What Is a Network Port?

A port usually means a harbor. In IT, however, the word has a different meaning. A port is like an entrance and exit through which data enters and leaves. This page explains ports in an approachable way.
Tags:

What Is a Port?

A Port Is a Harbor

A port originally means a harbor. A harbor is the space ships need to enter a town, so it acts as the entrance between the sea and the town.

Port

Ports used in IT are similar. At a harbor, it is decided where each item of cargo will be unloaded. Numbering those places makes the process clearer. In the same way, if the entire Internet is the sea and a computer is a town, the place where data arriving from the Internet is unloaded is defined. Data for viewing web pages goes to one harbor number, mail goes to another harbor number, and so on.

Network

This corresponds to a “port.”

When communication is actually performed with TCP or UDP, communication is not handled per computer, but per “program,” that is, per process or thread. Therefore, data must be delivered correctly between processes. At this time, a “port number” is assigned to the communicating process. Processes and threads use this port number to determine which application should communicate with which application.

Building Analogy

Ports are easier to understand if you compare them to a building.

Network communication requires a protocol, an IP address, and a port number.

If an IP address is like the address of a building, a port number is like a “room number.” In a computer network, protocol, IP address, and port number can be rephrased as: “By what method (protocol), to which building (computer, IP), and to which room (port number) should communication be sent?”

Because port numbers are important for communication, opening a port is like opening the door to a specific room. Unless the machine is a server providing a service, unnecessary ports should generally be configured so they remain closed.

More Precisely, a Port Is a Service Window

A port is “a number used to identify a server application” and “a service window provided by a server.” For example, the HTTP protocol commonly uses port 80.

When a port is open, the service window is available. From the server’s point of view, it must keep the window open to provide a service to others. For example, to provide a typical web service over HTTP, port 80 must be opened. This is the work of opening the window required for HTTP communication.

Then what happens if the port remains closed? The server’s window is abandoned. In other words, the service is closed for business and cannot be provided. Therefore, port opening means “opening the window required for each service.”

Common Port Numbers and Protocols

Representative examples of “which protocol operates on which port number” are as follows.

  • TCP 20: FTP (data)
  • TCP 21: FTP (control)
  • TCP 22: SSH
  • TCP 23: Telnet
  • TCP 25: SMTP
  • UDP 53: DNS
  • UDP 67: DHCP (server)
  • UDP 68: DHCP (client)
  • TCP 80: HTTP
  • TCP 110: POP3
  • UDP 123: NTP
  • TCP 443: HTTPS
  • Well-known port numbers: 0-1023

An example involving ports, IP addresses, and protocols is a web server.

On a server published at a specific IP address, an application that follows the HTTP protocol, such as Apache, waits for communication from clients on port 80 and sends web page information in response to requests.

Other services similarly provide services by opening an arbitrary port or a well-known port for an application that implements a protocol on a specific server.

Well-Known Port Numbers

Port numbers actually range from 0 to 65535, but 0 to 1023 are called “well-known port numbers.” As the name suggests, they are well-known port numbers. These numbers are managed by an organization called IANA.

They are reserved port numbers used by major services and protocols in TCP/IP and UDP communication.

Just as 80 is HTTP and 22 is SSH, major services generally have standard port numbers.

It is possible to edit the configuration file for each service and change the listening port number. In some cases, the port number is intentionally changed for security reasons, but in general, use the well-known port numbers.

Registered Port Numbers

Port numbers 1024 to 49151 are also managed by IANA.

They are a group of ports intended for use by specific applications and similar software. IANA accepts registrations and publishes them.

Other Port Numbers

Port numbers 49152 to 65535 can be used freely by users. They do not need to be registered with IANA.

For port numbers, there is no absolute rule for “which service should run on which port,” so they can also be managed, compared, and used arbitrarily.

Port Opening and Security

Leaving a service window open is like leaving a window unlocked. Naturally, this makes the system more likely to be targeted by thieves trying to steal information, that is, crackers.

Because this state is very undesirable, ports must not be opened carelessly. Security measures should be established properly, and only the minimum necessary ports should be opened.

Modern computers have very high processing power, and more applications can remain resident as servers even on personal machines. Applications that function as servers often respond not only to local information but also to information from outside. These server applications inevitably open ports in order to provide services.

However, if a server application has a security vulnerability, in the worst case the server may be taken over or become unable to provide services. Applications that function as servers must be reviewed carefully. In addition, for computers operating as servers, it is necessary to check “which ports are open” and “whether any unintended ports are open.” Before actual operation, it is important to perform a penetration test, actually run a port scan, and understand the current state.