Skip to Content
πŸŽ‰ Welcome to my notes πŸŽ‰
Networking10. Understanding Port numbers

πŸšͺ What are Port Numbers?

A port number is a 16-bit number (from 0 to 65535) that identifies a specific application or process on a device. While an IP address gets network traffic to the right computer, the port number gets that traffic to the right application on that computer.

Analogy: If an IP address is the street address of an apartment building, the port number is the specific apartment number. It ensures the delivery goes to the correct resident (application).

πŸ“š Categories of Port Numbers

Ports are divided into three main ranges:

  1. Well-Known Ports (0 - 1023) These are reserved for standard, system-level services. Common examples include:

    • Port 80: HTTP (Standard web traffic)
    • Port 443: HTTPS (Secure web traffic)
    • Port 53: DNS
    • Port 22: SSH (Secure Shell)
    • Port 25: SMTP (Email sending)

  2. Registered Ports (1024 - 49151) These are registered for specific user applications (e.g., many database services use these).

  3. Dynamic or Ephemeral Ports (49152 - 65535) These are used for temporary, outbound connections. When your web browser connects to a website, it uses a random port from this range as its source port.

🀝 How Ports are Used in a Connection

A network connection is defined by a pair of sockets. A socket is the combination of an IP address and a port number.

For example, when you visit google.com:

  • Your Device (Client): Source IP:Source Port (e.g., 192.168.1.10:51234)
  • Google’s Server: Destination IP:Destination Port (e.g., 142.250.196.110:443)

The router uses this full address information to shuttle traffic between your browser and Google’s web server.

πŸ”¬ Sub-Topic: Inspecting Port Numbers with Wireshark

πŸ€” What is Wireshark?

Wireshark is a free and powerful network protocol analyzer. It captures and displays the data packets traveling on your network, allowing you to see what’s happening in real-time.

πŸ” Finding Port Numbers in Wireshark

  1. Start Capture: Open Wireshark, select your active network interface (e.g., β€œWi-Fi”), and start the capture by clicking the shark fin icon.
  2. Generate Traffic: Open a web browser and visit a website.
  3. Stop Capture: Return to Wireshark and click the red square to stop the capture.
  4. Analyze the Packet List: The main window shows all captured packets. Look for traffic involving your computer’s IP address.
  5. Inspect Packet Details:
    • Click on a packet in the list.
    • In the β€œPacket Details” pane below, expand the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) section.
    • Inside, you will clearly see the Source Port and Destination Port for that specific packet of data.
Last updated on
9. Internet Protocol Version 6 (IPv6)11. Network Interfaces and MAC Addresses