Skip to content

Commonly used default port numbers

Prevent loss of sensitive data

In recent times databases have been breached not by SQL injection, but simply due to the fact that databases or admin interfaces were directly exposed to the internet. With SecBot you can test that the ports where your database or admin interface are listening are not exposed to the internet.

Ports are sorted by technology. Other ports might be used. It's often best to check the corresponding manual. The application (e.g. a database) might not use all ports at the same time.


Relational databases

Database Port(s) Doc
MaxDB 7210 Doc
MySQL 3306 Doc
Oracle DB 1521, 1830 Doc
PostgreSQL 5432 Doc
SQL Server (MSSQL) 1433, 1434 Doc

NoSQL databases and other data stores

Database Port(s) Doc
ArangoDB 8529 Doc
Cassandra 7000, 7001, 9042 Doc
CouchDB 5984 Doc
Elasticsearch 9200, 9300 Doc
MongoDB 27017, 27018, 27019, 28017 Doc
Neo4J 7473, 7474 Doc
Redis 6379 Doc
Riak 8087, 8098 Doc
RethinkDB 8080, 28015, 29015 Doc
Solr 7574, 8983 Doc

Web application servers

Server Port(s) Doc
JBoss EAP 3528, 3529, 4447, 8009, 8080, 8443, 9990, 9999, ... Doc
Jetty 8080 Doc
Tomcat 8005, 8009, 8080 Doc
WildFly 4712, 4713, 8009, 8080, 8443, 9990, 9993 Doc
WebLogic 5556, 7001, 7002, 8001, ... Doc
WebSphere 8008, 9043, 9060, 9080, 9443, ... Doc

Configuration stores and container managers

Service Port(s) Doc
Consul 8300, 8301, 8302, 8400, 8500, 8600 Doc
etcd 2379, 2380 Doc
Kubernetes 6443, 8080 Doc
Mesos 5050, 5051 Doc
ZooKeeper 2181, 2888, 3888 Doc

Protocols

Protocol Port(s)
DNS 53
DNS over TLS 853
FTP 20, 21
FTPS (FTP over SSL) 989, 990
HTTP 80
HTTPS 443
IMAP 143
IMAPS (IMAP over SSL) 993
Kerberos 543, 544, 749 - 754, 760
LDAP 389
NetBIOS 137, 138, 139
NFS (Network File System) 944
NTP 123
RPC 530
Remote Shell (rsh) 514
rsync 873
SMB 445
SNMP 161, 162, 199
SSH 22
Telnet 23, 992
SMTP 25
SMTP over TLS 465
WHOIS 43