Programming

The (almost) interesting history of Port Numbers

Markus

Feb 15, 2024 — 12 min read

Port numbers are the numerical identifiers that allow computers to communicate over the internet. They are assigned to different applications and protocols, such as web browsing, email, file transfer, and so on.

But how did these port numbers come to be?

Who decided which port number belongs to which service?

And are there any interesting stories behind them?

In this article, we will explore the origins and evolution of port numbers, and reveal some of the hidden meanings and mysteries behind them.

The Early Days of Port Numbers

The concept of port numbers dates back to the early days of the internet, when it was still called the ARPANET. The ARPANET was a network of computers that connected research institutions and universities in the United States, funded by the Department of Defense. It was the precursor of the modern internet, and the first network to use the TCP/IP protocol suite.

TCP/IP

The TCP/IP protocol suite is a set of rules and standards that govern how data is transmitted and received over the internet. It consists of four layers: the application layer, the transport layer, the internet layer, and the network access layer.

The port numbers are part of the transport layer, and they are used by two main protocols: TCP and UDP. TCP stands for Transmission Control Protocol, and it is a reliable and ordered way of sending and receiving data. TCP ensures that the packets are delivered without errors, and in the correct sequence. UDP stands for User Datagram Protocol, and it is a fast and simple way of sending and receiving data. UDP does not guarantee that the packets are delivered without errors, or in the correct order, but it is more efficient and suitable for real-time applications, such as video streaming or online gaming.

Origin of port numbers

The port numbers range from 0 to 65535, and they are divided into three categories: well-known ports, registered ports, and dynamic ports.

The well-known ports are the ones from 0 to 1023, and they are reserved for the most common and standardized services and protocols, such as HTTP, FTP, SMTP, DNS, etc.

The registered ports are the ones from 1024 to 49151, and they are assigned to specific applications and protocols by the Internet Assigned Numbers Authority (IANA), which is the organization that oversees the allocation and management of port numbers, IP addresses, and other internet resources.

The dynamic ports are the ones from 49152 to 65535, and they are used for temporary and random purposes, such as client-server communication, peer-to-peer networking, or testing.

The first official list of port numbers was published in 1972, in RFC 322, which stands for Request for Comments. RFCs are the documents that describe the specifications and standards of the internet, and they are written and reviewed by experts and researchers from the internet community. The list contained 23 port numbers, assigned to the following services and protocols:

Port Number	Service/Protocol
1	TCPMUX
5	RJE
7	ECHO
9	DISCARD
11	SYSTAT
13	DAYTIME
15	NETSTAT
17	QUOTE
19	CHARGEN
20	FTP-DATA
21	FTP-CONTROL
23	TELNET
25	SMTP
37	TIME
39	RLP
42	NAMESERVER
43	NICNAME
53	DNS
67	BOOTPS
68	BOOTPC
69	TFTP
79	FINGER
80	HTTP

Some of the numbers are quite obscure

Some of these services and protocols are still widely used today, such as HTTP, FTP, SMTP, and DNS. Others are obsolete or rarely used, such as RJE, RLP, and FINGER. Some of them have interesting names and functions, such as:

TCPMUX: This stands for TCP Port Service Multiplexer, and it is a service that allows multiple applications to share the same port number, by using a special protocol to multiplex and demultiplex the data. For example, if two applications want to use port 80, they can use TCPMUX to send and receive data on port 1, and then use a sub-port number to identify the actual application. TCPMUX is rarely used today, as it is considered insecure and inefficient.
ECHO: This is a service that simply echoes back whatever data it receives. It is used for testing and debugging purposes, to check if the connection is working properly. For example, if you send the message “Hello, world!” to port 7, you will receive the same message back.
QUOTE: This is a service that returns a random quote of the day, from a database of famous or humorous sayings. It is used for entertainment or inspiration purposes, or as a source of fortune cookies. For example, if you send a request to port 17, you might receive a quote like “Be the change that you wish to see in the world. - Mahatma Gandhi” or “Never trust a computer you can’t throw out a window. - Steve Wozniak”.
CHARGEN: This stands for Character Generator, and it is a service that generates a stream of random characters, such as letters, numbers, symbols, etc. It is used for testing and measuring the performance of the network, by sending and receiving large amounts of data. For example, if you connect to port 19, you might receive a stream of characters like “4fU7%$#n@!2h*”.
FINGER: This is a service that allows you to query information about a user on a remote computer, such as their name, email, phone number, login time, etc. It is used for finding and contacting people on the network, or for spying on them. For example, if you send the username “alice” to port 79, you might receive information like “Alice Smith, [email protected], +1 555 1234, logged in since 10:15 AM”.

The Evolution of Port Numbers

As the internet grew and evolved, so did the port numbers. New services and protocols were developed and introduced, and new port numbers were assigned to them by the IANA.

Some of the port numbers were chosen based on logical or technical reasons, such as compatibility, efficiency, or security. Others were chosen based on arbitrary or whimsical reasons, such as personal preference, humor, or coincidence.

Here are some examples of port numbers with original origins:

Port 666: This is the port number for DOOM, which is a video game that allows you to shoot and kill demons in a hellish environment. DOOM was created in 1993 by id Software, a company that pioneered the first-person shooter genre. DOOM was assigned port 666 because it was the number of the beast, and because it was a joke by the developers, who wanted to scare and annoy the network administrators.
Port 42: This is the port number for NAMESERVER, which is a service that provides name resolution for the ARPANET. NAMESERVER was created in 1972 by Elizabeth Feinler, an American information scientist, who led the Network Information Center (NIC) at Stanford Research Institute. Feinler chose port 42 because it was the answer to the ultimate question of life, the universe, and everything, according to the novel The Hitchhiker’s Guide to the Galaxy.
Port 22: This is the port number for SSH, which stands for Secure Shell. SSH is a protocol that allows you to securely access and control a remote computer, using encryption and authentication. SSH was created in 1995 by Tatu Ylönen, a Finnish researcher, who chose port 22 because it was his favorite number, and because it was close to port 23, which was used by Telnet, the insecure predecessor of SSH.

But most standard ports simply took the next available one, such as:

Port 69: This is the port number for TFTP, which stands for Trivial File Transfer Protocol. It was not chosen because of the funny number. TFTP is a protocol that allows you to transfer files between computers, using a simple and minimalistic method. TFTP was created in 1980 by Noel Chiappa, a Canadian computer scientist, who was working on the MIT Multics project. Chiappa chose port 69 because it was the next available port number after port 68, which was used by BOOTP, a protocol that allows you to boot a computer from the network. Nice.
Port 23: This is the port number for Telnet, which stands for Telecommunication Network. Telnet is a protocol that allows you to access and control a remote computer, using plain text commands and responses. Telnet was created in 1969, and it was one of the first protocols of the ARPANET. Telnet was assigned port 23 because it was the next available port number after port 22, which was used by TCPMUX at the time.
Port 80: This is the port number for HTTP, which stands for Hypertext Transfer Protocol. HTTP is the protocol that allows you to access and view web pages, using a web browser and a web server. HTTP was created in 1989 by Tim Berners-Lee, the inventor of the World Wide Web. HTTP was assigned port 80 because it was the next available port number after port 79, which was used by FINGER at the time.
Port 443: This is the port number for HTTPS, which stands for Hypertext Transfer Protocol Secure. HTTPS is the secure version of HTTP, which uses encryption and certificates to protect the data and the identity of the web server and the web browser. HTTPS was created in 1994 by Netscape, the company that developed the first popular web browser. HTTPS was assigned port 443 because it was the next available port number after port 442, which was used by SMSP, a protocol for sending and receiving short messages.

The Mystery of Port Numbers

While most of the port numbers have a clear and logical explanation, some of them remain a mystery or a mystery. Some of them are assigned to services and protocols that are unknown, obsolete, or secretive. Some of them are used for malicious or illegal purposes, such as hacking, spamming, or botnetting. Some of them are just plain weird or funny. Here are some examples of the mystery of port numbers:

Port 0: This is the port number that is reserved for the system, and it is not used by any service or protocol. It is sometimes used as a wildcard, to indicate any or all port numbers. It is also sometimes used as a source port, to indicate that the port number is irrelevant or unknown. Port 0 is also known as the null port, the reserved port, or the black hole port.
Port 7: This is the port number for ECHO, which is a service that simply echoes back whatever data it receives. It is used for testing and debugging purposes, to check if the connection is working properly. However, port 7 is also used by some hackers and attackers, to create a denial-of-service attack, by sending a large amount of data to port 7, and causing the server to echo back the same amount of data, thus overwhelming the network bandwidth and resources.
Port 19: This is the port number for CHARGEN, which is a service that generates a stream of random characters, such as letters, numbers, symbols, etc. It is used for testing and measuring the performance of the network, by sending and receiving large amounts of data. However, port 19 is also used by some hackers and attackers, to create a denial-of-service attack, by sending a large amount of data to port 19, and causing the server to generate the same amount of data, thus overwhelming the network bandwidth and resources.
Port 80: This is the port number for HTTP, which is the protocol that allows you to access and view web pages, using a web browser and a web server. However, port 80 is also used by some hackers and attackers, to hide their malicious activities, by using port 80 as a disguise, and pretending to be a legitimate web service. For example, some malware and viruses use port 80 to communicate with their command and control servers, and to download or upload data, without being detected by firewalls or antivirus software.
Port 31337: This is the port number for Back Orifice, which is a remote administration tool that allows you to access and control a remote computer, without the user’s knowledge or consent. It is used by some hackers and attackers, to spy on, steal, or damage the data and resources of the target computer. Back Orifice was created in 1998 by a group of hackers called the Cult of the Dead Cow, who chose port 31337 because it is the leet speak version of elite, and because it is a high and uncommon port number, that is unlikely to be used by other services or protocols.

The Future of Port Numbers

As the internet grows and evolves, so will the port numbers. New services and protocols will emerge and require new port numbers, and old services and protocols will fade and free up port numbers. The IANA will continue to assign and manage port numbers, and the internet community will continue to create and follow RFCs, to ensure the standardization and interoperability of port numbers.

As the number of services and protocols increases, the number of available port numbers decreases. This leads to port exhaustion. There are only 65536 port numbers, and more than half of them are already assigned or used. This means that there is a risk of running out of port numbers, or having port conflicts, where two or more services or protocols use the same port number. One possible solution to this problem is to use IPv6, which is the new version of the IP protocol, that allows for more IP addresses and more port numbers.

Conclusion

Port numbers are more than just numbers. They are the keys that unlock the doors of the internet. They are the codes that enable the communication and collaboration of the internet.

They are the stories that reveal the history and culture of the internet. Port numbers are the secret language of the internet.

While there unfortunately weren't that many interesting stories found about the origins of the port numbers, a few of them do tell a story.