Reference tool
Network Port Reference
Look up common TCP/UDP ports and their services.
Showing 49 of 49 entries
| Port | Protocol | Service | Description | Category |
|---|---|---|---|---|
| 20 | TCP | FTP Data | FTP data transfer channel. | File Transfer |
| 21 | TCP | FTP Control | FTP command/control channel. Use SFTP (22) or FTPS instead. | File Transfer |
| 22 | TCP | SSH / SFTP | Secure Shell remote access and SFTP file transfer. | Remote Access |
| 23 | TCP | Telnet | Unencrypted remote terminal. Deprecated — use SSH. | Remote Access |
| 25 | TCP | SMTP | Server-to-server email delivery (outbound MTA). Often blocked by ISPs. | |
| 110 | TCP | POP3 | Post Office Protocol v3. Downloads mail from server. | |
| 143 | TCP | IMAP | Internet Message Access Protocol. Syncs mail with server. | |
| 465 | TCP | SMTPS | SMTP over TLS/SSL (legacy; use 587). | |
| 587 | TCP | SMTP Submission | Authenticated email submission (STARTTLS). Preferred for clients. | |
| 993 | TCP | IMAPS | IMAP over TLS/SSL. | |
| 995 | TCP | POP3S | POP3 over TLS/SSL. | |
| 80 | TCP | HTTP | Unencrypted web traffic. Redirect all to HTTPS (443). | Web |
| 443 | TCP | HTTPS | HTTP over TLS/SSL. Standard secure web. | Web |
| 8080 | TCP | HTTP Alt | Alternate HTTP port, commonly used by dev/proxy servers. | Web |
| 8443 | TCP | HTTPS Alt | Alternate HTTPS port, used by some web applications. | Web |
| 53 | TCP/UDP | DNS | Domain Name System queries (UDP standard; TCP for large responses). | Network |
| 67 | UDP | DHCP Server | DHCP server listens on this port. | Network |
| 68 | UDP | DHCP Client | DHCP client port. | Network |
| 161 | UDP | SNMP | Simple Network Management Protocol for device monitoring. | Network |
| 162 | UDP | SNMP Trap | SNMP trap receiver. | Network |
| 123 | UDP | NTP | Network Time Protocol — clock synchronization. | Network |
| 3389 | TCP | RDP | Windows Remote Desktop Protocol. Restrict to VPN — never expose publicly. | Remote Access |
| 5900 | TCP | VNC | Virtual Network Computing remote desktop. | Remote Access |
| 1194 | UDP | OpenVPN | OpenVPN default UDP port. | VPN |
| 1723 | TCP | PPTP VPN | Point-to-Point Tunneling Protocol. Deprecated — use WireGuard/IKEv2. | VPN |
| 4500 | UDP | IKEv2 NAT-T | IKEv2 VPN NAT traversal. | VPN |
| 500 | UDP | IKE/IPsec | IPsec Internet Key Exchange. | VPN |
| 51820 | UDP | WireGuard | WireGuard VPN default port (configurable). | VPN |
| 1433 | TCP | MS SQL Server | Microsoft SQL Server. Never expose directly to internet. | Database |
| 1521 | TCP | Oracle DB | Oracle Database listener. | Database |
| 3306 | TCP | MySQL / MariaDB | MySQL and MariaDB default port. | Database |
| 5432 | TCP | PostgreSQL | PostgreSQL default port. | Database |
| 6379 | TCP | Redis | Redis in-memory data store. | Database |
| 27017 | TCP | MongoDB | MongoDB default port. | Database |
| 389 | TCP/UDP | LDAP | Lightweight Directory Access Protocol (unencrypted). | Directory |
| 636 | TCP | LDAPS | LDAP over TLS/SSL. | Directory |
| 88 | TCP/UDP | Kerberos | Kerberos authentication (Active Directory). | Directory |
| 445 | TCP | SMB / CIFS | Windows file sharing. High-value attack target — restrict to LAN. | Directory |
| 135 | TCP | MS RPC | Microsoft RPC endpoint mapper. | Directory |
| 9100 | TCP | Raw Printing | Network printer raw data port (JetDirect). | Printing |
| 515 | TCP | LPD/LPR | Line Printer Daemon protocol. | Printing |
| 631 | TCP | IPP / CUPS | Internet Printing Protocol. | Printing |
| 5060 | TCP/UDP | SIP | Session Initiation Protocol for VoIP signaling. | VoIP |
| 5061 | TCP | SIP TLS | SIP over TLS. | VoIP |
| 3478 | UDP | STUN/TURN | NAT traversal for WebRTC and VoIP. | VoIP |
| 514 | UDP | Syslog | Standard syslog UDP receiver. | Monitoring |
| 6514 | TCP | Syslog TLS | Syslog over TLS. | Monitoring |
| 9090 | TCP | Prometheus | Prometheus metrics scraping server. | Monitoring |
| 443 | TCP | M365 / Azure | All Microsoft 365 and Azure traffic uses port 443 over HTTPS. | Cloud |
Frequently asked questions
Which ports should always be blocked at the firewall perimeter?
At a minimum, block inbound access to RDP (3389), SMB (445), NetBIOS (135–139), Telnet (23), and all database ports (1433, 3306, 5432) from the internet. These are among the highest-value targets for ransomware and exploitation. Any administrative port — RDP, SSH (22), management interfaces — should be restricted to known IP ranges or accessible only over VPN. Outbound, block direct SMTP (port 25) from end-user machines to prevent spam relay.
What is the difference between TCP and UDP ports?
TCP (Transmission Control Protocol) provides reliable, ordered, and error-checked delivery. It is used by protocols where data integrity matters — web (80/443), email (25/587/993), databases, and SSH. UDP (User Datagram Protocol) is connectionless and faster but does not guarantee delivery or order. It is used by latency-sensitive applications like DNS (53), VoIP/SIP (5060), NTP (123), and video streaming. Some services use both — DNS uses UDP for standard queries and TCP for large responses or zone transfers.
Want this handled for you?
Elevate manages IT & security for regulated Los Angeles firms.