Well Know Ports vs Registered Ports


Time to remember the very basics of securing Linux. Though you must be knowing this, since your RHCE Training or RHCSS Training, but no harm reading it again.

There are two ranges of ports used for TCP/IP networks: Well-known ports and Registered ports.

The well-known ports are the network services that have been assigned a specific port number (as defined by /etc/services). For example, SMTP is assigned port 25, and HTTP is assigned port 80. Servers listen on the network for requests at the well-known ports.

Registered ports are temporary ports, usually used by clients, and will vary each time a service is used. Registered ports are also called ephemeral ports, because they last for only a brief time.The port is then abandoned and can be used by other services.

Well-known Ports range = 1–1023
Registered Port range = 1024–65535

As a rule of thumb, always remember.

Connections to ports number 1023 and below are assumed to run with root-level privileges. This means that un-trusted services should never be configured with a port number below 1024.