What is an Open Port?
An open port is a TCP or UDP port number that is actively accepting connections or packets. When a port is open, it means a service or application is listening on that port and can potentially communicate with clients.
Port States
| State | Description | Security Implication |
|---|---|---|
| Open | A service is listening and accepting connections | Potential attack surface |
| Closed | Port is accessible but no service is listening | Minimal risk |
| Filtered | A firewall or filter is blocking access | Protected |
Common Open Ports
| Port | Service | Protocol | Description |
|---|---|---|---|
| 22 | SSH | TCP | Secure Shell remote access |
| 80 | HTTP | TCP | Web server (unencrypted) |
| 443 | HTTPS | TCP | Web server (encrypted) |
| 21 | FTP | TCP | File Transfer Protocol |
| 25 | SMTP | TCP | Email sending |
| 3306 | MySQL | TCP | MySQL database |
| 3389 | RDP | TCP | Remote Desktop Protocol |
| 5432 | PostgreSQL | TCP | PostgreSQL database |
| 6379 | Redis | TCP | Redis cache/database |
| 8080 | HTTP-Alt | TCP | Alternative web server |
| 27017 | MongoDB | TCP | MongoDB database |
Security Risks
Open ports can present security risks:
- Attack surface — each open port is a potential entry point for attackers
- Information disclosure — services may reveal version info in banners
- Unauthorized access — misconfigured services may allow unauthenticated access
- Exploitation — services with known CVEs can be exploited remotely
Best Practices
- Only open ports that are strictly necessary
- Use firewalls to restrict access by IP or network
- Regularly scan and audit open ports
- Keep all services updated and patched
- Use strong authentication on all exposed services
Search on Zondex
Use the port: filter to search for specific open ports:
port:22— find all hosts with SSH openport:3389— find all hosts with RDP openport:27017 product:MongoDB— find exposed MongoDB instancesport:6379 product:Redis— find exposed Redis instances