What Are Network Ports?
A network port is a virtual endpoint for communication on a computer. While an IP address identifies a device on a network, a port identifies a specific application or service running on that device.
Think of it this way: if an IP address is like a building's street address, a port number is like the suite number inside that building. The address gets you to the right building, and the suite number gets you to the right office.
Port numbers range from 0 to 65535. When your browser connects to a web server, it connects to the server's IP address on port 443 (for HTTPS). When you send an email, your mail client connects to the mail server on port 587 (for SMTP submission).
Port Number Ranges
Ports are divided into three ranges by IANA (Internet Assigned Numbers Authority):
Well-Known Ports (0–1023): Reserved for common, standardized services. These ports are assigned by IANA and typically require administrator/root privileges to use. Examples: HTTP (80), HTTPS (443), SSH (22), FTP (21), DNS (53).
Registered Ports (1024–49151): Used by software applications and services. Vendors can register ports with IANA for their applications. Examples: MySQL (3306), PostgreSQL (5432), Redis (6379), Minecraft (25565).
Dynamic/Ephemeral Ports (49152–65535): Temporarily assigned by the operating system for outgoing connections. When your browser connects to a website, the OS assigns a random port from this range as the source port for that connection.
TCP vs UDP Ports
Ports work with two transport protocols:
TCP (Transmission Control Protocol): Connection-oriented, reliable delivery. TCP establishes a connection (three-way handshake) before sending data and guarantees that all packets arrive in order. Used for: web browsing, email, file transfer, SSH — anything where data integrity matters.
UDP (User Datagram Protocol): Connectionless, faster but unreliable. UDP sends packets without establishing a connection or guaranteeing delivery. Used for: DNS queries, video streaming, online gaming, VoIP — anything where speed matters more than perfect delivery.
Many services use both TCP and UDP. DNS, for example, uses UDP for standard queries (faster) but falls back to TCP for large responses or zone transfers.
Essential Port Numbers Reference
| Port | Protocol | Service | Description |
|---|---|---|---|
| 20/21 | TCP | FTP | File Transfer Protocol (data/control) |
| 22 | TCP | SSH | Secure Shell (remote login, SFTP) |
| 23 | TCP | Telnet | Unencrypted remote login (deprecated) |
| 25 | TCP | SMTP | Email sending between servers |
| 53 | TCP/UDP | DNS | Domain name resolution |
| 67/68 | UDP | DHCP | Automatic IP address assignment |
| 80 | TCP | HTTP | Unencrypted web traffic |
| 110 | TCP | POP3 | Email retrieval |
| 143 | TCP | IMAP | Email retrieval (synced) |
| 443 | TCP | HTTPS | Encrypted web traffic |
| 465 | TCP | SMTPS | Encrypted SMTP (legacy) |
| 587 | TCP | SMTP Submission | Email submission from clients |
| 993 | TCP | IMAPS | Encrypted IMAP |
| 995 | TCP | POP3S | Encrypted POP3 |
| 3306 | TCP | MySQL | MySQL database |
| 3389 | TCP | RDP | Windows Remote Desktop |
| 5432 | TCP | PostgreSQL | PostgreSQL database |
| 8080 | TCP | HTTP Alt | Alternative HTTP / proxy |
| 8443 | TCP | HTTPS Alt | Alternative HTTPS |
Use LookMyIP's Port Checker tool to test whether specific ports are open and reachable on your server or network.
Port Security Best Practices
Close unnecessary ports: Every open port is a potential attack vector. Only keep ports open that are actively needed for services you run.
Use non-standard ports for sensitive services: Moving SSH from port 22 to a non-standard port (e.g., 2222) reduces automated brute-force attempts. This is security through obscurity — not a substitute for proper authentication, but it reduces noise.
Firewall rules: Configure your firewall to explicitly whitelist required ports and block everything else. Review open ports regularly.
Port scanning awareness: Attackers use port scanners (like nmap) to discover open ports on your network. Regular self-scanning helps you identify and close unintended exposures. Use LookMyIP's Port Checker to see what ports are visible from the outside.
Keep services updated: An open port is only as secure as the service listening on it. Outdated software with known vulnerabilities is a primary entry point for attackers.