A network port is a numeric identifier for a program or process that handles a network connection.
1. Analogy: Apartment Building
Imagine your computer is a huge apartment building.
- IP address — this is the address of the building itself (e.g., 5 Linzer Street). The postman (network) knows where to bring the letter and delivers it to the entrance.
- Network port — this is the apartment number. When a letter (data packet) arrives at the building (computer), the doorman (operating system) needs to know exactly who to give it to.
- Apartment #80 is home to the web browser.
- Apartment #25 is home to the email client.
- Apartment #22 is home to the administrator (SSH). Without an apartment number (port), data would arrive at the computer, but the system wouldn’t know which application to pass it to.
2. How It Works Technically
In computer language, a port is a 16-bit number. This means there can be a total of 65,535 ports. When data is transmitted over a network (usually via TCP or UDP protocols), the header of each packet always specifies two ports:
- Port of Source: The sender’s port (where the data came from).
- Port of Destination: The receiver’s port (which “door” to knock on).
3. Port Classification
All 65,535 ports are divided into three strict categories:
- System ports (Well-known ports): 0 to 1023. This is the “elite”. They are reserved for the most important standard internet services (websites, email, file transfer). Usually, administrator rights are required to open such a port on your computer.
- Registered ports: 1024 to 49151. These ports are assigned to specific applications (e.g., SQL databases, game servers like Minecraft, Skype, etc.).
- Dynamic ports (Dynamic/Private ports): 49152 to 65535. These are “temporary passes”. When your browser sends a request to a website, it temporarily opens one of these ports to receive the response back. After the session ends, the port is released.
4. Most Well-Known Ports (The VIP List)
| Port | Protocol | Service | Description |
|---|---|---|---|
| 20/21 | FTP | File Transfer | Good old file transfer. |
| 22 | SSH | Secure Shell | Remote server management (the holy grail of admins). |
| 25 | SMTP | Sending email. | |
| 53 | DNS | Domain Name System | Converts google.com to an IP address. |
| 80 | HTTP | Web | Normal internet without encryption. |
| 443 | HTTPS | Web Secure | Secure internet (with a lock 🔒). |
| 3389 | RDP | Remote Desktop | Windows Remote Desktop. |
1) Email
| Port | Protocol | Description |
|---|---|---|
| 110 | POP3 | Old standard for receiving email (downloads messages to PC). |
| 143 | IMAP | Modern standard (syncs messages between devices). |
| 993 | IMAP (SSL) | Same as 143, but encrypted (secure). |
| 995 | POP3 (SSL) | Same as 110, but encrypted. |
2) Databases
| Port | Service | Description |
|---|---|---|
| 3306 | MySQL / MariaDB | Most popular database in web development. |
| 5432 | PostgreSQL | Very powerful database, the standard for serious enterprise projects. |
| 1433 | MS SQL Server | Microsoft’s database. |
| 27017 | MongoDB | Popular NoSQL database (stores data in documents, not tables). |
| 6379 | Redis | Used for caching (super-fast memory). |
3) Infrastructure: “Invisible Helpers”
| Port | Protocol | Description |
|---|---|---|
| 67 / 68 | DHCP | Thanks to this, your laptop automatically gets an IP address when connecting to Wi-Fi. |
| 123 | NTP | Network Time Protocol. Synchronizes time. Critical for security (if the time on servers differs, authentication may fail). |
| 161 | SNMP | Network management protocol. Allows admins to monitor the status of routers and printers. |
5. Security: Open and Closed Doors
From a security perspective (and this is critical for a career), ports are divided into open and closed.
- Open port — this is a program that is “listening” to the network and waiting for connections. This is a potential security hole. Hackers constantly scan IP addresses for open ports with vulnerable software versions to break in.
- Firewall — this is a guard standing at the entrance saying: “Okay, port 80 can pass, but port 22 will be closed for everyone except Vitaliy.”
Professional tip: A good system administrator only keeps open the ports that are absolutely necessary for the service. Everything else should be blocked (“Default Deny”).