP | PostgreSQL | Configure |
| 1433 | TCP | MS SQL | Configure |
| 3389 | TCP | RDP | Use VPN |
| 445 | TCP | SMB | High Risk |
| 23 | TCP | Telnet | Never Use |
Security Best Practices
1. Close Unnecessary Ports
Every open port is a potential attack surface. Only open ports you actively need. Scan your systems regularly with nmap to identify open ports.
2. Use Firewalls
Configure firewalls to block unwanted incoming connections. Allow only specific IPs when possible. Default-deny is the best policy.
3. Never Use Outdated Protocols
Avoid Telnet (23), FTP (21), and unencrypted SMTP (25). Use SSH, SFTP, and TLS instead. Many organizations ban these protocols entirely.
4. Monitor Network Traffic
Use intrusion detection systems to identify unusual port activity. Log all connection attempts and review them regularly.
5. Use VPNs for Remote Access
Don't expose RDP (3389), databases, or management interfaces directly to the internet. Always tunnel through a VPN.
How to Check Open Ports on Your System
Windows:
Linux:
# or
netstat -tulpn
Scan from external network (using nmap):
Want to practice? Try our interactive netstat simulator to see what open ports look like in real scenarios.