This post summarizes commonly used TCP and UDP ports.
The total number of ports for both TCP and UDP is what can be numbered with 16-digit binary number, it means, 65,536 ports, numbered from 0 to 65,535.
Default TCP and UDP Ports
TCP 20: File Transfer Protocol (FTP) Active Mode Data Connection
TCP 21: File Transfer Protocol (FTP) Passive Mode Data Connection
TCP 22: SSH
TCP 23: Telnet
TCP 25: Simple Mail Transfer Protocol (SMTP)
UDP/TCP 50: Remote Mail Checking Protocol
TCP 51: IANA reserved
TCP/UDP 53: Domain Name System (DNS) Zone Transfer
UDP 67: Dynamic Host Configuration Protocol (DHCP)
TCP/UDP 69: Trivial File Transfer Protocol (TFTP)
TCP 80: HTTP
TCP 110: Post Office Protocol (POP3)
UDP 123: Network Time Protocol (NTP)
TCP/UDP 135: Microsoft RPC Endpoint Mapper
UDP 137: NetBIOS Name Service (NBNS)
TCP/UDP 138: netbios-dgm
TCP 139: NetBIOS Session Service (SMB over NetBIOS)
TCP 143: Internet Message Access Protocol (IMAP4)
UDP 161: Simple Network Management Protocol (SNMP)
TCP/UDP 162: SNMP Trap
TCP/UDP 389: Lightweight Directory Access Protocol (LDAP)
TCP 443: HTTPS
TCP/UDP 445: SMB over TCP (Direct Host); Active Directory
TCP 465: Implicit STMP
UDP 500: (ISAKMP)/Internet Key Exchange (IKE)
TCP 513: remote login
UDP 514: syslog
TCP 515: Line Printer Remote (LPR) or Line Printer Daemon (LPD)
TCP 587: STARTTLS
IMAP over TLS: 993
TCP/UDP 1080: SOCKS
TCP 1241: Nessus daemon
TCP 1433-1434: Microsoft SQL Server
TCP 1521: Oracle
UDP 1701: L2TP
TCP 1720: H.323
TCP 1723: PPTP
UDP 1812: RADIUS messages
UDP 1813: RADIUS accounting messages
TCP/UDP 2000-2001: Session Initiation Protocol (SIP)
TCP 2049: Network File System (NFS)
TCP 2083: RADIUS over TLS
TCP 3389: Microsoft Remote Desktop Protocol (RDP)
UDP port 4500: IPsec NAT-T
TCP/UDP 5050: Session Initiation Protocol (SIP)
TCP/UDP 5060-5061: Session Initiation Protocol (SIP)
UDP 5355: LLMNR
TCP 6000-6063: X Window (Unix)
TCP 9100: HP JetDirect printing
TCP/UDP 48101: used by the infected devices to spread malicious files to the other devices in the network
Ports requested in certification exams
Some certification exams require to know the default use of ports by heart.
Here you can find some examples on different exams:
CEH v10
22, 23, 25, 50, 51, 53, 69, 80, 123, 135, 137, 139, 161, 162, 389, 443, 445, 500, 514, 515, 1080, 1241, 2000, 2001, 4500, 5050, 5060, 5061, 5355, 48101
CISSP 2021
20, 21, 22, 23, 25, 53, 67, 69, 80, 110, 123, 135, 137-139, 143, 161, 443, 445, 465, 515, 587, 1443, 1701, 1723, 1812, 1813, 2049, 2083, 6000-6063, 9100.
MD-100
80, 443, 513, 1433, 1723, 3389.
External references
- IANA; “Service Name and Transport Protocol Port Number Registry“; Internet Assigned Numbers Authority (IANA)
- Wikipedia; “List of TCP and UDP port numbers“; Wikipedia
- “CISSP Study Guide Ninth Edition”
- Chapter 11, Section “Common Application Layer Protocols”, pp. 506-507
- Chapter 15, Section “Network Vulnerability Scanner”, pp. 738-739