🔍 /

Common Port Numbers Lookup

Interactive TCP/UDP port scanner database with security risk ratings, malware history, and instant command generation for network diagnostics.

User Rating 0.0
Total Usage 0 times
Category Network Utilities
Is this tool helpful?

Your feedback helps us improve.

About

Network ports are the digital docking stations of the internet, serving as the communication endpoints for identifying specific processes or types of network services. While there are 65,535 available ports (defined by the 16-bit field in TCP/UDP headers), the first 1024 - known as System Ports - are critical for fundamental network functions. Misconfiguration here is a primary vector for cyberattacks.

This tool transforms the standard port list into a security intelligence engine. Unlike static tables, it evaluates the Security Risk Rating of each service, identifying legacy cleartext protocols (like TELNET on port 23) versus encrypted modern standards. It cross-references historical malware data (e.g., trojans that bind to specific ports) and generates OS-specific terminal commands to assist administrators in auditing their local environment immediately.

network-security tcp-udp port-scanner sysadmin cybersecurity

Formulas

A network socket is defined by the combination of an IP address and a Port number. The total number of available ports is determined by the 16-bit field size in the transport layer header.

{
Range = 0 ... 65535 (216 - 1)System Ports = 0 ... 1023User Ports = 1024 ... 49151Dynamic Ports = 49152 ... 65535

In a TCP Header, the Source and Destination ports occupy the first 32 bits:

Source Port (16 bits)Destination Port (16 bits)

Reference Data

PortProtocolServiceSecurity RiskDescription
20/21TCPFTPHighFile Transfer Protocol (Data/Control). Transmits credentials in cleartext.
22TCPSSHLowSecure Shell. Encrypted remote login. Primary target for brute-force attacks.
23TCPTelnetCriticalUnencrypted text communications. Obsolete and dangerous.
25TCPSMTPMediumSimple Mail Transfer Protocol. Vulnerable to spam relaying if unsecured.
53UDP/TCPDNSMediumDomain Name System. Vector for amplification attacks and tunneling.
80TCPHTTPMediumHyperText Transfer Protocol. Unencrypted web traffic. MITM risk.
110TCPPOP3MediumPost Office Protocol v3. Often transmits email in cleartext.
143TCPIMAPMediumInternet Message Access Protocol. Prefer IMAPS (993).
443TCPHTTPSSafeHTTP over TLS/SSL. The standard for secure web browsing.
3389TCPRDPHighRemote Desktop Protocol. Frequent target for ransomware entry.

Frequently Asked Questions

A "High Risk" rating often indicates that the protocol transmits data (including passwords) in cleartext, making it vulnerable to packet sniffing (e.g., Telnet on port 23, FTP on port 21). Even standard ports like RDP (3389) are rated high risk if exposed to the public internet because they are primary targets for ransomware brute-force attacks.
You can use the "Command Generator" feature in this tool. Generally, on Windows, use `netstat -ano | findstr `, and on macOS/Linux, use `lsof -i :` or `netstat -tuln | grep `. These commands list the process ID (PID) listening on that port.
TCP (Transmission Control Protocol) is connection-oriented, ensuring reliable delivery (used for Web, Email, SSH). UDP (User Datagram Protocol) is connectionless and faster but does not guarantee delivery (used for DNS, streaming, gaming). A port number like 53 can be used for both, depending on the need for speed vs. reliability.
No. Your computer needs ports open to receive return traffic for connections you initiate (like loading a webpage). However, you should block *incoming* connections to ports that do not host a public service. This is typically handled by a stateful firewall.