Common Port-to-Service Lookup

Common TCP/UDP ports with service name, protocol and typical process name.

Searchable quick-reference for the most commonly used TCP/UDP port assignments with service and daemon name. Look up a port number or service to find its protocol, transport and typical process. It runs free in your browser on Gera Tools, with nothing uploaded.

Last updated Source: Gera Tools

What is the difference between well-known and registered ports?

Well-known ports run from 0 to 1023 and are assigned by IANA to core services like HTTP (80) and SSH (22); binding them usually needs elevated privileges. Registered ports run from 1024 to 49151 and are assigned to specific applications. Above that, 49152 to 65535 are dynamic or ephemeral ports used for outbound connections.

Find what’s listening on a port

Network services live on numbered ports. HTTPS is 443, SSH is 22, PostgreSQL is 5432. When you see an open port in a scan, a firewall rule, or a netstat listing, you need to know what it is — and the reverse, the canonical port for a given service. This searchable reference covers the most common TCP and UDP assignments with the service name, transport and the typical daemon or process behind it.

How it works

Each entry pairs a port number with a transport protocol (TCP or UDP), because a port is only meaningful together with its transport — TCP 53 and UDP 53 are different endpoints. The table is filtered live: type a number to find the service, or type a service name to find its conventional port. The transport filter lets you restrict results when you are reasoning about a stateful TCP listener versus a connectionless UDP one. Port ranges follow IANA: 0–1023 well-known, 1024–49151 registered, 49152–65535 dynamic/ephemeral.

Ports you encounter most often

PortTransportServiceNotes
22TCPSSHSecure shell; restrict to trusted sources
25TCPSMTPMail relay between servers; usually blocked by ISPs for clients
53TCP + UDPDNSUDP for queries, TCP for zone transfers and large responses
80TCPHTTPUnencrypted web; many servers redirect to 443
443TCPHTTPSTLS-encrypted web traffic
587TCPSubmissionAuthenticated email from mail clients
3306TCPMySQLDefault database port; block from internet
5432TCPPostgreSQLDefault Postgres port; block from internet
6379TCPRedisIn-memory store; never expose without auth
8080TCPHTTP-altCommon for dev servers and proxies

Dual-transport services

Several services register on both TCP and UDP for the same port number. DNS is the clearest example: UDP 53 handles normal queries (fast, connectionless), while TCP 53 handles zone transfers and responses too large for a single UDP datagram. NTP uses UDP 123 for time synchronisation but TCP 123 for management in some implementations. SNMP uses UDP 161 for agents and UDP 162 for traps, with TCP available as a fallback.

What to check when a scan shows an unexpected open port

  1. Confirm the actual process: ss -tulpn | grep <port> or lsof -i :<port> (macOS/Linux) shows the listening PID.
  2. Check whether it should be public-facing or only reachable within a private network.
  3. Compare against your known service list — anything unrecognised warrants investigation, not assumption.
  4. For cloud environments, verify your security-group or firewall rules match what is actually open.

Tips and notes

Treat these as conventions, not guarantees — always confirm the real listening port with ss -tulpn or netstat -tulpn rather than assuming the default. Remember that some services need both transports (DNS, NTP) and some use one port for plaintext and another for TLS (HTTP 80 vs HTTPS 443, SMTP 25 vs submission 587 vs SMTPS 465). For firewalls, deny by default and open only the ports you intentionally serve, restricting management ports like SSH to trusted source addresses.