Well-Known Ports (0-1023): Complete Overview and IANA Assignments
Overview of the well-known port range 0-1023 assigned by IANA. Covers system port requirements, root privileges, and the most important services.
Detailed Explanation
Well-Known Ports (0-1023)
Well-known ports, also called system ports, form the foundation of internet communication. They are assigned by the Internet Assigned Numbers Authority (IANA).
Characteristics
- Range: 0 to 1023
- Assignment: Centrally managed by IANA
- Privileges: On Unix/Linux, binding to ports below 1024 requires root (superuser) privileges or the
CAP_NET_BIND_SERVICEcapability - Convention: Most critical internet services live in this range
Top 20 Well-Known Ports
| Port | Service | Protocol | Category |
|---|---|---|---|
| 20/21 | FTP | TCP | File Transfer |
| 22 | SSH | TCP | Remote Access |
| 23 | Telnet | TCP | Remote Access (deprecated) |
| 25 | SMTP | TCP | |
| 53 | DNS | TCP/UDP | Name Resolution |
| 67/68 | DHCP | UDP | Network Config |
| 69 | TFTP | UDP | File Transfer |
| 80 | HTTP | TCP | Web |
| 88 | Kerberos | TCP/UDP | Authentication |
| 110 | POP3 | TCP | |
| 119 | NNTP | TCP | Newsgroups |
| 123 | NTP | UDP | Time Sync |
| 135 | MS RPC | TCP/UDP | Windows RPC |
| 143 | IMAP | TCP | |
| 161/162 | SNMP | UDP | Monitoring |
| 179 | BGP | TCP | Routing |
| 389 | LDAP | TCP/UDP | Directory |
| 443 | HTTPS | TCP | Web (Encrypted) |
| 445 | SMB | TCP | File Sharing |
| 636 | LDAPS | TCP | Directory (Encrypted) |
Running Services Without Root
Modern Linux provides alternatives to running services as root:
# Grant capability to bind to privileged ports
sudo setcap 'cap_net_bind_service=+ep' /usr/bin/your-app
# Use systemd socket activation
[Socket]
ListenStream=80
# Use a reverse proxy (nginx/caddy on 80 → app on 8080)
Security Implications
Well-known ports are heavily scanned by attackers. Best practices:
- Close all unused well-known ports
- Use
fail2banor similar for SSH (22) - Redirect HTTP (80) to HTTPS (443)
- Disable legacy services (Telnet 23, FTP 21) when not needed
Use Case
Performing a security audit of a server to identify which well-known ports are open, closing unnecessary services, and configuring a reverse proxy to avoid running application code as root.
Try It — Port Number Reference
Related Topics
Registered Ports (1024-49151): Application and Service Ports
Port Ranges
Dynamic/Ephemeral Ports (49152-65535): Client-Side Connections
Port Ranges
Security-Related Ports: LDAP, Kerberos, RADIUS, and More
Security
Web Server Ports: HTTP (80), HTTPS (443), and Alternatives
Web Servers
SSH and Remote Access Ports: SSH (22), RDP (3389), VNC (5900)
Remote Access