TCP/IP Ports

 Used in the Authentication Process

The following table is a comprehensive list of ports used by Windows.

Port

TCP/UDP

Function Description

20

TCP

FTP

21

TCP

FTP

23

TCP

Telnet

25

TCP

IIS SMTP

31

TCP

Netmeeting

42

TCP

WINS Replication

52

TCP

Netmeeting

53

UDP

DNS Name Resolution
SQL TCP lookup

53

TCP

DNS
SQL TCP lookup

67

UDP

DHCP Lease (BOOTP)

68

UDP

DHCP Lease

80

TCP

IIS HTTP

88

UDP

Kerberos

88

TCP

Kerberos

110

TCP

POP3

119

TCP

NNTP

135

TCP

Location Service
RPC
RPC EP Mapper
SQL RPC session mapper
WINS Manager
DHCP Manager
MS DTC

137

UDP

NetBIOS Name Service
SQL RPC Lookup
Logon Sequence
NT 4.0 Trusts
NT 4.0 Secure Channel
Pass Through Validation
Browsing
Printing
SQL Named Pipes lookup

137

TCP

WINS Registration

138

UDP

NetBIOS Datagram Service
Logon Sequence
NT 4.0 Trusts
NT 4.0 Directory Replication
NT 4.0 Secure Channel
Pass Through Validation
NetLogon
Browsing
Printing

139

TCP

NetBIOS Session Service
NBT
SMB
File Sharing
Printing
SQL Named Pipes session
Logon Sequence
NT 4.0 Trusts
NT 4.0 Directory Replication
NT 4.0 Secure Channel
Pass Through Validation
NT 4.0 Administration Tools (Server Manager, User Manager, Event Viewer, Registry Editor, Diagnostics, Performance Monitor, DNS Administration)

161

UDP

SNMP

162

UDP

SNMP Trap

215

TCP

Netmeeting

389

TCP

LDAP

443

TCP

HTTP SSL

445

TCP

SMB or CIFS

464

UDP

Kerberos kpasswd

500

UDP

IPSEC isakmp IKE

531

TCP

IRC

560

TCP

Content Replication Service – Site Server

636

 

LDAP over SSL

731

TCP

Netmeeting

Dynamic

UDP

Netmeeting

888

TCP

Login and Environment Passing

Dynamic

TCP

Directory Replication

1109

TCP

POP with Kerberos

1433

TCP

SQL TCP session

1645

UDP

RADIUS Authentication

1646

UDP

RADIUS Accounting

1723

TCP

PPTP Control Channel (IP Protocol 47 – GRE)

1755

TCP

Netshow

Dynamic

UDP

Netshow

1812

UDP

RADIUS Authentication

1813

UDP

RADIUS Accounting

1863

TCP

MSN Messenger

2053

TCP

Kerberos de-multiplexor

2105

TCP

Kerberos encrypted rlogin

3268

 

Global Catalog LDAP

3269

 

Global Catalog LDAP over SSL

3389

RDP

Terminal Services

8000

TCP

CyberCash (credit gateway)

8001

TCP

CyberCash (admin)

8002

TCP

CyberCash (coin gateway)

10140-10179

TCP

DCOM port range

For all the ports on Windows NT, look on your local computer:

%winnt%/system32/drivers/etc/services

The following table lists common ports.

Authentication
Authentication services verify the identity of a user or device requesting access to a resource.

 

 

SERVICE

TYPE

 

AFS/Kerberos authentication service

TCP Port 7004 - afs3-kaserver

 

AFS/Kerberos authentication service

UDP Port 7004 - afs3-kaserver

 

Authentication Service

TCP Port 113 - ident

 

Authentication Service

UDP Port 113 - ident

 

Certificate Distribution Center

TCP Port 223 - cdc

 

Certificate Distribution Center

UDP Port 223 - cdc

 

Funk Software.

TCP Port 1505 - funkproxy

 

Funk Software.

UDP Port 1505 - funkproxy

 

Login Host Protocol (TACACS)

TCP Port 49 - bbn-login

 

Login Host Protocol (TACACS)

UDP Port 49 - bbn-login

 

TACACS-Database Service

TCP Port 65 - tacacs-ds

 

TACACS-Database Service

UDP Port 65 - tacacs-ds

 

Directory Service/Name Resolution
Directory Services provide name resolution and lookup capabilities, allowing users or devices to locate resources on the network by human readable or well-known names.

 

 

SERVICE

TYPE

 

AppleTalk Name Binding

TCP Port 202 - at-nbp

 

AppleTalk Name Binding

UDP Port 202 - at-nbp

 

Directory Location Service

TCP Port 197 - dls

 

Directory Location Service

UDP Port 197 - dls

 

Directory Location Service Monitor

TCP Port 198 - dls-mon

 

Directory Location Service Monitor

UDP Port 198 - dls-mon

 

Lightweight Directory Access Protocol

TCP Port 389 - ldap

 

Lightweight Directory Access Protocol

UDP Port 389 - ldap

 

Microsoft-DS

TCP Port 445 - microsoft-ds

 

Microsoft-DS

UDP Port 445 - microsoft-ds

 

Microsoft's Windows Internet Name Service

TCP Port 1512 - wins

 

Microsoft's Windows Internet Name Service

UDP Port 1512 - wins

 

NETBIOS Name Service

TCP Port 137 - netbios-ns

 

NETBIOS Name Service

UDP Port 137 - netbios-ns

 

NIC Host Name Server

TCP Port 101 - hostnames

 

NIC Host Name Server

UDP Port 101 - hostnames

 

Prospero Directory Service non-priv

TCP Port 1525 - prospero-np

 

Prospero Directory Service non-priv

UDP Port 1525 - prospero-np

 

Domain Name Server

TCP Port 53 - domain

 

Domain Name Server

UDP Port 53 - domain

 

Host Name Server

TCP Port 42 - nameserver

 

Host Name Server

UDP Port 42 - nameserver

 

HOSTS2 Name Server

TCP Port 81 - hosts2-ns

 

HOSTS2 Name Server

UDP Port 81 - hosts2-ns

 

streettalk

TCP Port 566 - streettalk

 

streettalk

UDP Port 566 - streettalk

 

Encryption

 

 

SERVICE

TYPE

 

Kerberos

TCP Port 750 - kerberos-sec

 

Kerberos

TCP Port 751 - kerberos_master

 

Kerberos

TCP Port 88 - kerberos

 

Kerberos

UDP Port 750 - kerberos-sec

 

Kerberos

UDP Port 751 - kerberos_master

 

Kerberos

UDP Port 88 - kerberos

 

kerberos administration

TCP Port 749 - kerberos-adm

 

kerberos administration

UDP Port 749 - kerberos-adm

 

Kerberos Key Distribution Center

Windows NT Service - Kerberos Key Distribution Center

 

kerberos-master

TCP Port 751 - kerberos-master

 

Remote Access/VPN
Remote Access & VPN services allow users or devices to access remote networks as though they had local connections to that network. This is different from Remote Control Software where users actually assume control of a host on a remote network.

 

 

SERVICE

TYPE

 

any private dial out service

TCP Port 75 -

 

any private dial out service

UDP Port 75 -

 

Apple Remote Access Protocol

TCP Port 3454 - mira

 

IPSEC driver

Windows NT Service - IPSEC driver

 

pptp

TCP Port 1723 - PPTP

 

Routing and Remote Access

Windows NT Service - Routing and Remote Access

 

Shiva

TCP Port 1502 - shivadiscovery

 

Shiva

UDP Port 1502 - shivadiscovery

 

TIA/EIA/IS-99 modem server

TCP Port 380 - is99s

 

TIA/EIA/IS-99 modem server

UDP Port 380 - is99s

 

Routing
Routing protocols allow for the transmission of information between networks. TCP/IP is omitted from this list as it is assumed to be running on all hosts on the network. Protocols other than TCP/IP are important to note as they may indicate extranet support for different types of client operating systems and/or network configurations.

 

 

SERVICE

TYPE

 

AppleTalk Protocol

Windows NT Service - AppleTalk Protocol

 

AppleTalk Routing Maintenance

TCP Port 201 - at-rtmp

 

AppleTalk Routing Maintenance

UDP Port 201 - at-rtmp

 

Appletalk Update-Based Routing Pro.

TCP Port 387 - aurp

 

Appletalk Update-Based Routing Pro.

UDP Port 387 - aurp

 

AppleTalk Zone Information

TCP Port 206 - at-zis

 

AppleTalk Zone Information

UDP Port 206 - at-zis

 

Border Gateway Protocol

TCP Port 179 - bgp

 

Border Gateway Protocol

UDP Port 179 - bgp

 

IPX

TCP Port 213 - ipx

 

IPX

UDP Port 213 - ipx

 

Local routing process (on site)

UDP Port 520 - router