|
Port |
TCP or UDP |
Service or Protocol Name |
RFC |
Service Name |
Used by / Additional information |
|
7 |
TCP/UDP |
echo |
792 |
echo |
- |
|
20 |
TCP |
File Transport Protocol (FTP) |
959 |
ftp-data |
- |
|
21 |
TCP |
FTP control |
959 |
ftp |
- |
|
22 |
TCP |
Secure Shell (SSH) |
4253 |
ssh |
Xcode Server (hosted and remote Git+SSH; remote SVN+SSH) |
|
23 |
TCP |
Telnet |
854 |
telnet |
- |
|
25 |
TCP |
Simple Mail Transfer Protocol (SMTP) |
5321 |
smtp |
Mail (for sending email); iCloud Mail (sending) |
|
53 |
TCP/UDP |
Domain Name System (DNS) |
1034 |
domain |
MacDNS, FaceTime |
|
67 |
UDP |
Bootstrap Protocol Server (BootP, bootps) |
951 |
bootps |
NetBoot via DHCP |
|
68 |
UDP |
Bootstrap Protocol Client (bootpc) |
951 |
bootpc |
NetBoot via DHCP |
|
69 |
UDP |
Trivial File Transfer Protocol (TFTP) |
1350 |
tftp |
- |
|
79 |
TCP |
Finger |
1288 |
finger |
- |
|
80 |
TCP |
Hypertext Transfer Protocol (HTTP) |
2616 |
http |
World Wide Web, iCloud, QuickTime Installer, iTunes Store and Radio, OS X Software Update (OS X Lion and earlier), Mac App Store, RAID Admin, Backup, Calendar, WebDAV, Final Cut Server, AirPlay, OS X Internet Recovery, Profile Manager, Xcode Server (Xcode app, hosted and remote Git HTTP, remote SVN HTTP). |
|
88 |
TCP |
Kerberos |
4120 |
kerberos |
- |
|
106 |
TCP |
Password Server |
- |
3com-tsmux |
Mac OS X Server Password Server |
|
110 |
TCP |
Post Office Protocol (POP3) |
1939 |
pop3 |
Mail (for receiving email) |
|
111 |
TCP/UDP |
Remote Procedure Call (RPC) |
1057, 1831 |
sunrpc |
Portmap (sunrpc) |
|
113 |
TCP |
Identification Protocol |
1413 |
ident |
- |
|
115 |
TCP |
Simple File Transfer Protocol (SFTP) |
913 |
sftp |
- |
|
119 |
TCP |
Network News Transfer Protocol (NNTP) |
3977 |
nntp |
Used by applications that read newsgroups. |
|
123 |
TCP/UDP |
Network Time Protocol (NTP) |
1305 |
ntp |
Date & Time preferences. Used for network time server synchronization, AppleTV Network Time Server Sync |
|
137 |
UDP |
Windows Internet Naming Service (WINS) |
- |
netbios-ns |
- |
|
138 |
UDP |
NETBIOS Datagram Service |
- |
netbios-dgm |
Windows Datagram Service, Windows Network Neighborhood |
|
139 |
TCP |
Server Message Block (SMB) |
- |
netbios-ssn |
Used by Microsoft Windows file and print services, such as Windows Sharing in Mac OS X. |
|
143 |
TCP |
Internet Message Access Protocol (IMAP) |
3501 |
imap |
Mail (for receiving email) |
|
161 |
UDP |
Simple Network Management Protocol (SNMP) |
1157 |
snmp |
- |
|
192 |
UDP |
OSU Network Monitoring System |
- |
osu-nms |
AirPort Base Station PPP status or discovery (certain configurations), AirPort Admin Utility, AirPort Express Assistant |
|
311 |
TCP |
Secure server administration |
- |
asip-webadmin |
Server app, Server Admin, Workgroup Manager, Server Monitor, Xsan Admin. |
|
312 |
TCP |
Xsan administration |
- |
vslmp |
Xsan Admin (OS X Mountain Lion v10.8 and later) |
|
389 |
TCP |
Lightweight Directory Access Protocol (LDAP) |
4511 |
ldap |
Used by applications that look up addresses, such as Mail and Address Book. |
|
427 |
TCP/UDP |
Service Location Protocol (SLP) |
2608 |
svrloc |
Network Browser |
|
443 |
TCP |
Secure Sockets Layer (SSL, or "HTTPS") |
2818 |
https |
TLS websites, iTunes Store, OS X Software Update (Mountain Lion and later), Mac App Store, FaceTime, Game Center, iCloud authentication and DAV Services (Contacts, Calendars, and Bookmarks), iCloud backup and applications (Calendars, Contacts, Find My iPhone/Find My Friends, Mail, Documents & Photo Stream), iCloud Key Value Store (KVS), iPhoto Journals, AirPlay, OS X Internet Recovery, Profile Manager, Back to My Mac, Dictation, Xcode Server (hosted and remote Git HTTPS, remote SVN HTTPS, Apple Developer registration). |
|
445 |
TCP |
Microsoft SMB Domain Server |
- |
microsoft-ds |
- |
|
464 |
TCP/UDP |
kpasswd |
3244 |
kpasswd |
- |
|
465 |
TCP |
Message Submission for Mail (Authenticated SMTP) |
|
smtp (legacy) |
Mail (for sending mail) |
|
500 |
UDP |
ISAKMP/IKE |
2408 |
isakmp |
OS X Server VPN service, Back to My Mac |
|
500 |
UDP |
Wi-Fi Calling |
5996 |
IKEv2 |
Wi-Fi Calling |
|
514 |
TCP |
shell |
- |
shell |
- |
|
514 |
UDP |
Syslog |
- |
syslog |
- |
|
515 |
TCP |
Line Printer (LPR), Line Printer Daemon (LPD) |
- |
printer |
Used for printing to a network printer, Printer Sharing in Mac OS X |
|
532 |
TCP |
netnews |
- |
netnews |
- |
|
548 |
TCP |
Apple Filing Protocol (AFP) over TCP |
- |
afpovertcp |
AppleShare, Personal File Sharing, Apple File Service |
|
554 |
TCP/UDP |
Real Time Streaming Protocol (RTSP) |
2326 |
rtsp |
QuickTime Streaming Server (QTSS), streaming media players, AirPlay |
|
587 |
TCP |
Message Submission for Mail (Authenticated SMTP) |
4409 |
submission |
Mail (for sending mail), iCloud Mail (SMTP authentication) |
|
600-1023 |
TCP/UDP |
Mac OS X RPC-based services |
- |
ipcserver |
Used by NetInfo, for example |
|
623 |
UDP |
Lights-Out-Monitoring |
- |
asf-rmcp |
Used by Intel Xserves' Lights-Out-Monitoring (LOM) feature; used by Server Monitor |
|
625 |
TCP |
Open Directory Proxy (ODProxy) (Unregistered Use) |
- |
dec_dlm |
Open Directory, Server app, Workgroup Manager; DirectoryServices in OS X Lion and earlier. Note: This port is registered to DEC DLM. |
|
626 |
TCP |
AppleShare Imap Admin (ASIA) |
- |
asia |
IMAP Administration (Mac OS X Server v10.2.8 or earlier) |
|
626 |
UDP |
serialnumberd (Unregistered Use) |
- |
asia |
Server serial number registration (Xsan, Mac OS X Server v10.3 - v10.6) |
|
631 |
TCP |
Internet Printing Protocol (IPP) |
2910 |
ipp |
Mac OS X Printer Sharing, Printing to many common printers |
|
636 |
TCP |
Secure LDAP |
- |
ldaps |
- |
|
660 |
TCP |
Server administration |
- |
mac-srvr-admin |
Server administration tools for Mac OS X Server v10.4 and earlier, including AppleShare IP. |
|
687 |
TCP |
Server administration |
- |
asipregistry |
Server administration tools for Mac OS X Server v10.6 and earlier, including AppleShare IP. |
|
749 |
TCP/UDP |
Kerberos 5 admin/changepw |
- |
kerberos-adm |
- |
|
985 |
TCP |
NetInfo Static Port |
- |
- |
- |
|
993 |
TCP |
Mail IMAP SSL |
- |
imaps |
iCloud Mail (SSL IMAP) |
|
995 |
TCP/UDP |
Mail POP SSL |
- |
pop3s |
- |
|
1085 |
TCP/UDP |
WebObjects |
- |
webobjects |
- |
|
1099 & 8043 |
TCP |
Remote RMI and IIOP Acess to JBOSS |
- |
rmiregistry |
- |
|
1220 |
TCP |
QT Server Admin |
- |
qt-serveradmin |
Used for administration of QuickTime Streaming Server. |
|
1640 |
TCP |
Certificate Enrollment Server |
- |
cert-responder |
Profile Manager, SCEP |
|
1649 |
TCP |
IP Failover |
- |
kermit |
- |
|
1701 |
UDP |
L2TP |
- |
l2f |
Mac OS X Server VPN service |
|
1723 |
TCP |
PPTP |
- |
pptp |
Mac OS X Server VPN service |
|
1900 |
UDP |
SSDP |
- |
ssdp |
Bonjour, Back to My Mac |
|
2049 |
TCP/UDP |
Network File System (NFS) (version 3 and 4) |
3530 |
nfsd |
- |
|
2195 |
TCP |
Apple Push Notification Service (APNS) |
- |
- |
Push notifications |
|
2196 |
TCP |
Apple Push Notification Service (APNS) |
- |
- |
Feedback service |
|
2336 |
TCP |
Mobile account sync |
- |
appleugcontrol |
Home directory synchronization |
|
3004 |
TCP |
iSync |
- |
csoftragent |
- |
|
3031 |
TCP/UDP |
Remote AppleEvents |
- |
eppc |
Program Linking, Remote Apple Events |
|
3283 |
TCP/UDP |
Net Assistant |
- |
net-assistant |
Apple Remote Desktop 2.0 or later (Reporting feature) |
|
3306 |
TCP |
MySQL |
- |
mysql |
- |
|
3478-3497 |
UDP |
- |
- |
nat-stun-port - ipether232port |
FaceTime, Game Center |
|
3632 |
TCP |
Distributed compiler |
- |
distcc |
- |
|
3659 |
TCP/UDP |
Simple Authentication and Security Layer (SASL) |
- |
apple-sasl |
Mac OS X Server Password Server |
|
3689 |
TCP |
Digital Audio Access Protocol (DAAP) |
- |
daap |
iTunes Music Sharing, AirPlay |
|
3690 |
TCP/UDP |
Subversion |
- |
svn |
Xcode Server (anonymous remote SVN) |
|
4111 |
TCP |
XGrid |
- |
xgrid |
- |
|
4398 |
UDP |
- |
- |
- |
Game Center |
|
4488 |
TCP |
Apple Wide Area Connectivity Service |
|
awacs-ice |
Back To My Mac |
|
4500 |
UDP |
IPsec NAT Traversal |
4306 |
ipsec-msft |
OS X Server VPN service, Back to My Mac. Note: Configuring Back to My Mac on an AirPort Base Station or Time Capsule in NAT mode will impede connectivity to an OS X Server VPN service behind that NAT. |
|
4500 |
UDP |
Wi-Fi Calling |
5996 |
IKEv2 |
Wi-Fi Calling |
|
5003 |
TCP |
FileMaker - name binding and transport |
- |
fmpro-internal |
- |
|
5009 |
TCP |
(Unregistered Use) |
- |
winfs |
AirPort Utility, AirPort Express Assistant |
|
5060 |
UDP |
Session Initiation Protocol (SIP) |
3261 |
sip |
iChat |
|
5100 |
TCP |
- |
- |
socalia |
Mac OS X camera and scanner sharing |
|
5190 |
TCP/UDP |
America Online (AOL) |
- |
aol |
iChat and AOL Instant Messenger, file transfer |
|
5222 |
TCP |
XMPP (Jabber) |
3920 |
jabber-client |
iChat and Jabber messages |
|
5223 |
TCP |
Apple Push Notification Service |
- |
- |
iCloud DAV Services (Contacts, Calendars, and Bookmarks), APNS, FaceTime, Game Center, Photo Stream, Back to My Mac |
|
5269 |
TCP |
XMPP server-to-server communication |
3920 |
jabber-server |
iChat Server |
|
5297 |
TCP |
- |
- |
- |
iChat (local traffic) |
|
5298 |
TCP/UDP |
- |
- |
- |
iChat (local traffic) |
|
5350 |
UDP |
NAT Port Mapping Protocol Announcements |
- |
- |
Bonjour, Back to My Mac |
|
5351 |
UDP |
NAT Port Mapping Protocol |
- |
nat-pmp |
Bonjour, Back to My Mac |
|
5353 |
UDP |
Multicast DNS (MDNS) |
3927 |
mdns |
Bonjour, AirPlay, Home Sharing, Printer Discovery, Back to My Mac |
|
5432 |
TCP |
PostgreSQL |
- |
postgresql |
May be enabled manually on Lion Server. Previously enabled by default for ARD 2.0 Database. |
|
5678 |
UDP |
SNATMAP server |
- |
rrac |
The SNATMAP service on port 5678 is used to determine the external Internet address of hosts so that connections between iChat users can properly function behind network address translation (NAT). The SNATMAP service simply communicates to clients the Internet address that connected to it. This service runs on an Apple server, but does not send personal information to Apple. When certain iChat AV features are used, this service will be contacted. Blocking this service may cause issues with iChat AV connections with hosts on networks that use NAT. |
|
5897-5898 |
UDP |
(Unregistered Use) |
- |
- |
xrdiags |
|
5900 |
TCP |
Virtual Network Computing (VNC) |
- |
vnc-server |
Apple Remote Desktop 2.0 or later (Observe/Control feature) |
|
5988 |
TCP |
WBEM HTTP |
- |
wbem-http |
Apple Remote Desktop 2.x (seehttp://dmtf.org/standards/wbem) |
|
6970-9999 |
UDP |
- |
- |
- |
QuickTime Streaming Server |
|
7070 |
TCP |
RTSP (Unregistered Use) |
- |
arcp |
QuickTime Streaming Server (RTSP) |
|
7070 |
UDP |
RTSP alternate |
- |
arcp |
QuickTime Streaming Server |
|
7777 |
TCP |
iChat server file transfer proxy (unregistered use) |
- |
cbt |
- |
|
8000-8999 |
TCP |
- |
- |
irdmi |
Web service, iTunes Radio streams |
|
8005 |
TCP |
Tomcat remote shutdown |
- |
- |
- |
|
8008 |
TCP |
iCal service |
- |
http-alt |
Mac OS X Server v10.5 and later |
|
8080 |
TCP |
Alternate port for Apache web service |
- |
http-alt |
Also JBOSS HTTP in Mac OS X Server 10.4 and earlier |
|
8085-8087 |
TCP |
Wiki service |
- |
- |
Mac OS X Server v10.5 and later |
|
8088 |
TCP |
Software Update service |
- |
radan-http |
Mac OS X Server v10.4 and later |
|
8089 |
TCP |
Web email rules |
- |
- |
Mac OS X Server v10.6 and later |
|
8096 |
TCP |
Web Password Reset |
- |
- |
Mac OS X Server v10.6.3 and later |
|
8170 |
TCP |
HTTPS (web service/site) |
- |
- |
Podcast Capture/podcast CLI |
|
8171 |
TCP |
HTTP (web service/site) |
- |
- |
Podcast Capture/podcast CLI |
|
8175 |
TCP |
Pcast Tunnel |
- |
- |
pcastagentd (for control operations, camera and so on) |
|
8443 |
TCP |
iCal service (SSL) |
- |
pcsync-https |
Mac OS X Server v10.5 and later. Was JBOSS HTTPS in Mac OS X Server 10.4 and earlier. |
|
8800 |
TCP |
Address Book service |
- |
sunwebadmin |
Mac OS X Server v10.6 and later |
|
8843 |
TCP |
Address Book service (SSL) |
- |
- |
Mac OS X Server v10.6 and later |
|
8821, 8826 |
TCP |
Stored |
- |
- |
Final Cut Server |
|
8891 |
TCP |
ldsd |
- |
- |
Final Cut Server (data transfers) |
|
9006 |
TCP |
Tomcat standalone |
- |
- |
Mac OS X Server v10.6 and earlier |
|
9100 |
TCP |
Printing |
- |
- |
Used for printing to certain network printers |
|
9418 |
TCP/UDP |
git pack transfer |
- |
git |
Xcode Server (remote git) |
|
11211 |
- |
memcached (unregistered) |
- |
- |
Calendar Server |
|
16080 |
TCP |
- |
- |
- |
Web service with performance cache |
|
16384-16403 |
UDP |
Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP) |
- |
connected, - |
iChat AV (Audio RTP, RTCP; Video RTP, RTCP) |
|
16384-16387 |
UDP |
Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP) |
- |
connected, - |
FaceTime, Game Center |
|
16393-16402 |
UDP |
Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP) |
- |
- |
FaceTime, Game Center |
|
16403-16472 |
UDP |
Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP) |
- |
- |
Game Center |
|
24000-24999 |
TCP |
- |
- |
med-ltp |
Web service with performance cache |
|
42000-42999 |
TCP |
- |
- |
- |
iTunes Radio streams |
|
49152-65535 |
TCP |
Xsan |
- |
- |
Xsan Filesystem Access |
|
49152-65535 |
UDP |
- |
- |
- |
Back to My Mac |
|
50003 |
- |
FileMaker server service |
- |
- |
- |
|
50006 |
- |
FileMaker helper service |
- |
- |
- |
