Scribd
Upload
79 views4 pages

Important Port Numbers in Unix

Networking is an important part of IT. This document provides an overview of common ports and protocols used for networking, along with notes on their purpose and the associated daemons or services. It lists several essential ports and protocols like FTP, SSH, SMTP, DNS, HTTP, SNMP, IRC and more. The document also provides some general hints for less experienced users, such as privileged port numbers and how to check if a service is available over TCP or UDP.

Uploaded by

reji50
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
79 views4 pages

Important Port Numbers in Unix

Networking is an important part of IT. This document provides an overview of common ports and protocols used for networking, along with notes on their purpose and the associated daemons or services. It lists several essential ports and protocols like FTP, SSH, SMTP, DNS, HTTP, SNMP, IRC and more. The document also provides some general hints for less experienced users, such as privileged port numbers and how to check if a service is available over TCP or UDP.

Uploaded by

reji50
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Nowadays networking is one of the most important parts of the IT business.

Either way, if you


have/want to block ports with a firewall/masquarading/tunneling, want to check for runnings
daemons(/services) or something else, you may want a more comprehensive overview about these
with some hints and remarks about the essential ports largely used, together with a statement, which
protocol (TCP/IP or UDP) is used exclusively or mainly, than official RFC documents or modern
/etc/services files on UNIX systems offer. Therefore I hope to provide you with some useful
informations below.
Some general hints for the less experienced in these topics: the port numbers below 1024 are
privileged ones, what means, that a server process (UNIX daemon) can be run only by the root
user on it. A bunch of services is managed by the portmapper (rpc service) and the inetd, which
launches other special daemons listed below, when requested on the corresponding port. And
finally, you can easily discriminate between TCP/IP and UDP with the telnet client: typing telnet
IPaddress (or hostname, if resolvable) port-numbergives you usually a connect
response, when there is a service available via TCP/IP, while not when it runs via UDP/IP, and this
is also a possibility, to check for certain ports and therefore services on the given host.

port /
common UNIX
service name
additional remarks
protocol
daemon(s)
ftp (file
transfer
obsolete:insecure, because unencrypted and
20/tcp and
in.ftpd,wu.ftpd,proftpd;
protocol) data
difficult to harden service, please use sshd and
21/tcp
launched by inetd
and login
scp or sftp instead (see below)
control
secure, because fully encrypted remote login
ssh (Secure
(ssh) and copy (scp and sftp) service, please use
22/tcp
sshd
SHell)
exclusively this full substitute instead of the
obsolete ftp, telnet, rlogin, rsh, rcp and so on!
telnet (remote in.telnetd, launched by obsolete: unencrypted login, use sshd and ssh
23/tcp
login)
inetd
instead, see above
standard mail protocol since 30 years, only way
smtp (simple
to communicate world wide with messages
sendmail, postfix,
25/tcp
mail transfer
without http measures, for your privacy you need
qmail, etc.
protocol)
to encrypt mails preferably with the free PGP
(pretty good privacy)
the name service of the Internet, used by http,
smtp and all others to resolve symbolic names
53/udp
DNS (domain bind (Berkeley Internet
into the IP layer addresses, name resolution is
and 53/tcp name system) Name Domain)
done via udp, zone transfers between several
name servers via tcp

80/tcp

88/tcp

110/tcp

111/udp

119/tcp

123/udp

137/udp

139/tcp

143/tcp

161/tcp

194/tcp

http (Hyper
the Internet/web service, unencrypted port (see
Text Transfer httpd (= apache, A
below, 443, for encrypted counterpart) for
Protocol) = PAtCHy [web] sErver) standard data transfer from web servers to user
www (World
agents (browsers, robots, download tools)
Wide Web)
high security special purpose protocol with ticket
kerberos
krshd
system and so on
pop3 (Post
Office
popper, launched by post retrieval service of storing mail servers with
Protocol
inetd
encryption possibilities
version 3)
(sun)rpc
(remote
rpc.statd,
insecure remote calls of special information
procedure
rpc.rusersd,rpc.walld services
call)
nntp
(Network
News
leafnode
the internet news server query service
Transfer
Protocol)
ntp (Network
modern world wide time service for
Time
(x)ntpd
synchronisation with nuclear clock driven time
Protocol)
standard
netbios-ns
special name service for a still too widespread
(NETBIOS
proprietary OS and its SMB (Server Message
nmbd
Name
Block) system, needed in union with the
Service)
following service
netbios-ssn
(NETBIOS
special session service for that proprietary OS
Session
smbd (Samba daemon) and its SMB (Server Message Block) system,
Service
works together with immediately above service
Network)
imap2
(Internet
imapd (Interactive Mail
rather insecure and therefore only locally suitable
Message
Access Protocol
mail retrieval service, for non-local purposes
Access
Daemon), launched by
prefer pop3 (see above)
Protocol
inetd
version 2)
base of communication between very different
snmp (Simple
technical units (not only computers), they have to
Network
snmpd
share the network capability and these protocol
Management
rules only: CAUTION: very insecure (no limiting
Protocol)
of allowed requesting IP addresses possible)
irc (Internet
ircd
the Internet chat service

220/tcp

389/tcp

389/udp

443/tcp

514/udp
515/tcp
554/tcp

631/tcp

744/udp

901/tcp

993/tcp

Relay Chat)
imap3
(Interactive
Mail Access
Protocol
version 3)
ldap
(Lightweight
Directory
Access
Protocol)
ldap
(Lightweight
Directory
Access
Protocol)
https
(HyperText
Transfer
Protocol
Secure)
system log
listener

imapd

modern mail retrieval service, successor of imap2


(see above), but still pop3 may the better
alternative (see above too)

ldapd

network distributed, domain organized directory


service, connection part, see also immediately
below

slapd (Standalone
Lightweight Access
Protocol Daemon

network distributed, domain organized directory


service, listener/contoller part, see also
immediately above

httpd (= apache)

encrypted (via TLS/SSL) counterpart to above


http/80 entry, the only acceptable way, to do
online credit card transactions

syslogd

always active to log other hosts informations,


because otherwise the daemon won't start

lpd (Line Printer


network printer queue
Daemon)
rtsp (Real
rsvpd (Resource
used by Real Media for video and audio
Time Stream reSerVations Protocol
streaming
Protocol)
Daemon)
cupsd --- CUPS
ipp (Internet
(Common Unix
unencrypted port for (local) printer access via
Printing
Printing System)
browser and CUPS client
Protocol)
Daemon
flexlm
(FLEXible
lmgrd (License
network bound license evaluation system
License
ManaGeR Daemon)
Manager)
swat (Samba
browser/web bound Samba administration (see
Web
swat, launched by inetd above, 137/nmbd and 139/smbd), use with care:
Administration
it's not encrypted without additional measures
Tool)
imaps
(Interactive
Mail Access imapd, launched by
TLS/SSL encrypted mail retrieval system (see
Protocol
inetd
also imap above)
print spooler

Secure
version 4)
ircs (Internet
994/tcp Relay Chat ircd
Secure)
pop3s (Post
Office
popper, launched by
995/tcp Protocol
inetd
Secure
version 3)
NFS
nfsd, rpc.nfsd, needs
(Network File
2049/tcp
(sun)rpc and portmap
System by
too
Sun)
NFS
rpc.mountd needs
(Network File
2049/udp
(sun)rpc and portmap
System by
too
Sun)

the Internet chat system TLS/SSL encrypted,


see also irc above

TLS/SSL encrypted mail retrieval system (see


also pop3 above)

network sharing of filesystems, only suitable for


local networks

network sharing of filesystems, only suitable for


local networks

RCS (revision control system) based network


version control, suitable even for Internet
cooperation, but than usage via ssh (see above)
is recommended, because this pserver protocol
does only a not really secure scrambling of
passwords (only suitable for anonymous
checkout otherwise)
standard GUI base server of the X/Open Group,
the ports above 6000 up to 6063 are addressed
X (X window system via display (variable: upper case) setting to 1, 2
server)
and so on, instead of 0, for the ports 6001, 6002
and so on instead of 6000 (display number part
1 = port offset)

cvspserver
(Concurrent
cvs, launched by inetd
Version
2401/tcp
(alternatively by sshd,
System
see above)
Password
server)

6000/tcp
(x11
-6063/tcp)
http-alt
8080/tcp (alternative
http)

httpd (= apache)

see http above: usually privately=non-public used


http port

to UNIX alliance to computers/LINUX


remarks, questions, additions etc. to: [email protected]
(URL: http://www.lb.shuttle.de/apastron/ports.htm)

You might also like