Appendix C. Common Ports
The following tables list the most common communication ports used by services, daemons, and programs included in Red Hat Enterprise Linux. This listing can also be found in the /etc/services file. For the official list of Well Known, Registered, and Dynamic ports as designated by the Internet Assigned Numbers Authority (IANA), refer to the following URL:
http://www.iana.org/assignments/port-numbers
 | Note |
|---|---|
The Layer, where listed, denotes whether the service or protocol uses TCP or UDP for transport. If not listed, the service/protocol can use both TCP and UDP. |
| Port # / Layer | Name | Comment |
|---|---|---|
| 1 | tcpmux | TCP port service multiplexer |
| 5 | rje | Remote Job Entry |
| 7 | echo | Echo service |
| 9 | discard | Null service for connection testing |
| 11 | systat | System Status service for listing connected ports |
| 13 | daytime | Sends date and time to requesting host |
| 17 | qotd | Sends quote of the day to connected host |
| 18 | msp | Message Send Protocol |
| 19 | chargen | Character Generation service; sends endless stream of characters |
| 20 | ftp-data | FTP data port |
| 21 | ftp | File Transfer Protocol (FTP) port; sometimes used by File Service Protocol (FSP) |
| 22 | ssh | Secure Shell (SSH) service |
| 23 | telnet | The Telnet service |
| 25 | smtp | Simple Mail Transfer Protocol (SMTP) |
| 37 | time | Time Protocol |
| 39 | rlp | Resource Location Protocol |
| 42 | nameserver | Internet Name Service |
| 43 | nicname | WHOIS directory service |
| 49 | tacacs | Terminal Access Controller Access Control System for TCP/IP based authentication and access |
| 50 | re-mail-ck | Remote Mail Checking Protocol |
| 53 | domain | domain name services (such as BIND) |
| 63 | whois++ | WHOIS++, extended WHOIS services |
| 67 | bootps | Bootstrap Protocol (BOOTP) services; also used by Dynamic Host Configuration Protocol (DHCP) services |
| 68 | bootpc | Bootstrap (BOOTP) client; also used by Dynamic Host Control Protocol (DHCP) clients |
| 69 | tftp | Trivial File Transfer Protocol (TFTP) |
| 70 | gopher | Gopher Internet document search and retrieval |
| 71 | netrjs-1 | Remote Job Service |
| 72 | netrjs-2 | Remote Job Service |
| 73 | netrjs-3 | Remote Job Service |
| 73 | netrjs-4 | Remote Job Service |
| 79 | finger | Finger service for user contact information |
| 80 | http | HyperText Transfer Protocol (HTTP) for World Wide Web (WWW) services |
| 88 | kerberos | Kerberos network authentication system |
| 95 | supdup | Telnet protocol extension |
| 101 | hostname | Hostname services on SRI-NIC machines |
| 102 | iso-tsap | ISO Development Environment (ISODE) network applications |
| 105 | csnet-ns | Mailbox nameserver; also used by CSO nameserver |
| 107 | rtelnet | Remote Telnet |
| 109 | pop2 | Post Office Protocol version 2 |
| 110 | pop3 | Post Office Protocol version 3 |
| 111 | sunrpc | Remote Procedure Call (RPC) Protocol for remote command execution, used by Network Filesystem (NFS) |
| 113 | auth | Authentication and Ident protocols |
| 115 | sftp | Secure File Transfer Protocol (SFTP) services |
| 117 | uucp-path | Unix-to-Unix Copy Protocol (UUCP) Path services |
| 119 | nntp | Network News Transfer Protocol (NNTP) for the USENET discussion system |
| 123 | ntp | Network Time Protocol (NTP) |
| 137 | netbios-ns | NETBIOS Name Services used in Red Hat Enterprise Linux by Samba |
| 138 | netbios-dgm | NETBIOS Datagram Services used in Red Hat Enterprise Linux by Samba |
| 139 | netbios-ssn | NETBIOS Session Services used in Red Hat Enterprise Linux by Samba |
| 143 | imap | Internet Message Access Protocol (IMAP) |
| 161 | snmp | Simple Network Management Protocol (SNMP) |
| 162 | snmptrap | Traps for SNMP |
| 163 | cmip-man | Common Management Information Protocol (CMIP) |
| 164 | cmip-agent | Common Management Information Protocol (CMIP) |
| 174 | mailq | MAILQ |
| 177 | xdmcp | X Display Manager Control Protocol |
| 178 | nextstep | NeXTStep window server |
| 179 | bgp | Border Gateway Protocol |
| 191 | prospero | Cliffod Neuman's Prospero services |
| 194 | irc | Internet Relay Chat (IRC) |
| 199 | smux | SNMP UNIX Multiplexer |
| 201 | at-rtmp | AppleTalk routing |
| 202 | at-nbp | AppleTalk name binding |
| 204 | at-echo | AppleTalk echo |
| 206 | at-zis | AppleTalk zone information |
| 209 | qmtp | Quick Mail Transfer Protocol (QMTP) |
| 210 | z39.50 | NISO Z39.50 database |
| 213 | ipx | Internetwork Packet Exchange (IPX), a datagram protocol commonly used in Novell Netware environments |
| 220 | imap3 | Internet Message Access Protocol version 3 |
| 245 | link | LINK |
| 347 | fatserv | Fatmen Server |
| 363 | rsvp_tunnel | RSVP Tunnel |
| 369 | rpc2portmap | Coda filesystem portmapper |
| 370 | codaauth2 | Coda filesystem authentication services |
| 372 | ulistproc | UNIX Listserv |
| 389 | ldap | Lightweight Directory Access Protocol (LDAP) |
| 427 | svrloc | Service Location Protocol (SLP) |
| 434 | mobileip-agent | Mobile Internet Protocol (IP) agent |
| 435 | mobilip-mn | Mobile Internet Protocol (IP) manager |
| 443 | https | Secure Hypertext Transfer Protocol (HTTP) |
| 444 | snpp | Simple Network Paging Protocol |
| 445 | microsoft-ds | Server Message Block (SMB) over TCP/IP |
| 464 | kpasswd | Kerberos password and key changing services |
| 468 | photuris | Photuris session key management protocol |
| 487 | saft | Simple Asynchronous File Transfer (SAFT) protocol |
| 488 | gss-http | Generic Security Services (GSS) for HTTP |
| 496 | pim-rp-disc | Rendezvous Point Discovery (RP-DISC) for Protocol Independent Multicast (PIM) services |
| 500 | isakmp | Internet Security Association and Key Management Protocol (ISAKMP) |
| 535 | iiop | Internet Inter-Orb Protocol (IIOP) |
| 538 | gdomap | GNUstep Distributed Objects Mapper (GDOMAP) |
| 546 | dhcpv6-client | Dynamic Host Configuration Protocol (DHCP) version 6 client |
| 547 | dhcpv6-server | Dynamic Host Configuration Protocol (DHCP) version 6 Service |
| 554 | rtsp | Real Time Stream Control Protocol (RTSP) |
| 563 | nntps | Network News Transport Protocol over Secure Sockets Layer (NNTPS) |
| 565 | whoami | whoami |
| 587 | submission | Mail Message Submission Agent (MSA) |
| 610 | npmp-local | Network Peripheral Management Protocol (NPMP) local / Distributed Queueing System (DQS) |
| 611 | npmp-gui | Network Peripheral Management Protocol (NPMP) GUI / Distributed Queueing System (DQS) |
| 612 | hmmp-ind | HMMP Indication / DQS |
| 631 | ipp | Internet Printing Protocol (IPP) |
| 636 | ldaps | Lightweight Directory Access Protocol over Secure Sockets Layer (LDAPS) |
| 674 | acap | Application Configuration Access Protocol (ACAP) |
| 694 | ha-cluster | Heartbeat services for High-Availability Clusters |
| 749 | kerberos-adm | Kerberos version 5 (v5) 'kadmin' database administration |
| 750 | kerberos-iv | Kerberos version 4 (v4) services |
| 765 | webster | Network Dictionary |
| 767 | phonebook | Network Phonebook |
| 873 | rsync | rsync file transfer services |
| 992 | telnets | Telnet over Secure Sockets Layer (TelnetS) |
| 993 | imaps | Internet Message Access Protocol over Secure Sockets Layer (IMAPS) |
| 994 | ircs | Internet Relay Chat over Secure Sockets Layer (IRCS) |
| 995 | pop3s | Post Office Protocol version 3 over Secure Sockets Layer (POP3S) |
Table C-1. Well Known Ports
The following ports are UNIX-specific and cover services ranging from email to authentication and more. Names enclosed in brackets (for example, [service]) are either daemon names for the service or common alias(es).
| Port # / Layer | Name | Comment |
|---|---|---|
| 512/tcp | exec | Authentication for remote process execution |
| 512/udp | biff [comsat] | Asynchrous mail client (biff) and service (comsat) |
| 513/tcp | login | Remote Login (rlogin) |
| 513/udp | who [whod] | who logged user listing |
| 514/tcp | shell [cmd] | remote shell (rshell) and remote copy (rcp) with no logging |
| 514/udp | syslog | UNIX system logging service |
| 515 | printer [spooler] | line printer (lpr) spooler |
| 517/udp | talk | talk remote calling service and client |
| 518/udp | ntalk | Network talk (ntalk) remote calling service and client |
| 519 | utime [unixtime] | UNIX time (utime) protocol |
| 520/tcp | efs | Extended Filename Server (EFS) |
| 520/udp | router [route, routed] | Routing Information Protocol (RIP) |
| 521 | ripng | Routing Information Protocol for Internet Protocol version 6 (IPv6) |
| 525 | timed [timeserver] | Time daemon (timed) |
| 526/tcp | tempo [newdate] | Tempo |
| 530/tcp | courier [rpc] | Courier Remote Procedure Call (RPC) protocol |
| 531/tcp | conference [chat] | Internet Relay Chat |
| 532 | netnews | Netnews |
| 533/udp | netwall | Netwall for emergency broadcasts |
| 540/tcp | uucp [uucpd] | Unix-to-Unix copy services |
| 543/tcp | klogin | Kerberos version 5 (v5) remote login |
| 544/tcp | kshell | Kerberos version 5 (v5) remote shell |
| 548 | afpovertcp | Appletalk Filing Protocol (AFP) over Transmission Control Protocol (TCP) |
| 556 | remotefs [rfs_server, rfs] | Brunhoff's Remote Filesystem (RFS) |
Table C-2. UNIX Specific Ports
Table C-3 lists ports submitted by the network and software community to the IANA for formal registration in the port number list.
| Port # / Layer | Name | Comment |
|---|---|---|
| 1080 | socks | SOCKS network application proxy services |
| 1236 | bvcontrol [rmtcfg] | Garcilis Packeten Remote Configuration Server[a] |
| 1300 | h323hostcallsc | H.323 teleconferencing Host Call Secure |
| 1433 | ms-sql-s | Microsoft SQL Server |
| 1434 | ms-sql-m | Microsoft SQL Monitor |
| 1494 | ica | Citrix ICA Client |
| 1512 | wins | Microsoft Windows Internet Name Server |
| 1524 | ingreslock | Ingres Database Management System (DBMS) lock services |
| 1525 | prospero-np | Prospero non-priveleged |
| 1645 | datametrics [old-radius] | Datametrics / old radius entry |
| 1646 | sa-msg-port [oldradacct] | sa-msg-port / old radacct entry |
| 1649 | kermit | Kermit file transfer and management service |
| 1701 | l2tp [l2f] | Layer 2 Tunneling Protocol (LT2P) / layer 2 forwarding (L2F) |
| 1718 | h323gatedisc | H.323 telecommunication Gatekeeper Discovery |
| 1719 | h323gatestat | H.323 telecommunication Gatekeeper Status |
| 1720 | h323hostcall | H.323 telecommunication Host Call setup |
| 1758 | tftp-mcast | Trivial FTP Multicast |
| 1759 | mtftp | Multicast Trivial FTP (MTFTP) |
| 1789 | hello | Hello router communication protocol |
| 1812 | radius | Radius dial-up authentication and accounting services |
| 1813 | radius-acct | Radius Accounting |
| 1911 | mtp | Starlight Networks Multimedia Transport Protocol (MTP) |
| 1985 | hsrp | Cisco Hot Standby Router Protocol |
| 1986 | licensedaemon | Cisco License Management Daemon |
| 1997 | gdp-port | Cisco Gateway Discovery Protocol (GDP) |
| 2049 | nfs [nfsd] | Network File System (NFS) |
| 2102 | zephyr-srv | Zephyr notice transport and delivery Server |
| 2103 | zephyr-clt | Zephyr serv-hm connection |
| 2104 | zephyr-hm | Zephyr host manager |
| 2401 | cvspserver | Concurrent Versions System (CVS) client/server operations |
| 2430/tcp | venus | Venus cache manager for Coda file system (codacon port) |
| 2430/udp | venus | Venus cache manager for Coda file system (callback/wbc interface) |
| 2431/tcp | venus-se | Venus Transmission Control Protocol (TCP) side effects |
| 2431/udp | venus-se | Venus User Datagram Protocol (UDP) side effects |
| 2432/udp | codasrv | Coda file system server port |
| 2433/tcp | codasrv-se | Coda file system TCP side effects |
| 2433/udp | codasrv-se | Coda file system UDP SFTP side effect |
| 2600 | hpstgmgr [zebrasrv] | HPSTGMGR; Zebra routing[b] |
| 2601 | discp-client [zebra] | discp client; Zebra integrated shell |
| 2602 | discp-server [ripd] | discp server; Routing Information Protocol daemon (ripd) |
| 2603 | servicemeter [ripngd] | Service Meter; RIP daemon for IPv6 |
| 2604 | nsc-ccs [ospfd] | NSC CCS; Open Shortest Path First daemon (ospfd) |
| 2605 | nsc-posa | NSC POSA; Border Gateway Protocol daemon (bgpd) |
| 2606 | netmon [ospf6d] | Dell Netmon; OSPF for IPv6 daemon (ospf6d) |
| 2809 | corbaloc | Common Object Request Broker Architecture (CORBA) naming service locator |
| 3130 | icpv2 | Internet Cache Protocol version 2 (v2); used by Squid Proxy caching server |
| 3306 | mysql | MySQL database service |
| 3346 | trnsprntproxy | Trnsprnt Proxy |
| 4011 | pxe | Pre-execution Environment (PXE) service |
| 4321 | rwhois | Remote Whois (rwhois) service |
| 4444 | krb524 | Kerberos version 5 (v5) to version 4 (v4) ticket translator |
| 5002 | rfe | Radio Free Ethernet (RFE) audio broadcasting system |
| 5308 | cfengine | Configuration Engine (Cfengine) |
| 5999 | cvsup [CVSup] | CVSup file transfer and update tool |
| 6000 | x11 [X] | X Window System services |
| 7000 | afs3-fileserver | Andrew File System (AFS) file server |
| 7001 | afs3-callback | AFS port for callbacks to cache manager |
| 7002 | afs3-prserver | AFS user and group database |
| 7003 | afs3-vlserver | AFS volume location database |
| 7004 | afs3-kaserver | AFS Kerberos authentication service |
| 7005 | afs3-volser | AFS volume management server |
| 7006 | afs3-errors | AFS error interpretation service |
| 7007 | afs3-bos | AFS basic overseer process |
| 7008 | afs3-update | AFS server-to-server updater |
| 7009 | afs3-rmtsys | AFS remote cache manager service |
| 9876 | sd | Session Director |
| 10080 | amanda | Advanced Maryland Automatic Network Disk Archiver (Amanda) backup services |
| 11371 | pgpkeyserver | Pretty Good Privacy (PGP) / GNU Privacy Guard (GPG) public keyserver |
| 11720 | h323callsigalt | H.323 Call Signal Alternate |
| 13720 | bprd | Veritas NetBackup Request Daemon (bprd) |
| 13721 | bpdbm | Veritas NetBackup Database Manager (bpdbm) |
| 13722 | bpjava-msvc | Veritas NetBackup Java / Microsoft Visual C++ (MSVC) Protocol |
| 13724 | vnetd | Veritas Network Utility |
| 13782 | bpcd | Vertias NetBackup |
| 13783 | vopied | Veritas VOPIED Protocol |
| 22273 | wnn6 [wnn4] | Kana/Kanji conversion system[c] |
| 26000 | quake | Quake (and related) multi-player game servers |
| 26208 | wnn6-ds | |
| 33434 | traceroute | Traceroute network tracking tool |
| Notes: a. Comment from /etc/services: "Port 1236 is registered as `bvcontrol', but is also used by the Gracilis Packeten remote config server. The official name is listed as the primary name, with the unregistered name as an alias." b. Note from /etc/services: "Ports numbered 2600 through 2606 are used by the zebra package without being registered. The primary names are the registered names, and the unregistered names used by zebra are listed as aliases." c. Note from /etc/services: "This port is registered as wnn6, but also used under the unregistered name 'wnn4' by the FreeWnn package." | ||
Table C-3. Registered Ports
Table C-4 shows a list of ports related to Datagram Delivery Protocol (DDP) used on AppleTalk networks.
| Port # / Layer | Name | Comment |
|---|---|---|
| 1/ddp | rtmp | Routing Table Management Protocol |
| 2/ddp | nbp | Name Binding Protocol |
| 4/ddp | echo | AppleTalk Echo Protocol |
| 6/ddp | zip | Zone Information Protocol |
Table C-4. Datagram Deliver Protocol Ports
Table C-5 is a listing of ports related to the Kerberos network authentication protocol. Where noted, v5 refers to Kerberos version 5 protocol. Note that these ports are not registered with the IANA.
| Port # / Layer | Name | Comment |
|---|---|---|
| 751 | kerberos_master | Kerberos authentication |
| 752 | passwd_server | Kerberos Password (kpasswd) server |
| 754 | krb5_prop | Kerberos v5 slave propagation |
| 760 | krbupdate [kreg] | Kerberos registration |
| 1109 | kpop | Kerberos Post Office Protocol (KPOP) |
| 2053 | knetd | Kerberos de-multiplexor |
| 2105 | eklogin | Kerberos v5 encrypted remote login (rlogin) |
Table C-5. Kerberos (Project Athena/MIT) Ports
Table C-6 is a listing of unregistered ports that are used by services and protocols that may be installed on your Red Hat Enterprise Linux system or is necessary for communication between Red Hat Enterprise Linux and systems running other operating systems.
| Port # / Layer | Name | Comment |
|---|---|---|
| 15/tcp | netstat | Network Status (netstat) |
| 98/tcp | linuxconf | Linuxconf Linux administration tool |
| 106 | poppassd | Post Office Protocol Password change daemon (POPPASSD) |
| 465/tcp | smtps | Simple Mail Transfer Protocol over Secure Sockets Layer (SMTPS) |
| 616/tcp | gii | Gated (routing daemon) Interactive Interface |
| 808 | omirr [omirrd] | Online Mirror (Omirr) file mirroring services |
| 871/tcp | supfileserv | Software Upgrade Protocol (SUP) server |
| 901/tcp | swat | Samba Web Administration Tool (SWAT) |
| 953 | rndc | Berkeley Internet Name Domain version 9 (BIND 9) remote name daemon configuration tool |
| 1127 | sufiledbg | Software Upgrade Protocol (SUP) debugging |
| 1178/tcp | skkserv | Simple Kana to Kanji (SKK) Japanese input server |
| 1313/tcp | xtel | French Minitel text information system |
| 1529/tcp | support [prmsd, gnatsd] | GNATS bug tracking system |
| 2003/tcp | cfinger | GNU Finger |
| 2150 | ninstall | Network Installation Service |
| 2988 | afbackup | afbackup client-server backup system |
| 3128/tcp | squid | Squid Web proxy cache |
| 3455 | prsvp | RSVP port |
| 5432 | postgres | PostgreSQL database |
| 4557/tcp | fax | FAX transmission service (old service) |
| 4559/tcp | hylafax | HylaFAX client-server protocol (new service) |
| 5232 | sgi-dgl | SGI Distributed Graphics Library |
| 5354 | noclog | NOCOL network operation center logging daemon (noclogd) |
| 5355 | hostmon | NOCOL network operation center host monitoring |
| 5680/tcp | canna | Canna Japanese character input interface |
| 6010/tcp | x11-ssh-offset | Secure Shell (SSH) X11 forwarding offset |
| 6667 | ircd | Internet Relay Chat daemon (ircd) |
| 7100/tcp | xfs | X Font Server (XFS) |
| 7666/tcp | tircproxy | Tircproxy IRC proxy service |
| 8008 | http-alt | Hypertext Tranfer Protocol (HTTP) alternate |
| 8080 | webcache | World Wide Web (WWW) caching service |
| 8081 | tproxy | Transparent Proxy |
| 9100/tcp | jetdirect [laserjet, hplj] | Hewlett-Packard (HP) JetDirect network printing service |
| 9359 | mandelspawn [mandelbrot] | Parallel Mandelbrot spawning program for the X Window System |
| 10081 | kamanda | Amanda backup service over Kerberos |
| 10082/tcp | amandaidx | Amanda backup services |
| 10083/tcp | amidxtape | Amanda backup services |
| 20011 | isdnlog | Integrated Systems Digital Network (ISDN) logging system |
| 20012 | vboxd | ISDN voice box daemon (vboxd) |
| 22305/tcp | wnn4_Kr | kWnn Korean input system |
| 22289/tcp | wnn4_Cn | cWnn Chinese input system |
| 22321/tcp | wnn4_Tw | tWnn Chinese input system (Taiwan) |
| 24554 | binkp | Binkley TCP/IP Fidonet mailer daemon |
| 27374 | asp | Address Search Protocol |
| 60177 | tfido | Ifmail FidoNet compatible mailer service |
| 60179 | fido | FidoNet electronic mail and news network |
Table C-6. Unregistered Ports