What Runs on Port 2762
Port 2762 is registered with IANA for dicom-tls — the DICOM Upper Layer Protocol secured with TLS.1
DICOM (Digital Imaging and Communications in Medicine) is the standard that makes it possible for a CT scanner from one manufacturer to send images to a viewer built by another, to a storage system built by a third. Without it, every radiology vendor would be an island. With it, a scan taken in the emergency department shows up on the radiologist's workstation down the hall — or across the country.
Port 2762 is where that happens securely.
The DICOM Port Family
DICOM didn't arrive at one port and stay there. It accumulated them:
| Port | Service | What It Does |
|---|---|---|
| 104 | dicom | DICOM plain (unencrypted) |
| 2761 | dicom-iscl | DICOM over ISCL (an older security layer) |
| 2762 | dicom-tls | DICOM over TLS (modern encryption) |
| 11112 | dicom | DICOM open standard port |
The existence of four ports for one protocol is a record of the medical imaging world's careful, layered approach to change. Port 104 still carries unencrypted DICOM traffic in many hospital networks — internal, trusted networks where encryption wasn't historically required. Port 2762 is what gets used when the data needs to travel somewhere less certain, or when compliance requirements demand encryption.2
Why This Port Exists
Before TLS became the default answer to "how do we secure this?", the DICOM standard defined its own security layer called ISCL (Integrated Secure Communication Layer), which landed on port 2761. When TLS emerged as the obvious modern choice, a new port was registered rather than reusing the old one.
The DICOM standard's TLS profile specifies that systems supporting secure transport should use port 2762.3 In practice, this means the port may carry data from MRI machines, CT scanners, PACS (Picture Archiving and Communication Systems), teleradiology platforms, and diagnostic workstations.
Security Considerations
The whole point of port 2762 is encryption. DICOM on port 104 is plaintext — readable by anyone on the network path. Port 2762 wraps that same protocol in TLS, protecting patient data in transit.
If you see port 2762 open on a server you manage and didn't expect it, it likely belongs to medical imaging software. If you don't run radiology systems, it shouldn't be there.
How to Check What's Listening
These commands will show you the process name and PID of whatever has bound to port 2762. On a PACS server or radiology workstation, you'd expect to see imaging software. Anywhere else, investigate.
ئایا ئەم پەڕەیە بەسوود بوو؟