Some FAQ related PORTS

Q. What is a port?

A port is piece of software which is used as docking point in your machine, where remote
application can communicate. This is analogy to the physical ports for entering in to a country
from different sea ports.

Q. What is hardware port?

This is a physical peripheral connecting point to a machine from a physical device.

Q. What is a socket?

Socket is combination of software Port and IP address.

Q. What is the range of ports or how many ports are there?

Port numbers can vary from 0 to 65535, so total we can get 65536 ports

Q. Why port numbers are just 65536?

This is because limitation in TCP/IP stack where the port number field is just 16bit size. So we
get only 2^16(2 to the power of 16) ports which are equal to 65536 available ports

Q.What are the well-known ports or assigned ports or default ports?

Well known ports are from 0 to 1023(total 2^10=1024 ports)

Q.What do you mean by default port?

Default port is a designated port for particular well-known service such as web server, mail
server, ftp server etc. By default FTP uses 21 port, DNS uses 53 and Apache uses 80 port.

Q.Can we change default port for a service(example Apache, squid)?

Yes, we can change. In Apache and DNS we can change this using listen configuration entry in
httpd.conf and named.conf. Squid have port entry in its squid.conf file to mention port number.

Q.What are the protocol numbers for TCP and UDP?

Do not confuse this one with port numbers. TCP and UDP have their own numbers in TCP/IP
stack.

TCP protocol number:6

UDP protocol number:17

Q. Is there any way I can see all the port information in Linux?

Yes, you can get that from /etc/services files.

Q. How can I see open ports in Linux?

Use nmap command.

Well known ports

20 – FTP Data (For transferring FTP data)

21 – FTP Control (For starting FTP connection)

22 – SSH(For secure remote administration which uses SSL to encrypt the transmission)

23 – Telnet (For insecure remote administration

25 – SMTP(Mail Transfer Agent for e-mail server such as SEND mail)

53 – DNS(Special service which uses both TCP and UDP)

67 – Bootp

68 – DHCP

69 – TFTP(Trivial file transfer protocol uses udp protocol for connection less transmission of
data)
80 – HTTP/WWW(apache)

88 – Kerberos

110 – POP3(Mail delivery Agent)

123 – NTP(Network time protocol used for time syncing uses UDP protocol)

137 – NetBIOS(nmbd)

139 – SMB-Samba(smbd)

143 – IMAP

161 – SNMP(For network monitoring)

389 – LDAP(For centralized administration)

443 – HTTPS(HTTP+SSL for secure web access)

514 – Syslogd(udp port)

636 – ldaps(both tcp and udp)

873 – rsync

989 – FTPS-data

990 – FTPS
993 – IMAPS

1194 – openVPN

1812 – RADIUS

995 – POP3s

2049 – NFS(nfsd, rpc.nfsd, rpc, portmap)

2401 – CVS server

3306 – MySql

3690 – SVN

6000-6063-X11

Q:: What Is a Port Number?

A port number is part of the addressing information used to identify the senders and receivers
of messages. Port numbers are most commonly used with TCP/IP connections. Home network
routers and computer software work with ports and sometimes allow you to configure port
number settings. These port numbers allow different applications on the same computer to share
network resources simultaneously.

Q. What is the range of ports or how many ports are there?

Port numbers can vary from 0 to 65535, so total we can get 65536 ports

Q. Why port numbers are just 65536?

This is because limitation in TCP/IP stacks where the port field is just 16bit size. So we get only
2^16 port which is equal to 65536 ports

Port numbers have a range of 0…65535 (although often 0 has special meaning). In the original
BSD TCP implementation, only root can bind to ports 1…1023, and dynamically assigned ports
were assigned from the range 1024…5000; the others were available for unprivileged static
assignment. These days 1024…5000 is often not enough dynamic ports, and IANA has now
officially designated the range 49152..65535 for dynamic port assignment. However even that is
not enough dynamic ports for some busy servers, so the range is usually configurable (by an
administrator). On modern Linux and Solaris systems (often used as servers), the default
dynamic range now starts at 32768. Mac OS X and Windows Vista default to 49152..65535.

[root@desktop12 ~]# cat /proc/sys/net/ipv4/ip_local_port_range

32768 61000
solaris$ /usr/sbin/ndd /dev/tcp tcp_smallest_anon_port tcp_largest_anon_port
32768

65535

macosx$ sysctl net.inet.ip.portrange.first net.inet.ip.portrange.last

net.inet.ip.portrange.first: 49152
net.inet.ip.portrange.last: 65535

vista> netsh int ipv4 show dynamicport tcp

Protocol tcp Dynamic Port Range

Start Port : 49152

Number of Ports : 16384

Q.What are the well-known ports?

Well known ports are from 0 to 1023(total 2^10=1024 ports)

Q.What are the Registered Ports, and (Range: 1024 to 49151 )

Used by specific service upon applications such as Oracle database listener (1521), MySql
(3306), Microsoft Terminal server (3389) etc.

Q.What are the Dynamic and/or Private Ports. (Range: 49152 to 65535 )

These ports can’t be registered by IANA. This is used for custom or temporary purposes and for
automatic allocation of short-lived (or ephemeral ) ports which is used internally by
application/processes. You can see these ports by running ‘netstat’ command under “Local
address” column.

Q.What do you mean by default port? Default port is a designated port for particular well-
known server.

Q.Can we change default port for a service(example Apache, squid)?

Yes, we can change
Q.What are the protocol numbers for TCP and UDP?
TCP protocol number:6
UDP protocol number:17

Q.How to find which ports are open?

You can find the ports in your linux server with the nmap command
#netstat -ntlp
here n -> display the host by numbers
t ->shows tcp protocols
u ->to check udp protocols
l ->listening ports
p -> displays which process controls the port
Q.How to find printer open ports ?
[root@desktop13 Desktop]# netstat -ntlp |grep cups
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1525/cupsd
tcp 0 0 ::1:631 :::* LISTEN 1525/cupsd Q. How to
detect remote server openports?
[root@desktop13 Desktop]# nmap -sT 192.168.0.250
it will show like this
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
Q. How to change SSH port number?
[root@desktop13 Desktop]# netstat -ntlp | grep ssh
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1646/sshd
tcp 0 0 :::22 :::* LISTEN 1646/sshd
go to the configuration file
[root@desktop13 Desktop]# vim /etc/ssh/sshd_config
port=2200
save and quit

[root@desktop13 Desktop]# service sshd restart

Stopping sshd: [ OK ]
Starting sshd: [ OK ]

[root@desktop13 Desktop]# netstat -ntlp | grep ssh

tcp 0 0 0.0.0.0:2200 0.0.0.0:* LISTEN 11904/sshd
tcp 0 0 :::2200 :::* LISTEN 11904/sshd

now port num changed successfully

Q. rempte loggin with port number?

ssh -p 22 [email protected]

Some important port numbers:

20-FTP Data (For transferring FTP data)

21-FTP Control (For starting FTP connection)

22-SSH (For secure remote administration which uses SSL to encrypt the transmission)

23-Telnet (For insecure remote administration

25-SMTP (Mail Transfer Agent for e-mail server such as SEND mail)

53- DNS (Special service which uses both TCP and UDP)

68-DHCP

69-TFTP (Trivial file transfer protocol uses udp protocol for connection less transmission of
data)

80 -HTTP/WWW (apache)

88-Kerberos

110-POP3 (Mail delivery Agent)

123-NTP (Network time protocol used for time syncing uses UDP protocol)

137-NetBIOS (nmbd)

139,138,445-SMB-Samba (smbd)

143-IMAP

161-SNMP (For network monitoring)

389-LDAP (For centralized administration)

443-HTTPS (HTTP+SSL for secure web access)

514-Syslogd (udp port)

995-POP3s

3260-ISCSI
3128-squid proxy

631-Printers (cups)

2049-NFS (nfsd, rpc.nfsd, rpc, portmap)

*If protocol is not mention then the above port are solely for TCP. Some service use UDP as
mention in above list.