Service Ports - secuguru/security-terms GitHub Wiki

Service ports are numerical identifiers assigned to specific processes or network services that run on a server or system. These ports allow devices to direct network traffic to the correct application. Different services (such as web servers, email servers, and file transfer services) are assigned specific ports to make network communication standardized and organized.

The total range of available ports is from 0 to 65535, and they are divided into specific categories based on their intended use and whether they are registered or dynamically assigned. Here’s a breakdown of the different port ranges:

  1. Port Range: 0 - 1023 (Well-Known or System Ports)
  • Reserved for Common Services: These ports are reserved for the most widely used and standardized network services, such as web servers, email services, and file transfers. For example:
  • Port 80: Used for HTTP (web traffic).
  • Port 443: Used for HTTPS (secure web traffic).
  • Port 22: Used for SSH (secure remote login).
  • Port 25: Used for SMTP (email sending).
  • Sudo Required: On many operating systems, especially Unix/Linux, only privileged users (e.g., administrators or root) can bind services to ports in this range. This is done to ensure that only trusted system services are using these critical ports.
  • Purpose: The services running on these ports are essential for common network tasks, and the standardization helps clients and servers to communicate efficiently.
  1. Port Range: 1024 - 49151 (Registered Ports)
  • IANA-Registered Services: These ports are registered by the Internet Assigned Numbers Authority (IANA) for use by specific applications or services. These applications are not as essential as those in the well-known port range, but they are still standardized and recognized.
  • Example:
    • Port 3306: Used by MySQL database servers.
    • Port 5432: Used by PostgreSQL database servers.
    • Common Applications: Ports in this range are used by applications that need to communicate over the network but don’t require administrative privileges to bind to the port. They are assigned to specific applications by IANA to avoid conflicts between services.
    • User-Run Services: These ports are often used by user-installed applications and services, and any user with standard privileges can bind a service to a port in this range.
  1. Port Range: 49152 - 65535 (Dynamic or Private Ports)
  • Dynamic Ports: Also known as ephemeral ports, these ports are not registered for any specific service. They are assigned dynamically by the operating system when a temporary network connection needs to be made, typically for client-side communication.
  • Purpose: When a client device (like a web browser) connects to a server, it often uses one of these dynamic ports to establish the connection. Once the connection is closed, the port is released and can be used for another connection.
  • Can Be Used for Anything: These ports can be used by applications for temporary connections or for non-standard services that don’t need to be registered with IANA.
  • Example: When you open a web browser and connect to a website, your browser might use a dynamic port (e.g., port 50000) to make the outgoing request to the server’s well-known port (e.g., port 80 for HTTP).

Summary of Port Ranges:

  1. 0 - 1023: Reserved for well-known services (e.g., HTTP, FTP, SSH). Binding to these ports often requires administrative privileges.
  2. 1024 - 49151: Registered ports for specific applications or services (e.g., MySQL, PostgreSQL). These ports are assigned by IANA.
  3. 49152 - 65535: Dynamic ports used for temporary connections, often assigned on-the-fly by the operating system and used for general or private applications.

In practice, understanding these port ranges helps network administrators manage traffic, troubleshoot issues, and configure firewalls to control access to various services.