Commonly used default port numbers

In recent times databases have been breached not by SQL injection, but simply due to the fact that databases or admin interfaces were directly exposed to the internet. With SecBot you can test that the ports where your database or admin interface are listening are not exposed to the internet.

Ports are sorted by technology. Other ports might be used. It’s often best to check the corresponding manual. The application (e.g. a database) might not use all ports at the same time.

Relational databases

Database	Port(s)	Doc
MaxDB	7210	Doc
MySQL	3306	Doc
Oracle DB	1521, 1830	Doc
PostgreSQL	5432	Doc
SQL Server (MSSQL)	1433, 1434	Doc

NoSQL databases and other data stores

Database	Port(s)	Doc
ArangoDB	8529	Doc
Cassandra	7000, 7001, 9042	Doc
CouchDB	5984	Doc
Elasticsearch	9200, 9300	Doc
MongoDB	27017, 27018, 27019, 28017	Doc
Neo4J	7473, 7474	Doc
Redis	6379	Doc
Riak	8087, 8098	Doc
RethinkDB	8080, 28015, 29015	Doc
Solr	7574, 8983	Doc

Web application servers

Server	Port(s)	Doc
JBoss EAP	3528, 3529, 4447, 8009, 8080, 8443, 9990, 9999, …	Doc
Jetty	8080	Doc
Tomcat	8005, 8009, 8080	Doc
WildFly	4712, 4713, 8009, 8080, 8443, 9990, 9993	Doc
WebLogic	5556, 7001, 7002, 8001, …	Doc
WebSphere	8008, 9043, 9060, 9080, 9443, …	Doc

Configuration stores and container managers

Service	Port(s)	Doc
Consul	8300, 8301, 8302, 8400, 8500, 8600	Doc
etcd	2379, 2380	Doc
Kubernetes	6443, 8080	Doc
Mesos	5050, 5051	Doc
ZooKeeper	2181, 2888, 3888	Doc

Protocols

Protocol	Port(s)
DNS	53
DNS over TLS	853
FTP	20, 21
FTPS (FTP over SSL)	989, 990
HTTP	80
HTTPS	443
IMAP	143
IMAPS (IMAP over SSL)	993
Kerberos	543, 544, 749 - 754, 760
LDAP	389
NetBIOS	137, 138, 139
NFS (Network File System)	944
NTP	123
RPC	530
Remote Shell (rsh)	514
rsync	873
SMB	445
SNMP	161, 162, 199
SSH	22
Telnet	23, 992
SMTP	25
SMTP over TLS	465
WHOIS	43