Sticky Banner Visual Mobile 3

Don't miss the Spring Deal: Save up to 78% before April 21.

Don't miss the Spring Deal: Save up to 78% before April 21. Claim now!

Claim Now!
Sticky Banner Visual Mobile 3

Spring deal: Save up to 78% — Offer ends in

Spring Deal: Save up to 78%

Claim Now!

Expressvpn Glossary

Network port

Network port

What is a network port?

A network port is a logical endpoint on a device that enables data exchange over a network. Each port is identified by a port number associated with a specific service and protocol.

How does a network port work?

When data travels across a network, port numbers help ensure it reaches the right application. Here’s how that works:

  1. The client starts the connection using an ephemeral port: When a website or app is opened, the device assigns a temporary port to identify the connection.
  2. The request passes through network controls (firewalls and routers): As the data travels, devices like firewalls can allow or block traffic based on port numbers and protocols. Network address translation (NAT) routers may also remap ports to route traffic between private and public networks.
  3. A server listens on a well-known port: The request reaches a server that’s “listening” on a specific port, e.g., port 80 (HTTP) or 443 (HTTPS).
  4. Ports ensure that data reaches the right application: When the server (and later the client) receives data, the operating system uses the port number to deliver it to the correct application.Visual showing how network ports help data reach its destination.

Network port ranges and types

  • System ports (0–1023): Reserved for widely used protocols and core internet services. Examples include port 80 for HTTP and port 443 for HTTPS.
  • Registered ports (1024–49151): Assigned to companies, software vendors, or specific applications for their services. For example, some proprietary applications or enterprise tools operate on ports within this range.
  • Dynamic or ephemeral ports (49152–65535): Temporary ports automatically assigned by a device’s operating system when it initiates an outgoing connection. These ports are typically used on the client side and are released once the connection ends.

Port numbers are tied to a specific protocol (Transmission Control Protocol (TCP) or User Datagram Protocol (UDP)). This means that TCP port 443 (for HTTPS traffic) and UDP port 443 are separate communication endpoints, and firewalls and operating systems will treat them independently.

Network ports can be:

  1. Open: A service is running on the port, which is listening for incoming traffic and will respond to requests.
  2. Closed: No service is running, and the port’s only response to requests is that it’s unavailable.
  3. Filtered: A firewall blocks traffic access to the port, potentially making the device unresponsive.

Where are network ports used?

Network ports are used by different internet services and applications to send and receive data. Each type of service typically communicates through specific port numbers so devices know which application should handle incoming traffic.

  • Web browsing: HTTP (port 80) or HTTPS (port 443).
  • Remote access: Secure Shell (SSH, port 22) or Remote Desktop Protocol (RDP, port 3389).
  • Email: Simple Mail Transfer Protocol (SMTP, port 587), Internet Message Access Protocol (IMAP, 993), and Post Office Protocol 3 (POP3, 995).
  • Domain Name System (DNS): Lookups and responses (port 53).
  • Voice over Internet Protocol (VoIP), gaming, and streaming apps: Specific ports send and receive audio, video, and interactive data.

Risks and privacy concerns

Each open network port increases a service’s potential attack surface because it accepts incoming connections. Some legacy protocols associated with older ports lack modern encryption and may expose data if not properly secured.

Filtered ports (blocked by a firewall) can also reveal limited network details, such as the existence of a firewall or filtering rules. However, port scanning can reveal exposed or misconfigured services, helping identify and reduce unnecessary exposure.

Further reading

FAQ

Is a port the same as an IP address?

No; an IP address identifies a device on the network and tells incoming data where to go, while a port number identifies a specific service or application on the device.

What does it mean when a port is “open”?

It means that the port accepts incoming traffic and forwards the data to a specific service running on the device. If the service running on that port is misconfigured or lacks proper security controls, the open port can increase the risk of unauthorized access.

What’s the difference between TCP and UDP ports?

Transmission Control Protocol (TCP) uses ports for connection-based communication, which ensures reliable and error-checked data delivery, while User Datagram Protocol (UDP) uses ports for connectionless communication where transmission speed matters more than data integrity.
Get Started