A curated subset of the IANA Service Name and Transport Protocol Port Number Registry covering the ports that working developers actually encounter. Each row gives the port number, protocol (tcp / udp / both), the IANA-assigned service name, a one-line description of what runs on it, and a functional category (Web, Database, Mail, VPN, etc.). Spans the system (0-1023), registered (1024-49151), and a handful of dynamic-range (49152+) ports.
Pro tip: Port 80 (HTTP) and 443 (HTTPS) get nearly all the attention, but 53 (DNS) sees more traffic per second on a typical network than any other port. A name lookup happens before almost every other connection.
Select which columns to include in your download.
About the Well-Known Ports Dataset
IANA maintains the master Service Name and Transport Protocol Port Number Registry, which is the canonical source for assigning port numbers to services. The full registry has thousands of entries, most of which are vendor-specific or obscure. This dataset is the practical subset — the ports a network engineer, sysadmin, security researcher, or backend developer is likely to need to recognize. Includes industrial and IoT protocols (Modbus, BACnet, MQTT), container orchestration (Docker, Kubernetes), modern databases (PostgreSQL, MongoDB, Redis, Cassandra), VPN protocols (OpenVPN, WireGuard, IPsec), and the standard internet stack.
Common Use Cases
Network engineering documentation, firewall rule auditing, port-scanning result interpretation, security incident triage, container deployment configuration, application reference cards, infrastructure-as-code rules, intrusion-detection signature tuning, and developer onboarding materials.
Column Reference
- port — TCP/UDP port number (1-65535).
- protocol — tcp, udp, both, or sctp (a few entries).
- service — IANA-assigned short service name.
- description — one-line description of what runs on this port.
- category — functional category for filtering: Web, Database, Mail, VPN, Authentication, Network Management, etc.
Port Number Ranges
IANA divides the port space into three ranges. System ports (0-1023) are the well-known ports — reserved for system services and require root/admin privileges to bind. Registered ports (1024-49151) are assigned to specific applications by IANA. Dynamic / private ports (49152-65535) are unallocated by IANA and used for client-side ephemeral connections; an OS picks one at random each time a client opens an outbound connection.
Why Port Conventions Matter
Firewalls, load balancers, intrusion detection, security policies, and most network tooling treat well-known port numbers as identifiers for specific protocols. Running SSH on port 80 confuses every off-the-shelf tool. Running a web server on port 22 makes it look like SSH to scanners. Most modern services let you configure the port, but unless you have a specific reason to deviate, sticking to convention saves operational headaches.
TLS Variants Have Their Own Ports
Many protocols have separate well-known ports for the TLS-wrapped variants: 80 (HTTP) / 443 (HTTPS), 25/587 (SMTP) / 465 (SMTPS), 110 (POP3) / 995 (POP3S), 143 (IMAP) / 993 (IMAPS), 53 (DNS) / 853 (DNS over TLS), 21 (FTP) / 990 (FTPS). Modern best practice is shifting toward using a single port with STARTTLS negotiation rather than separate plaintext / TLS ports, but the dual-port convention is heavily entrenched.
Industrial and IoT Protocols
The list includes ports for industrial protocols (Modbus 502, EtherNet/IP 44818, BACnet 47808) and IoT protocols (MQTT 1883, CoAP 5683). These show up in operational technology (OT) networks alongside the standard IT stack and are increasingly relevant to security teams doing converged IT/OT defense.
Trojan and Malware Ports
A few entries flag historically-malicious ports (NetBus 12345, Cobalt Strike 50050, Back Orifice 54321) that show up in security signatures. They have no legitimate use; their presence in network traffic is a strong indicator of compromise. Most modern malware uses random or dynamic ports and tunnels over HTTPS, but legacy signatures still trigger on these.
