There
are thousands of ports and services registered with the Internet
Assigned Number Authority . Practically, less than
one hundred are in common use. Services have assigned ports
so that a client can find the service easily on a remote host.
For example, telnet servers listen at port 23, and SMTP (Simple
Mail Transport Protocol) servers listen at port 25. Client
applications, like a telnet program or mail reader, use randomly
assigned ports typically greater than 1023.
Although
a particular service may have an assigned port, there is nothing
about TCP/IP to prevent most services from listening to another
port. A common example of this is HTTP, the protocol used
for accessing Web servers. The assigned port for HTTP is port
80, but other ports are relatively common. An intruder who
sets up a backdoor may use an assigned port for an unregistered
service (like a program that provides a root shell on demand),
or the intruder may put a service, like a telnet server, on
some other port than port 23. In other words, there is nothing
sacred about port numbers--it is just customary to use them,
as well as making things a lot simpler.
The
purpose of this table is to list some of the port addresses
associated either with popular services, or port addresses
associated with services that have often been abused in the
past. This list is by no means complete, but has in the past
proven to be helpful. For example, if you have set up a firewall,
and are noticing lots of connection attempts to port 113/tcp,
you might be worried about an attack. But port 113/tcp is
used by mail transport agents (sendmail in particular) in
an attempt to identify the name of the user sending email.
Note
also that many port addresses appear twice: once for a TCP-based
service and again for a different UDP-based one. In the past,
the custom was to allocated each type of port independently,
so port 514/tcp belongs to the remote shell (rsh) and 514/udp
is used by the system logger (syslogd). More recently, ports
of both types have been assigned together, for example, ports
135, 138, and 139, both TCP and UDP, are assigned to Microsoft
services.
PORT
NUMBERS
The
port numbers are divided into three ranges: the Well Known
Ports, the Registered Ports, and the Dynamic and/or Private
Ports.
The
Well Known Ports are those from 0 through 1023.
The
Registered Ports are those from 1024 through 49151
The
Dynamic and/or Private Ports are those from 49152
through 65535
WELL
KNOWN PORT NUMBERS
The Well Known Ports are assigned by the IANA
and on most systems can only be used by system (or root) processes
or by programs executed by privileged users.
Ports are used in the TCP [RFC793] to name the ends of logical
connections which carry long term conversations. For the purpose
of providing services to unknown callers, a service contact
port is defined. This list specifies the port used by the
server process as its contact port. The contact port is sometimes
called the "well-known port". To the extent possible,
these same port assignments are used with the UDP [RFC768].
The assigned ports use a small portion of the possible port
numbers. For many years the assigned ports were in the range
0-255. Recently, the range for assigned ports managed by the
IANA has been expanded to the range 0-1023.
REGISTERED PORT NUMBERS
The Registered Ports are listed by the IANA
and on most systems can be used by ordinary user processes
or programs executed by ordinary users.
Ports are used in the TCP [RFC793] to name the ends of logical
connections which carry long term conversations. For the purpose
of providing services to unknown callers, a service contact
port is defined. This list specifies the port used by the
server process as its contact port.
The IANA registers uses of these ports as
a convienence to the community. To the extent possible, these
same port assignments are used with the UDP [RFC768].
The
Registered Ports are in the range 1024-49151.
DYNAMIC
AND/OR PRIVATE PORTS
The Dynamic and/or Private Ports are those from 49152
through 65535
