Valid XHTML 1.0!


 

Nowadays networking is one of the most important parts of the IT business. Either way, if you have/want to block ports with a firewall/masquarading/tunneling, want to check for runnings daemons(/services) or something else, you may want a more comprehensive overview about these with some hints and remarks about the essential ports largely used, together with a statement, which protocol (TCP/IP or UDP) is used exclusively or mainly, than official RFC documents or modern /etc/services files on UNIX systems offer. Therefore I hope to provide you with some useful informations below.

Some general hints for the less experienced in these topics: the port numbers below 1024 are privileged ones, what means, that a server process (UNIX daemon) can be run only by the root user on it. A bunch of services is managed by the portmapper (rpc service) and the inetd, which launches other special daemons listed below, when requested on the corresponding port. And finally, you can easily discriminate between TCP/IP and UDP with the telnet client: typing telnet IPaddress (or hostname, if resolvable) port-number gives you usually a connect response, when there is a service available via TCP/IP, while not when it runs via UDP/IP, and this is also a possibility, to check for certain ports and therefore services on the given host.

 

port / protocolservice namecommon UNIX daemon(s)additional remarks
20/tcp and 21/tcpftp (file transfer protocol) data and login controlin.ftpd,wu.ftpd,proftpd; launched by inetdobsolete:insecure, because unencrypted and difficult to harden service, please use sshd and scp or sftp instead (see below)
22/tcpssh (Secure SHell)sshdsecure, because fully encrypted remote login (ssh) and copy (scp and sftp) service, please use exclusively this full substitute instead of the obsolete ftp, telnet, rlogin, rsh, rcp and so on!
23/tcptelnet (remote login)in.telnetd, launched by inetdobsolete: unencrypted login, use sshd and ssh instead, see above
25/tcpsmtp (simple mail transfer protocol)sendmail, postfix, qmail, etc.standard mail protocol since 30 years, only way to communicate world wide with messages without http measures, for your privacy you need to encrypt mails preferably with the free PGP (pretty good privacy)
53/udp and 53/tcpDNS (domain name system)bind (Berkeley Internet Name Domain)the name service of the Internet, used by http, smtp and all others to resolve symbolic names into the IP layer addresses, name resolution is done via udp, zone transfers between several name servers via tcp
80/tcphttp (Hyper Text Transfer Protocol) = www (World Wide Web)httpd (= apache, A PAtCHy [web] sErver)the Internet/web service, unencrypted port (see below, 443, for encrypted counterpart) for standard data transfer from web servers to user agents (browsers, robots, download tools)
88/tcpkerberoskrshdhigh security special purpose protocol with ticket system and so on
110/tcppop3 (Post Office Protocol version 3)popper, launched by inetdpost retrieval service of storing mail servers with encryption possibilities
111/udp(sun)rpc (remote procedure call)rpc.statd, rpc.rusersd,rpc.walldinsecure remote calls of special information services
119/tcpnntp (Network News Transfer Protocol)leafnodethe internet news server query service
123/udpntp (Network Time Protocol)(x)ntpdmodern world wide time service for synchronisation with nuclear clock driven time standard
137/udpnetbios-ns (NETBIOS Name Service)nmbdspecial name service for a still too widespread proprietary OS and its SMB (Server Message Block) system, needed in union with the following service
139/tcpnetbios-ssn (NETBIOS Session Service Network)smbd (Samba daemon)special session service for that proprietary OS and its SMB (Server Message Block) system, works together with immediately above service
143/tcpimap2 (Internet Message Access Protocol version 2)imapd (Interactive Mail Access Protocol Daemon), launched by inetdrather insecure and therefore only locally suitable mail retrieval service, for non-local purposes prefer pop3 (see above)
161/tcpsnmp (Simple Network Management Protocol)snmpdbase of communication between very different technical units (not only computers), they have to share the network capability and these protocol rules only: CAUTION: very insecure (no limiting of allowed requesting IP addresses possible)
194/tcpirc (Internet Relay Chat)ircdthe Internet chat service
220/tcpimap3 (Interactive Mail Access Protocol version 3)imapdmodern mail retrieval service, successor of imap2 (see above), but still pop3 may the better alternative (see above too)
389/tcpldap (Lightweight Directory Access Protocol)ldapdnetwork distributed, domain organized directory service, connection part, see also immediately below
389/udpldap (Lightweight Directory Access Protocol)slapd (Standalone Lightweight Access Protocol Daemonnetwork distributed, domain organized directory service, listener/contoller part, see also immediately above
443/tcphttps (HyperText Transfer Protocol Secure)httpd (= apache)encrypted (via TLS/SSL) counterpart to above http/80 entry, the only acceptable way, to do online credit card transactions
514/udpsystem log listenersyslogdalways active to log other hosts informations, because otherwise the daemon won't start
515/tcpprint spoolerlpd (Line Printer Daemon)network printer queue
554/tcprtsp (Real Time Stream Protocol)rsvpd (Resource reSerVations Protocol Daemon)used by Real Media for video and audio streaming
631/tcpipp (Internet Printing Protocol)cupsd --- CUPS (Common Unix Printing System) Daemonunencrypted port for (local) printer access via browser and CUPS client
744/udpflexlm (FLEXible License Manager)lmgrd (License ManaGeR Daemon)network bound license evaluation system
901/tcpswat (Samba Web Administration Tool)swat, launched by inetdbrowser/web bound Samba administration (see above, 137/nmbd and 139/smbd), use with care: it's not encrypted without additional measures
993/tcpimaps (Interactive Mail Access Protocol Secure version 4)imapd, launched by inetdTLS/SSL encrypted mail retrieval system (see also imap above)
994/tcpircs (Internet Relay Chat Secure)ircdthe Internet chat system TLS/SSL encrypted, see also irc above
995/tcppop3s (Post Office Protocol Secure version 3)popper, launched by inetdTLS/SSL encrypted mail retrieval system (see also pop3 above)
2049/tcpNFS (Network File System by Sun)nfsd, rpc.nfsd, needs (sun)rpc and portmap toonetwork sharing of filesystems, only suitable for local networks
2049/udpNFS (Network File System by Sun)rpc.mountd needs (sun)rpc and portmap toonetwork sharing of filesystems, only suitable for local networks
2401/tcpcvspserver (Concurrent Version System Password server)cvs, launched by inetd (alternatively by sshd, see above)RCS (revision control system) based network version control, suitable even for Internet cooperation, but than usage via ssh (see above) is recommended, because this pserver protocol does only a not really secure scrambling of passwords (only suitable for anonymous checkout otherwise)
6000/tcp (--6063/tcp)x11X (X window system server)standard GUI base server of the X/Open Group, the ports above 6000 up to 6063 are addressed via display (variable: upper case) setting to 1, 2 and so on, instead of 0, for the ports 6001, 6002 and so on instead of 6000 (display number part 1 = port offset)
8080/tcphttp-alt (alternative http)httpd (= apache)see http above: usually privately=non-public used http port

 

to UNIX alliance  to computers/LINUX

remarks, questions, additions etc. to: stefan.urbat@apastron.lb.shuttle.de

(URL:  http://www.lb.shuttle.de/apastron/ports.htm)