TCP and UDP Services and Ports

This post summarizes commonly used TCP and UDP ports.

The total number of ports for both TCP and UDP is what can be numbered with 16-digit binary number, it means, 65,536 ports, numbered from 0 to 65,535.

Default TCP and UDP Ports

TCP 20: File Transfer Protocol (FTP) Active Mode Data Connection

TCP 21: File Transfer Protocol (FTP) Passive Mode Data Connection

TCP 22: SSH

TCP 23: Telnet

TCP 25: Simple Mail Transfer Protocol (SMTP)

UDP/TCP 50: Remote Mail Checking Protocol

TCP 51: IANA reserved

TCP/UDP 53: Domain Name System (DNS) Zone Transfer

UPD 67: Dynamic Host Configuration Protocol (DHCP)

TCP/UDP 69: Trivial File Transfer Protocol (TFTP)

TCP 80: HTTP

TCP 110: Post Office Protocol (POP3)

UDP 123: Network Time Protocol (NTP)

TCP/UDP 135: Microsoft RPC Endpoint Mapper

UDP 137: NetBIOS Name Service (NBNS)

TCP/UDP 138: netbios-dgm

TCP 139: NetBIOS Session Service (SMB over NetBIOS)

TCP 143: Internet Message Access Protocol (IMAP4)

UDP 161: Simple Network Management Protocol (SNMP)

TCP/UDP 162: SNMP Trap

TCP/UDP 389: Lightweight Directory Access Protocol (LDAP)

TCP 443: HTTPS

TCP/UDP 445: SMB over TCP (Direct Host); Active Directory

TCP 465: Implicit STMP

UDP 500: (ISAKMP)/Internet Key Exchange (IKE)

TCP 513: remote login

UDP 514: syslog

TCP 515: Line Printer Remote (LPR) or Line Printer Daemon (LPD)

TCP 587: STARTTLS

TCP/UDP 1080: SOCKS

TCP 1241: Nessus daemon

TCP 1433-1434: Microsoft SQL Server

TCP 1521: Oracle

UDP 1701: L2TP

TCP 1720: H.323

TCP 1723: PPTP

UDP 1812: RADIUS messages

UDP 1813: RADIUS accounting messages

TCP/UDP 2000-2001: Session Initiation Protocol (SIP)

TCP 2049: Network File System (NFS)

TCP 2083: RADIUS over TLS

TCP 3389: Microsoft Remote Desktop Protocol (RDP)

UDP port 4500: IPsec NAT-T

TCP/UDP 5050: Session Initiation Protocol (SIP)

TCP/UDP 5060-5061: Session Initiation Protocol (SIP)

UDP 5355: LLMNR

TCP 6000-6063: X Window (Unix)

TCP 9100: HP JetDirect printing

TCP/UDP 48101: used by the infected devices to spread malicious files to the other devices in the network

Ports requested in certification exams

Some certification exams require to know the default use of ports by heart.

Here you can find some examples on different exams:

CEH v10

22, 23, 25, 50, 51, 53, 69, 80, 123, 135, 137, 139, 161, 162, 389, 443, 445, 500, 514, 515, 1080, 1241, 2000, 2001, 4500, 5050, 5060, 5061, 5355, 48101

CISSP 2021

20, 21, 22, 23, 25, 53, 67, 69, 80, 110, 123, 135, 137-139, 143, 161, 443, 445, 465, 515, 587, 1443, 1701, 1723, 1812, 1813, 2049, 2083, 6000-6063, 9100.

MD-100

80, 443, 513, 1433, 1723, 3389.

External references

Leave a Reply

Your email address will not be published. Required fields are marked *