If you’re preparing for a networking, Linux system administration, DevOps, or cybersecurity interview, understanding network ports is a must. Port numbers come up in almost every technical interview because they’re essential for network communication. Yet, many candidates overlook this basic area.

This article covers the top 25 ports you should know by heart, including what each one does, the protocol behind it, and why it matters. Whether you’re a beginner or just need a refresher, this guide is crafted to be simple, practical, and interview-ready.

What Are Network Ports?

Before we get into the list, let’s get a quick grip on what a port really is.

In the networking world, a port is not a physical thing — it’s a virtual channel that allows communication between computers. Think of it like a room number in a hotel. Your IP address is the hotel address, and the port tells the computer which service (room) you’re trying to access.

Each port is assigned a number between 0 and 65535:

Why Do Interviewers Ask About Ports?

Because it tests your understanding of:

  • Which services run on which ports
  • The difference between TCP and UDP
  • How to troubleshoot connectivity issues
  • Security implications of open ports

You’ll often hear questions like:

  • What port does SSH use?
  • How do you check for open ports in Linux?
  • Can you explain the difference between ports 80 and 443?

The Top 25 Ports You Must Know (With Descriptions)

Let’s go over the most common ports you’ll see in interviews and when working with real systems.

Port Protocol Service Name Purpose
20 TCP FTP (Data) Transfers file data (active mode)
21 TCP FTP (Control) Command/control for FTP transfers
22 TCP SSH Secure remote login/file transfer
23 TCP Telnet Remote login (insecure, legacy)
25 TCP SMTP Sending emails
53 TCP/UDP DNS Resolving domain names to IPs
67 UDP DHCP Server Assigns IP addresses
68 UDP DHCP Client Receives DHCP configuration
80 TCP HTTP Standard (insecure) web traffic
110 TCP POP3 Older email retrieval protocol
123 UDP NTP Syncing system time
135 TCP RPC Windows services communication
137 UDP NetBIOS Name Service Windows name lookups
138 UDP NetBIOS Datagram Service Windows browsing
139 TCP NetBIOS Session Service File/printer sharing in older Windows
143 TCP IMAP Email retrieval (modern)
161 UDP SNMP Monitoring routers, switches, etc.
389 TCP/UDP LDAP Centralized authentication (like Active Directory)
443 TCP HTTPS Secure web traffic
445 TCP SMB over TCP Modern Windows file sharing
465 TCP SMTPS Secure SMTP (legacy)
514 UDP Syslog Centralized logging
993 TCP IMAPS Secure IMAP
995 TCP POP3S Secure POP3
3306 TCP MySQL Popular database service
5432 TCP PostgreSQL Open-source SQL database
5900 TCP VNC Remote desktop access (GUI)
6379 TCP Redis In-memory key-value store
8080 TCP HTTP Alternate App servers, proxies
8443 TCP HTTPS Alternate Secure access to custom web apps

Quick Tip: Just remember these four ports: 20/21 for FTP, 22 for SSH, 80 for HTTP, and 443 for HTTPS – these are the most important ones to know.

Port Categories to Make Life Easier

Instead of memorizing all ports randomly, group them:

Category Port(s) Service Name
Remote Access 22 SSH (Secure Shell)
23 Telnet
5900 VNC (Virtual Network Computing)
Email Services 25 SMTP (Simple Mail Transfer Protocol)
110 POP3 (Post Office Protocol)
143 IMAP (Internet Message Access Protocol)
465, 993, 995 SMTPS, IMAPS, POP3S (Secure versions)
Web Services 80 HTTP (HyperText Transfer Protocol)
443 HTTPS (HyperText Transfer Protocol Secure)
8080, 8443 Alternate HTTP/HTTPS (for web apps or proxies)
File Sharing & Transfers 20/21 FTP (File Transfer Protocol)
139/445 SMB (Server Message Block)
3306/5432 MySQL/PostgreSQL (Databases)
Name and Address Services 53 DNS (Domain Name System)
67/68 DHCP (Dynamic Host Configuration Protocol)
123 NTP (Network Time Protocol)
137–139 NetBIOS (Network Basic Input/Output System)
Monitoring and Logging 514 Syslog (System Logging)
161 SNMP (Simple Network Management Protocol)

How to Check Open Ports on a Linux System

Let’s take a closer look at how to check open ports on a Linux system using a command such as ss, netstat, and nmap.

1. Using ss (Modern and Fast)

The ss command (short for socket statistics) is a modern replacement for the older netstat command. It’s designed to be faster and more efficient for listing open ports and network connections.

sudo netstat -tulpn

Explanation of the command:

  • -t: Shows TCP sockets.
  • -u: Shows UDP sockets.
  • -l: Displays only listening sockets (ports that are open and waiting for incoming connections).
  • -p: Shows the process that owns the socket (i.e., which application is using the port).
  • -n: Displays port numbers in numeric form (avoiding the need to resolve them to service names).
List All Listening Ports with Process Details
List All Listening Ports with Process Details

2. Using netstat (Older but Still Common)

The netstat is a legacy command that was widely used before ss gained popularity. It still exists on most Linux distributions and can be useful in situations where ss might not be available, or when you are working with older systems.

sudo netstat -tulpn

Explanation of the command:

  • -t: Displays TCP sockets.
  • -u: Displays UDP sockets.
  • -l: Shows only listening ports (no established connections).
  • -p: Shows the process ID (PID) and the name of the program using the socket.
  • -n: Outputs numerical addresses and ports (instead of resolving them to service names like “http“).
List Open Ports and Listening Services in Linux
List Open Ports and Listening Services in Linux

3. Scanning with nmap

The nmap (Network Mapper) is a powerful tool primarily used for network exploration and security auditing. It can be used to scan your own system or any remote system to find open ports.

Unlike ss and netstat, nmap is usually used for more detailed network scanning and can provide information about external systems as well.

nmap -sT localhost

Explanation of the command:

  • -sT: It tries to make a full connection to each port and checks which ones respond.
  • localhost: Refers to the local machine you want to scan. You can replace localhost with any IP address to scan remote systems.
Scanning Localhost for Open TCP Ports
Scanning Localhost for Open TCP Ports

Security Tip: Why Knowing Ports Helps You Stay Safe

Attackers often use port scanning techniques to identify open ports and find services that may be vulnerable. Understanding which ports are exposed on your system is essential for maintaining security.

Here are a few examples of risks associated with commonly open ports:

  • Port 23 (Telnet): If this port is open, your system could be vulnerable to attacks, as Telnet transmits data, including passwords, in plain text.
  • Port 445 (SMB): This port is often targeted by ransomware and other malware, and leaving it open can give attackers access to sensitive files and resources across your network.

As a Linux or DevOps engineer, it’s your responsibility to proactively secure your system. Here are key strategies to mitigate risks:

  • Close Unused Ports: Keep only the necessary ports open. If a service isn’t being used, it’s safer to close that port.
  • Use Firewalls: Configure firewalls like ufw (Uncomplicated Firewall) or firewalld to restrict which ports can be accessed, ensuring that only authorized traffic reaches your system.
  • Secure Exposed Services with Encryption: For services that need to be accessible, such as SSH or HTTPS, always enforce encryption to protect data in transit from potential eavesdropping.

To block traffic on port 23 (Telnet), use ufw:

sudo ufw deny 23

To deny traffic on port 23 (Telnet), use firewalld:

sudo firewall-cmd --zone=public --add-port=23/tcp --permanent --remove-port=23/tcp

By understanding ports and properly securing them, you minimize the attack surface of your systems, enhancing both their security and performance.

Final Thoughts

Understanding port numbers isn’t just about memorizing them, it’s about knowing how services communicate in Linux and on networks. Once you understand the basics, you’ll be better at troubleshooting, securing your systems, and passing technical interviews.

Similar Posts