List of known TCP ports 1
List of known TCP ports - Part 1
Here is a list of known TCP ports and their default service assignments, and information about the availability of these ports and services on Windows computers:
TCP Port 21 – FTP (File Transfer Protocol). This protocol is suitable for transferring files between computers. If your computer actually works as a FTP server, then it is normal to have port 21 open; otherwise you should take measures to block this port since the possibility of transferring files through FTP can result in lower security for your computer. Please also note that under Windows+IIS, using integrated authentication and non-anonymous FTP transfers, can result in account login details being transferred over the network in plain text, and therefore they can be intercepted by sniffers and your server may be compromised in this fashion.
TCP Port 22 - SSH. SSH stands for Secure Shell, and it is a secure protocol which is rather difficult to exploit for an attacker,although it can be used to remotely control your machine after the computer has been already compromised. The purpose of SSH is to provide the user with secure login on a remote computer, the ability to perform various commands on the remote computer, and downloading/uploading of files. This protocol works in a similar fashion as Telnet, but SSH is secured.
TCP Port 23 – Telnet is a widely used protocol, that can be usd by any remote computer users, to log into your computer and perform various commands. If your computer runs a Telnet server, then this port should be opened; otherwise it should not be active. Please note that due to security risks involved, the Telnet Service is disabled in most default Windows configurations although Telnet is shipped with Windows by default, but disabled.
TCP Port 25 – SMTP, which stands for Simple Mail Transfer Protocol. This protocol is used to transfer emails between hosts; it works in conjunction with the POP3 or IMAP protocols and together contribute to full mail server functionality. If you are running a mail server on your computer, this port should be open, otherwise it should be blocked. Please note that some Windows installations may have the SMTP service installed and running; this service works somewhat similar to a SMTP server but in most cases it is not used on the local computer, if emails are being sent through a mail server provided by your ISP, so you may look into disabling the SMTP service on a Windows machine and your emails will still work normally if you are using an external mail server from your Internet service provider, to send your emails.
TCP Port 79 – Finger is an Internet protocol that can be used to find information about yourself, like your name and profile information, and whether you are logged in. This protocol is rarely used today and in most cases it should be blocked.
TCP Port 80 – This is probably the most used TCP port, as it is the default port for HTTP (Hypertext Transfer Protocol). The HTTP protocol is the Internet protocol for WWW – used to transfer Web pages between web servers and client machines running web browsers. TCP Port 80 should not be open on your machine, unless you are actually running a Web server on it. The default web server on Windows machines is IIS; while this server is not insecure by itself, it can be dangerous for the common user without advanced technical knowledge in configuring IIS, if the server is not properly configured and computer is not updated on a daily bases with security patches from Microsoft. If you are not running a Web server, you should not have this port open.
Port 110 - POP3 , which stands for Post Office Protocol, is a protocol used by email servers and email clients like Outlook for example. This port is used by the email client, in order to connect to the mail server, authenticate and retrieve mail. This port should not be open on your machine, unless you are running a mail server. As a comment, please note that with POP3, passwords are sent in clear text so they may be detected by other parties while in transit.
Port 113 - Ident / Authentication. Ident is a service usually required by chat servers and news servers, that may perform Ident requests before allowing users to access server resources. This port should normally be blocked; however, please note that if this port is in stealth mode, you may experience severe performance degradation if you are using chat or news services that perform Ident requests on your computer, because you will have to wait until Ident requests are timing out. If you experience such timing problems, you may want to have this port configured on blocked status rather than stealth status.
Port 119 - NNTP stands for Network News Transfer Protocol, and it is a well known Internet service associated to news servers, allowing Internet users to access news documents residing on the server and distributing these documents to other servers as well. This port should not be open on your computer, unless you are actually running a news server on your machine.
TCP Port 21 – FTP (File Transfer Protocol). This protocol is suitable for transferring files between computers. If your computer actually works as a FTP server, then it is normal to have port 21 open; otherwise you should take measures to block this port since the possibility of transferring files through FTP can result in lower security for your computer. Please also note that under Windows+IIS, using integrated authentication and non-anonymous FTP transfers, can result in account login details being transferred over the network in plain text, and therefore they can be intercepted by sniffers and your server may be compromised in this fashion.
TCP Port 22 - SSH. SSH stands for Secure Shell, and it is a secure protocol which is rather difficult to exploit for an attacker,although it can be used to remotely control your machine after the computer has been already compromised. The purpose of SSH is to provide the user with secure login on a remote computer, the ability to perform various commands on the remote computer, and downloading/uploading of files. This protocol works in a similar fashion as Telnet, but SSH is secured.
TCP Port 23 – Telnet is a widely used protocol, that can be usd by any remote computer users, to log into your computer and perform various commands. If your computer runs a Telnet server, then this port should be opened; otherwise it should not be active. Please note that due to security risks involved, the Telnet Service is disabled in most default Windows configurations although Telnet is shipped with Windows by default, but disabled.
TCP Port 25 – SMTP, which stands for Simple Mail Transfer Protocol. This protocol is used to transfer emails between hosts; it works in conjunction with the POP3 or IMAP protocols and together contribute to full mail server functionality. If you are running a mail server on your computer, this port should be open, otherwise it should be blocked. Please note that some Windows installations may have the SMTP service installed and running; this service works somewhat similar to a SMTP server but in most cases it is not used on the local computer, if emails are being sent through a mail server provided by your ISP, so you may look into disabling the SMTP service on a Windows machine and your emails will still work normally if you are using an external mail server from your Internet service provider, to send your emails.
TCP Port 79 – Finger is an Internet protocol that can be used to find information about yourself, like your name and profile information, and whether you are logged in. This protocol is rarely used today and in most cases it should be blocked.
TCP Port 80 – This is probably the most used TCP port, as it is the default port for HTTP (Hypertext Transfer Protocol). The HTTP protocol is the Internet protocol for WWW – used to transfer Web pages between web servers and client machines running web browsers. TCP Port 80 should not be open on your machine, unless you are actually running a Web server on it. The default web server on Windows machines is IIS; while this server is not insecure by itself, it can be dangerous for the common user without advanced technical knowledge in configuring IIS, if the server is not properly configured and computer is not updated on a daily bases with security patches from Microsoft. If you are not running a Web server, you should not have this port open.
Port 110 - POP3 , which stands for Post Office Protocol, is a protocol used by email servers and email clients like Outlook for example. This port is used by the email client, in order to connect to the mail server, authenticate and retrieve mail. This port should not be open on your machine, unless you are running a mail server. As a comment, please note that with POP3, passwords are sent in clear text so they may be detected by other parties while in transit.
Port 113 - Ident / Authentication. Ident is a service usually required by chat servers and news servers, that may perform Ident requests before allowing users to access server resources. This port should normally be blocked; however, please note that if this port is in stealth mode, you may experience severe performance degradation if you are using chat or news services that perform Ident requests on your computer, because you will have to wait until Ident requests are timing out. If you experience such timing problems, you may want to have this port configured on blocked status rather than stealth status.
Port 119 - NNTP stands for Network News Transfer Protocol, and it is a well known Internet service associated to news servers, allowing Internet users to access news documents residing on the server and distributing these documents to other servers as well. This port should not be open on your computer, unless you are actually running a news server on your machine.
This information is provided without any warranties of any kind. Use it at your own risk. Terms and conditions