TCP Port


Transmission Control Protocol (TCP) is a fundamental communication protocol used to transmit data over the internet and other networks. A TCP port is a 16−bit number that identifies specific processes running on a device in a networked environment. The function of TCP ports is closely related to the concept of IP addresses, which identify individual devices on a network.

Ports are essentially virtual channels, which allow multiple applications and services to communicate with each other using the same IP address. The combination of an IP address and port number uniquely identifies a process or service running on a device.

Understanding TCP Ports

TCP (Transmission Control Protocol) is one of the most widely used protocols in computer networking, because it provides a reliable, ordered and error−checked delivery of data between applications running on end systems. The role of ports in TCP communication is to assist in distinguishing multiple communication channels within a single host.

Every TCP connection is defined by four elements: source IP address, source port number, destination IP address and destination port number. The first two elements identify the sending host and the application that generates the data, while the last two elements identify the receiving host and application.

Role of ports in TCP communication

Ports are logical constructs used by TCP to differentiate between various ongoing communications on one machine. Each port represents an endpoint where applications send or receive data over a network. When an application sends traffic using TCP protocol, it specifies both its own source port and its intended destination port for routing purposes so that other devices on the network can accurately direct their responses back.

Types of ports: well−known, registered, and dynamic

There are three types of ports in TCP: well−known ports (0−1023), registered ports (1024−49151), and dynamic or private ports (49152−65535). Well−known ports are typically reserved for system services such as HTTP (port 80) and FTP (port 21), while registered ports are assigned by the Internet Assigned Numbers Authority (IANA) to specific applications or services.

Dynamic ports, on the other hand, are not pre−assigned and are used by client applications to initiate communication with a server application. They are assigned at random from the range of available port numbers.

Well−Known Ports

Definition and Examples of Well−Known Ports

In computer networking, well−known ports are those TCP/IP ports whose numbers range from 0 to 1023. These ports have been reserved by the Internet Assigned Numbers Authority (IANA) for specific purposes.

Some examples of well−known ports include Port 80 for HTTP traffic, Port 443 for HTTPS traffic, Port 22 for SSH traffic, and Port 25 for SMTP traffic. These are just a few examples as there are many other well−known ports that serve various purposes.

Common Uses of Well−Known Ports

Well−known ports are used by a wide variety of applications and services such as web servers, email servers, file transfer protocols, and remote access tools. For example, when you use your web browser to visit a website via HTTP (Port 80), your connection is established through that port.

Similarly, when you send or receive emails via SMTP (Port 25), the communication takes place over that port. Knowing which port an application or service uses can be helpful in troubleshooting network connectivity issues.

Registered Ports

Definition and Examples of Registered Ports

Registered ports are the ones that are assigned by the Internet Assigned Numbers Authority (IANA) to applications that require high port numbers but should not use dynamic port allocation. These ports range from 1024 to 49151, and they can be used by any application, as long as it is registered with IANA. When an application has a registered port number, it guarantees that no other application will use that same number.

Some examples of registered ports include:

  • SSH (Secure Shell) − Port 22

  • Telnet − Port 23

  • SMTP (Simple Mail Transfer Protocol) − Port 25

  • HTTP (Hypertext Transfer Protocol) − Port 80

  • POP3 (Post Office Protocol version 3) − Port 110

  • IMAP (Internet Message Access Protocol) − Port 143

  • SMB (Server Message Block protocol used for file sharing in Windows) − Ports: TCP/445, UDP/137−138, TCP/139

Applications That Use Registered Ports

Many applications use registered ports for communication. These include email servers like SMTP and POP3 servers, web servers like Apache or Nginx that listen on port 80 or HTTPS on port 443, database management systems like MySQL or PostgreSQL on port number range between from 3306 to 5432 respectively. Other applications might include online gaming platforms using ports such as HTTP/HTTPS tunneling protocols like WebSockets on port numbers such as TCP/843 and UDP/3478 for STUN protocol.

Dynamic Ports

Dynamic ports are temporary ports used by applications for client−server communication, which are not pre−assigned like well−known and registered ports. They are also known as private or ephemeral ports. Dynamic port numbers range from 49152 to 65535 and are assigned dynamically by the operating system when an application requests a port during runtime.

How dynamic ports are assigned to applications

The assignment of dynamic port numbers is based on the concept of first−come, first−served (FCFS). When an application wants to communicate with another endpoint on the network using TCP/IP, it sends a SYN packet with its source IP address, source port number, destination IP address, and destination port number. If the destination uses a well−known or registered port number, it will respond with a SYN−ACK packet containing its own source and destination IP addresses and port numbers.

The client application then sends an ACK packet confirming receipt of the response packet. On successful completion of this process, both endpoints establish communication using dynamically assigned ephemeral ports.

TCP Port Scanning Techniques

What is port scanning?

Port scanning is the process of sending data packets to a range of TCP or UDP ports on a target computer or network to determine which ports are open and can be used for communication. Hackers often use port scanning techniques to identify vulnerable systems and exploit them. Port scanning can be done manually or automated using specialized software tools, such as Nmap, Angry IP Scanner, and Zenmap.

Why do hackers use port scanning?

Hackers use port scanning as a reconnaissance technique to gather information about the target system or network. By identifying open ports, hackers can determine which services are running on the system and what vulnerabilities they may have. They can also use port scans to find backdoors that may have been left open by previous attackers or administrators.


TCP Port is one of the most important aspects that governs internet communication today. In this article, we have covered the different types of TCP ports − well−known, registered, and dynamic. We've also provided an extensive list of TCP/IP port numbers along with their descriptions.

Understanding these details can help developers and network administrators better manage networks and prevent potential security risks. By staying updated with the latest developments in TCP Port technology, we can continue to build a more secure and efficient internet for everyone to use.

Updated on: 11-Jul-2023


Kickstart Your Career

Get certified by completing the course

Get Started