Ports TCP/UDP
Référentiel des ports TCP et UDP courants : numéro, protocole, service, catégorie, description. Filtre instantané par numéro, nom ou catégorie.
| Port | Protocole | Service | Catégorie | Description |
|---|---|---|---|---|
| 20 | TCP | ftp-data | file | FTP — canal de données (mode actif) |
| 21 | TCP | ftp | file | FTP — canal de contrôle |
| 22 | TCP | ssh | remote | SSH — Secure Shell |
| 23 | TCP | telnet | remote | Telnet — accès distant non chiffré (à éviter) |
| 25 | TCP | smtp | SMTP — envoi de mail entre serveurs | |
| 43 | TCP | whois | network | WHOIS |
| 53 | TCP | dns | dns | DNS — résolution de nom (TCP, AXFR/grosses réponses) |
| 53 | UDP | dns | dns | DNS — résolution de nom (UDP, requêtes courantes) |
| 67 | UDP | dhcp-server | network | DHCP — serveur (BOOTP) |
| 68 | UDP | dhcp-client | network | DHCP — client |
| 69 | UDP | tftp | file | TFTP — Trivial FTP (sans authentification) |
| 80 | TCP | http | web | HTTP — protocole web standard |
| 88 | TCP | kerberos | auth | Kerberos — authentification |
| 110 | TCP | pop3 | POP3 — récupération de mail | |
| 113 | TCP | ident | network | ident — identification |
| 115 | TCP | sftp | file | SFTP simple (rarement utilisé, préfère SSH/22) |
| 123 | UDP | ntp | network | NTP — synchronisation horaire |
| 135 | TCP | msrpc | windows | Microsoft RPC endpoint mapper |
| 137 | UDP | netbios-ns | windows | NetBIOS Name Service |
| 138 | UDP | netbios-dgm | windows | NetBIOS Datagram |
| 139 | TCP | netbios-ssn | windows | NetBIOS Session |
| 143 | TCP | imap | IMAP — accès aux mails | |
| 161 | UDP | snmp | network | SNMP — supervision réseau |
| 162 | UDP | snmp-trap | network | SNMP trap — alertes |
| 179 | TCP | bgp | network | BGP — routage Internet |
| 389 | TCP | ldap | auth | LDAP — annuaire |
| 443 | TCP | https | web | HTTPS — HTTP sécurisé via TLS |
| 445 | TCP | smb | file | SMB/CIFS — partage Windows |
| 465 | TCP | smtps | SMTP sur TLS implicite (legacy) | |
| 500 | UDP | isakmp | vpn | IKE — IPsec key exchange |
| 514 | UDP | syslog | network | syslog — logs centralisés |
| 515 | TCP | lpd | LPD — Line Printer Daemon | |
| 520 | UDP | rip | network | RIP — routage local |
| 546 | UDP | dhcpv6-client | network | DHCPv6 — client |
| 547 | UDP | dhcpv6-server | network | DHCPv6 — serveur |
| 548 | TCP | afp | file | AFP — Apple Filing Protocol |
| 554 | TCP | rtsp | media | RTSP — streaming temps réel |
| 587 | TCP | submission | SMTP submission — envoi par client (avec STARTTLS) | |
| 631 | TCP | ipp | IPP / CUPS — impression | |
| 636 | TCP | ldaps | auth | LDAPS — LDAP sur TLS |
| 853 | TCP | dns-tls | dns | DoT — DNS sur TLS (RFC 7858) |
| 853 | UDP | dns-quic | dns | DoQ — DNS sur QUIC (RFC 9250) |
| 873 | TCP | rsync | file | rsync daemon |
| 989 | TCP | ftps-data | file | FTPS — canal de données |
| 990 | TCP | ftps | file | FTPS — canal de contrôle (TLS implicite) |
| 993 | TCP | imaps | IMAP sur TLS implicite | |
| 995 | TCP | pop3s | POP3 sur TLS implicite | |
| 1080 | TCP | socks | security | SOCKS proxy |
| 1194 | UDP | openvpn | vpn | OpenVPN |
| 1433 | TCP | mssql | database | Microsoft SQL Server |
| 1521 | TCP | oracle | database | Oracle Database |
| 1701 | UDP | l2tp | vpn | L2TP |
| 1723 | TCP | pptp | vpn | PPTP (obsolète, peu sécurisé) |
| 1812 | UDP | radius | auth | RADIUS — authentification |
| 1813 | UDP | radius-acct | auth | RADIUS — accounting |
| 1883 | TCP | mqtt | messaging | MQTT — IoT messaging |
| 2049 | TCP | nfs | file | NFS — Network File System |
| 2375 | TCP | docker | devops | Docker daemon (NON sécurisé, à bannir en prod) |
| 2376 | TCP | docker-tls | devops | Docker daemon (TLS) |
| 2377 | TCP | docker-swarm | devops | Docker Swarm — cluster management |
| 3000 | TCP | grafana | monitor | Grafana — dashboards (souvent dev aussi) |
| 3128 | TCP | squid | web | Squid — proxy HTTP |
| 3260 | TCP | iscsi | storage | iSCSI |
| 3306 | TCP | mysql | database | MySQL / MariaDB |
| 3389 | TCP | rdp | remote | RDP — Remote Desktop Protocol Microsoft |
| 3690 | TCP | svn | dev | Subversion (svnserve) |
| 4369 | TCP | epmd | dev | Erlang Port Mapper |
| 4500 | UDP | ipsec-nat-t | vpn | IPsec NAT-T |
| 4789 | UDP | vxlan | network | VXLAN — overlay réseau |
| 5060 | UDP | sip | media | SIP — VoIP signaling |
| 5061 | TCP | sips | media | SIPS — VoIP signaling sur TLS |
| 5222 | TCP | xmpp-client | messaging | XMPP — client (Jabber) |
| 5269 | TCP | xmpp-server | messaging | XMPP — communication serveur |
| 5353 | UDP | mdns | network | mDNS — multicast DNS (Bonjour, Avahi) |
| 5432 | TCP | postgres | database | PostgreSQL |
| 5601 | TCP | kibana | monitor | Kibana — Elasticsearch UI |
| 5672 | TCP | amqp | messaging | AMQP — RabbitMQ |
| 5900 | TCP | vnc | remote | VNC — partage de bureau |
| 5938 | TCP | teamviewer | remote | TeamViewer |
| 5984 | TCP | couchdb | database | CouchDB |
| 6379 | TCP | redis | database | Redis |
| 6443 | TCP | kubernetes | devops | Kubernetes API server |
| 7000 | TCP | cassandra | database | Cassandra — communication inter-nœuds |
| 8000 | TCP | http-alt | web | HTTP alternatif — souvent serveurs de dev |
| 8008 | TCP | http-alt | web | HTTP alternatif |
| 8080 | TCP | http-alt | web | HTTP alternatif — proxies, Tomcat |
| 8086 | TCP | influxdb | monitor | InfluxDB — time series DB |
| 8443 | TCP | https-alt | web | HTTPS alternatif |
| 8888 | TCP | http-alt | web | HTTP alternatif — Jupyter, dev |
| 9001 | TCP | tor | security | Tor — relais |
| 9042 | TCP | cassandra-cql | database | Cassandra — CQL clients |
| 9050 | TCP | tor-socks | security | Tor — proxy SOCKS local |
| 9090 | TCP | prometheus | monitor | Prometheus — metrics scraping |
| 9092 | TCP | kafka | messaging | Apache Kafka |
| 9100 | TCP | jetdirect | HP JetDirect — impression directe (souvent partagé avec node_exporter en monitoring) | |
| 9200 | TCP | elasticsearch | database | Elasticsearch / OpenSearch — REST API |
| 9300 | TCP | elastic-trans | database | Elasticsearch — transport |
| 9418 | TCP | git | dev | git daemon protocol |
| 10000 | TCP | webmin | admin | Webmin — admin web |
| 10050 | TCP | zabbix-agent | monitor | Zabbix agent |
| 10051 | TCP | zabbix-server | monitor | Zabbix server |
| 10250 | TCP | kubelet | devops | Kubernetes kubelet API |
| 11211 | TCP | memcached | database | memcached |
| 25565 | TCP | minecraft | game | Minecraft Java edition |
| 27017 | TCP | mongodb | database | MongoDB |
| 32400 | TCP | plex | media | Plex Media Server |
| 51820 | UDP | wireguard | vpn | WireGuard — VPN moderne |
Aucun port ne correspond à ces critères.