Every time your computer connects to a website, sends email, or joins an online game, it uses a specific network port to direct that traffic to the right application. This free port lookup tool lets you enter any port number (1–65535) or service name and instantly see its protocol (TCP or UDP), what service it belongs to, its security risk level, and whether it should be open or closed on a typical home router. Understanding ports is essential for setting up port forwarding, hardening your router's firewall, and diagnosing why certain applications fail to connect. You can also check our Port Checker to test whether a specific port is actually open on your network right now.
Database covers ~50 well-known ports. For the complete official list, see the IANA Service Name Registry.
A network port is a 16-bit number (0–65535) that acts like an apartment number within a building. The IP address is the building — it tells packets where to go on the network. The port number specifies which application or service inside that address should receive the traffic. Without port numbers, your computer would have no way to separate a web browsing session from an email download happening at the same time — both arrive at the same IP but need to reach different applications.
Ports exist at the transport layer of the TCP/IP model. They are defined in the header of every TCP or UDP packet. When your browser requests a webpage, it connects to the server's IP address on port 80 (HTTP) or 443 (HTTPS). At the same time, your email client might be connecting to the same server on port 993 (IMAP over SSL). Each service listens on its designated port, and your router tracks which outgoing connections belong to which local device using NAT (Network Address Translation).
Port numbers are assigned and standardized by IANA — the Internet Assigned Numbers Authority. Their official registry lists over 9,000 service-to-port assignments. Understanding the most common ones helps when you configure firewall rules, set up a port forwarding rule, or investigate suspicious traffic on your network. To find out your current public IP, use our What Is My IP tool.
Every port operates over either TCP, UDP, or both. The choice of protocol is not arbitrary — it reflects the nature of the service running on that port.
TCP (Transmission Control Protocol) is connection-oriented. Before any data is exchanged, TCP performs a three-way handshake (SYN, SYN-ACK, ACK) to establish a reliable connection. Every packet is acknowledged, and lost packets are retransmitted automatically. This makes TCP ideal for applications where data integrity matters: web browsing, email, file transfer, and SSH. The trade-off is overhead — the handshake and acknowledgment system adds latency.
UDP (User Datagram Protocol) is connectionless. Packets are fired off without establishing a session first, and there is no built-in delivery confirmation. Dropped packets are simply lost. This sounds problematic, but UDP is significantly faster for real-time applications that can tolerate occasional packet loss: DNS lookups, online gaming, video streaming, VoIP calls, and VPN tunnels all commonly use UDP. DNS, for instance, typically completes in milliseconds — adding TCP's handshake overhead would slow it down considerably. Learn more about how DNS works at our What Is DNS guide.
IANA divides the 65,535 available port numbers into three ranges, each serving a distinct purpose:
| Range | Name | Description | Examples |
|---|---|---|---|
| 0 – 1023 | Well-Known Ports | Standardized system services. Require root/admin privileges to bind on Unix systems. | 80 (HTTP), 443 (HTTPS), 22 (SSH), 25 (SMTP) |
| 1024 – 49151 | Registered Ports | Registered by vendors for specific applications. Less strictly controlled. | 3306 (MySQL), 3389 (RDP), 5432 (PostgreSQL), 8080 (HTTP Alt) |
| 49152 – 65535 | Dynamic / Ephemeral | Assigned automatically by the OS for outgoing connections. Change with each session. | Your browser uses these as source ports when connecting to websites |
When you open a website, your browser picks a random ephemeral port (e.g., 52,341) as the source port and connects to the server's destination port 443. The server replies to your IP on port 52,341. Your router's NAT table tracks this mapping so responses reach the right application.
The following table covers the ports you are most likely to encounter on a home or small office network. Ports marked Critical Risk should never be exposed to the public internet without strong justification.
| Port | Protocol | Service | Risk | Home Router |
|---|---|---|---|---|
| 21 | TCP | FTP Control | High | Keep closed — use SFTP instead |
| 22 | TCP | SSH | Medium | Close unless needed; change default port if opened |
| 23 | TCP | Telnet | Critical | Always closed — unencrypted |
| 25 | TCP | SMTP | Medium | ISPs usually block outbound; close on router |
| 53 | TCP/UDP | DNS | Low | Open only on DNS servers; close externally |
| 80 | TCP | HTTP | Low | Open if hosting a web server |
| 443 | TCP | HTTPS | Low | Open if hosting a secure web server |
| 445 | TCP | SMB | Critical | Always closed — WannaCry ransomware target |
| 1194 | UDP | OpenVPN | Low | Open only if running an OpenVPN server |
| 3389 | TCP | RDP | Critical | Never expose to internet without VPN |
| 5000 | TCP | UPnP | High | Disable UPnP on router settings |
| 8080 | TCP | HTTP Alternate | Low | Normal for internal web apps and proxies |
| 25565 | TCP | Minecraft | Low | Open only if hosting a Minecraft server |
| 32400 | TCP | Plex Media | Low | Open only if using Plex remote access |
Online gaming often requires specific ports to be forwarded from your router to your gaming console or PC. Without port forwarding, your NAT type may show as "Strict" or "Moderate," which can cause connection failures, high latency, and inability to host multiplayer sessions. Here are the key ports for popular platforms:
| Platform / Game | Ports to Forward | Protocol |
|---|---|---|
| PlayStation Network | 80, 443, 3478, 3479, 3480 | TCP/UDP |
| Xbox Live | 3074, 53, 80, 500, 3544, 4500 | TCP/UDP |
| Nintendo Switch | 1–65535 (UPnP preferred), or 45000–65535 | UDP |
| Steam | 27015–27030, 27036–27037 | TCP/UDP |
| Minecraft Java | 25565 | TCP |
| Fortnite | 5222, 5795–5847 | UDP |
| Call of Duty | 3074, 27014–27050 | TCP/UDP |
Before manually forwarding ports, try enabling UPnP on your router — many games configure port forwarding automatically when UPnP is active. Check our full guide on how to set up port forwarding for step-by-step instructions for popular router brands. To verify a port is actually open after forwarding, use our Port Checker Tool.
Two ports deserve special attention because they are the most frequently targeted by automated internet scanners, ransomware, and brute-force attacks.
Port 445 — SMB (Server Message Block) is used for Windows file sharing. The 2017 WannaCry ransomware outbreak exploited a vulnerability in SMB (via the EternalBlue exploit) to infect over 230,000 computers in 150 countries in a single day. EternalBlue specifically targeted routers and firewalls that had port 445 exposed to the internet. Even after patching, port 445 should never be accessible from the public internet. If you need remote file access, use a VPN — see our guide on setting up a VPN on your router.
Port 3389 — RDP (Remote Desktop Protocol) is Microsoft's remote desktop service. Internet-facing RDP is scanned continuously by botnets looking for weak passwords, unpatched systems, and credential-stuffing opportunities. Multiple high-profile ransomware groups — including REvil and Dharma — gain initial access primarily through exposed RDP ports. If you must use RDP remotely, always tunnel it through a VPN or at minimum change it from the default port 3389 to a non-standard port, enable Network Level Authentication, and use a strong password. Consider also changing your router admin password and keeping firmware updated as baseline security steps.
Pro Tip: Run a quick audit of your router's port forwarding table every few months. Remove any rules you no longer need — an old Minecraft server entry from two years ago is an unnecessary open door. Log into your router at 192.168.1.1 or 10.0.0.1, find the Port Forwarding section, and delete stale rules. Pair this with MAC address filtering to control which devices can join your network at all.
Key Takeaways
A network port is a numbered endpoint (0–65535) within a device that identifies which application or service should receive incoming network traffic. The IP address routes a packet to the right device; the port number routes it to the right program on that device. For example, port 443 always means HTTPS web traffic, and port 22 always means SSH.
Each IP address has 65,535 TCP ports and 65,535 UDP ports — 131,070 in total per interface. However, the vast majority are unused at any given time. A typical home computer might have only a handful of ports actively listening (e.g., 445 for Windows file sharing, 1900 for UPnP). The rest are available for outgoing connections via dynamic ephemeral ports.
An open port has a process actively listening on it and will accept incoming connections. A closed port is not in use — the device will reply with a TCP RST (reset) packet, which tells the scanner the port is closed but reachable. A filtered port does not respond at all, typically because a firewall is dropping the packets silently. For security, you want only intentionally open ports to accept connections, and all others either closed or filtered.
For most home users, port 80 is not forwarded externally and poses no risk. However, some routers have a remote management interface accessible on port 80 from the internet by default — this should definitely be disabled. Log into your router admin panel, find "Remote Management" or "WAN Access," and disable it. If you are not hosting a public web server, there is no reason for anyone on the internet to reach port 80 on your router's public IP.
UPnP (Universal Plug and Play, port 1900/5000) lets applications on your local network automatically open router ports without requiring manual configuration. While convenient, UPnP has been exploited by malware to silently punch holes in firewalls and by attackers who access UPnP services exposed inadvertently on the WAN. Many security experts recommend disabling UPnP on home routers unless a specific application requires it. Configure ports manually instead.
Not on the same IP address and protocol simultaneously. Port 80/TCP can only be bound by one process at a time on a given IP. However, port 80/TCP and port 80/UDP are separate — a different service could use UDP on the same port number. Additionally, a server with multiple IP addresses can run the same service on each IP using the same port number.
Port scanning means probing a range of ports on a target IP to discover which ones are open and what services they run. Tools like Nmap are widely used for legitimate network administration and security auditing. Port scanning your own network is completely legal and recommended. Scanning someone else's systems without permission is illegal in most jurisdictions and violates most ISP terms of service. Authorized penetration testers scan target systems with written permission only.
 |
 |
 |
 |
About Tommy N.
Tommy is the founder of RouterHax and a network engineer with 10+ years of experience in home and enterprise networking. He specializes in router configuration, WiFi optimization, and network security. When not writing guides, he's testing the latest mesh WiFi systems and helping readers troubleshoot their home networks.
Promotion for FREE Gifts. Moreover, Free Items here. Disable Ad Blocker to get them all.
Once done, hit any button as below
|
|
|
|