I.T. security professionals need to have a solid understanding of common port numbers and the protocols associated with each one. The best way to learn about these ports is to get hands-on with the protocols listed below.

The following list doesn’t cover every port you will ever need to know, but instead is a list of the ports I studied when preparing to take the CompTIA Security+ exam. There might be a few missing here that you should in fact know, and there may be extra ports here that you wouldn’t really need to know for the Security+ exam, but it wouldn’t hurt to learn them as well! This isn’t meant to be an exhaustive list, but instead one resource among many that you can use to gain knowledge.

I recommend making physical flash cards and creating a “memory palace” that connects each port number to an idea that make sense for you. For example, I remember Telnet is TCP port 23 because Michael Jordan’s number was 23 and he always hits nothing but “net.” To someone who doesn’t like basketball, that might not help. This is why you should connect the protocols and ports to ideas that resonate with you!

All ports are TCP unless specified:

• 20-21 FTP

• 22 SSH and SFTP and SCP

• 23 Telnet

• 25 SMTP

• 49 TACACS

• 53 DNS

• 67/68 DHCP (UDP)

• 69 TFTP (UDP)

• 80 HTTP

• 88 Kerberos (TCP/UDP)

• 110 POP3

• 123 NTP (UDP)

• 137 NetBIOS

• 143 IMAP4

• 161 SNMP (UDP)

• 162 SNMP Trap (TCP/UDP)

• 179 BGP

• 389 LDAP (TCP/UDP)

• 443 HTTPS (HTTP over SSL)

• 500 ISAKMP VPN (UDP)

• 514 Syslog (UDP)

• 636 LDAPS (LDAP over SSL)

• 989 FTP over SSL

• 990 FTPS

• 993 IMAP over SSL

• 1701 L2TP (UDP)

• 3389 RDAP (TCP/UDP)