When it comes to computers, ports are everywhere. If you take a look at your desktop, you will see physical ports that are used to connect peripheral devices such as a keyboard and mouse, external storage and more. You may also notice that some ports may be used to connect to the internet via Ethernet cables.
Ports serve a very similar purpose in the computer networking space. A port is a logical connection that’s used by programs and services to exchange information. In other words, ports serve as a communication endpoint for computers who want to speak to other computers. Ports will always have a unique number that identifies them, ranging from 0-65535. This all gets a little easier to comprehend when we break it down into 3 categories. Port numbers 0-1023 are what we call “Well-known or System ports.” The ports within the well known range are ports that we most commonly use everyday. Port numbers 1024-49151 are what we call “User or Registered Ports”, which are ports that can be registered by developers for a specific service. Lastly, ports 49152-65535 are called “Dynamic or Private ports”. These are known as client side ports that are typically free to use. Your computer may temporarily assign itself a port number within this range during a session.
A port number is always associated with an IP address for communication purposes. Both the IP address and the port number work together to exchange data throughout a network. I will refrain from going too much into the technical details of port numbers but it is very good to at least know the basics before diving into the most common port numbers you may encounter.
FTP – File Transfer Protocol – 20,21
File Transfer protocol uses TCP port 20 for data transfer and TCP port 21 which is used to control the data transfer. The FTP protocol also includes a number of file management functions which will allow you to do things like list the files on the server, add files, delete them, etc.
SSH – Secure Shell – 22
Secure shell put plainly is a safe way to communicate with a remote device through a terminal or command line. It is a text based front end that uses TCP port 22 and everything that is sent over this network using this protocol is being sent as encrypted data. I will not go into TELNET in this post (which uses TCP port 23), but it is essentially a non encrypted version of SSH.
SMTP – Simple Mail Transfer Protocol – 25
Can you guys tell me how many email servers are out there in the world? I legit have no idea but it is definitely in the millions. All of these millions of email servers use the simple mail transfer protocol to communicate with each other. SMTP uses TCP port 25. SMTP is used for email servers to communicate, but also for our devices and mail clients to send mail to a mail server. If you use your phone to send email messages, it is likely that you are using SMTP.
POP3/IMAP4 – 110,143
The Post office Protocol version 3 and Internal Message Access Protocol version 4 are both used to receive emails from an email server. POP3 uses TCP port 110 and was designed to retrieve emails from an email client, but was not built for multiple email clients. This is where IMAP4 comes in, this protocol allows us to have multiple devices that all have access to the same email box, to then synchronize correctly. It allows you to manage an email inbox from multiple devices, using TCP port 143.
DHCP – Dynamic Host Configuration Protocol – 67,68
The dynamic host configuration protocol is a protocol that is used to automatically assign devices IP addresses when it connects to a network. DHCP uses UDP ports 67 and 68. You may have noticed that this protocol uses UDP (User Datagram Protocol) instead of TCP (Transmission Control Protocol) like our previous examples. Without going into too much detail about the differences of TCP and UDP, I will just note that UDP is a connectionless protocol that is typically better fit for situations where speed is more important than reliability. (We want our computers connected as quickly as possible.)
HTTP & HTTPS – Hyper Text Transfer Protocol (Secure) – 80,443
HTTP and HTTPS are probably the most commonly used protocols by the everyday user. If you have interacted with any web browser, then you have most likely used HTTP or HTTPS. These protocols are ALMOST the exact same. Meaning that both are the common protocols used by our browsers to communicate with web servers, but HTTPS is web server communication with encryption. HTTP uses TCP port 80 while HTTPS uses TCP port 443.
SNMP – Simple Network Management Protocol 161
Simple Network Management Protocol allows a network management device to query various infrastructure devices for performance details, then receive those metrics in return. You may only come across SNMP or a network management device if you plan on or have done work as an SA. The queries are performed using UDP port 161.
I believe this is a very good starting point for individuals who are just dipping their toe into the world of port numbers. There are a few other common ones that are Windows specific called Remote Desktop Protocol (TCP port 3389) and Server Message Block (TCP port 445). Both of which are used within my organization and very widely used. Please let me know if you have any questions or comments!
Mak Hurst 