MSP & Windows

Port & Protocol Reference

Search common TCP/UDP ports with service and security notes.

42 results

20 TCP

FTP (data) insecure

File transfer data channel.

21 TCP

FTP (control) insecure

Cleartext file transfer. Prefer SFTP/FTPS.

22 TCP

SSH / SFTP sensitive

Secure shell and secure file transfer.

23 TCP

Telnet insecure

Cleartext remote shell. Do not use.

25 TCP

SMTP sensitive

Mail transfer between servers.

53 TCP/UDP

DNS

Domain name resolution.

67 UDP

DHCP (server)

Dynamic host configuration.

68 UDP

DHCP (client)

Dynamic host configuration.

69 UDP

TFTP insecure

Trivial FTP, often used for device firmware.

80 TCP

HTTP insecure

Unencrypted web traffic.

88 TCP/UDP

Kerberos sensitive

Windows / AD authentication.

110 TCP

POP3 insecure

Cleartext mail retrieval.

123 UDP

NTP

Network time synchronization.

135 TCP

MS RPC / EPMAP sensitive

Windows RPC endpoint mapper.

137 UDP

NetBIOS Name sensitive

Legacy Windows name service.

138 UDP

NetBIOS Datagram sensitive

Legacy Windows networking.

139 TCP

NetBIOS Session sensitive

Legacy SMB over NetBIOS.

143 TCP

IMAP insecure

Cleartext mail access.

161 UDP

SNMP sensitive

Device monitoring/management.

162 UDP

SNMP Trap

SNMP notifications.

389 TCP/UDP

LDAP insecure

Directory access (cleartext).

443 TCP

HTTPS

Encrypted web traffic (TLS).

445 TCP

SMB / CIFS sensitive

Windows file sharing. Heavily targeted.

465 TCP

SMTPS

SMTP over implicit TLS.

514 UDP

Syslog

System logging.

587 TCP

SMTP (submission)

Authenticated mail submission with STARTTLS.

636 TCP

LDAPS

LDAP over TLS.

993 TCP

IMAPS

IMAP over TLS.

995 TCP

POP3S

POP3 over TLS.

1433 TCP

MS SQL Server sensitive

Microsoft SQL database.

1521 TCP

Oracle DB sensitive

Oracle database listener.

1723 TCP

PPTP insecure

Legacy VPN, considered insecure.

3306 TCP

MySQL / MariaDB sensitive

MySQL database.

3389 TCP

RDP sensitive

Remote Desktop. Never expose to the internet.

5432 TCP

PostgreSQL sensitive

PostgreSQL database.

5060 TCP/UDP

SIP insecure

VoIP signalling (cleartext).

5061 TCP

SIP-TLS

Encrypted VoIP signalling.

5900 TCP

VNC sensitive

Remote desktop; often weak auth.

6379 TCP

Redis sensitive

In-memory data store. No auth by default.

8080 TCP

HTTP (alt)

Common proxy / app server port.

8443 TCP

HTTPS (alt)

Common alt TLS / management port.

27017 TCP

MongoDB sensitive

MongoDB database.