Port Number Reference

You're staring at a firewall rule asking for port 5432 and trying to remember if that's PostgreSQL or something else. Type the number, see the service. Or type the service name and find every port it commonly listens on.

Covers the common ones — HTTP (80), HTTPS (443), SSH (22), RDP (3389), the database ports (5432, 3306, 27017, 6379), email (25, 465, 587, 993, 995), and well-known dev tools (3000, 8000, 8080, 5173). Also the registered ports for less common services where the IANA assignment is the canonical answer.

If a port is commonly used for two things (looking at you, 8080), both are listed with context.

Port numbers occupy three rough zones. Well-known ports (0–1023) are reserved by IANA for established services — port 22 for SSH, 80 for HTTP, 443 for HTTPS, 25 for SMTP, 53 for DNS. Registered ports (1024–49151) are formally registered with IANA for specific applications, like 5432 for PostgreSQL or 27017 for MongoDB. Dynamic or ephemeral ports (49152–65535) are what your operating system assigns to outbound client connections — when your browser opens a connection to a website on port 443, it picks a random source port in this range to receive the response.

A worked example: you're debugging a connection issue and `netstat` shows your machine has 47 ephemeral connections to remote port 443. That's normal — every tab, every API call, every CDN request opens a new TCP connection, each with its own ephemeral source port. If you saw 47 inbound connections to local port 443, you'd be running an HTTPS server. The direction matters; the high-numbered end of the connection is usually the client, the well-known end is usually the server.

For the privileged port distinction: traditional Unix systems require root (or the equivalent capability) to bind to ports below 1024. The original idea was that low ports run trusted services. Modern containerized apps mostly avoid this restriction by running on high ports inside the container and using a reverse proxy (nginx, Caddy, ingress controllers) that does have port-80 access to forward incoming traffic. So a Node app inside a container might listen on 3000; the proxy forwards 443 to it. From the user's perspective, they hit port 443; from the app's perspective, it never needed root.

Where confusion appears: services that 'usually' run on a port aren't required to. Port 80 is the convention for HTTP but you can run HTTP on any port (which is why `http://example.com:8080` works). Conversely, port 80 isn't always HTTP — it could be running anything if the admin chose. The reference shows IANA's canonical assignments and common deviations, but treat 'this port runs X' as 'this port usually runs X.' Always confirm with the actual service before assuming.