Port 1769: bmc-net-adm — A Registered Port With Almost Nothing Behind It

What Port 1769 Is

Port 1769 sits in the registered ports range (1024–49151). IANA assigned it the service name bmc-net-adm, associated with network administration tooling from BMC Software, a company now absorbed into Broadcom.

That's most of what the public record says. There is no RFC. There is no widely deployed protocol documentation. The registration exists; the software behind it became enterprise-only, then got quietly folded into a larger product suite.

The Registered Ports Range

Ports 1024–49151 are called registered ports (sometimes "user ports"). The idea was sensible: software vendors register their port numbers with IANA so they don't collide with each other. In exchange for the registration, IANA lists the service name and contact.

The system works reasonably well for widely deployed services — port 1433 for SQL Server, port 3306 for MySQL, port 5432 for PostgreSQL. For hundreds of other registrations, the software that prompted the registration is gone, rebranded, or so niche that the registration functions more as a historical artifact than an active reservation.

Port 1769 falls into that second category.

bmc-net-adm

BMC Software (now part of Broadcom) registered this port for a network administration component. Broadcom's own VMware Telco Cloud documentation references bmc-net-adm as a TCP service on port 1769, described as a detectable software service within their Application Connectivity Monitor — though monitoring for it is disabled by default.¹

Beyond that mention, there is no widely available protocol specification, no independent documentation, and no notable security advisories tied to this port.

If you see port 1769 active on a machine that runs BMC or Broadcom network management software, that's likely the explanation. If you see it on anything else, it warrants investigation.

What Might Be Listening

Any process can open any port. IANA registrations are not enforced. Software that needs a high-numbered port sometimes picks one arbitrarily. Port 1769 could appear on your network as:

• A BMC/Broadcom network management component
• Unrelated software that happened to choose this port
• A misconfigured or malicious process

The registration tells you what should be here. Only your own inspection tells you what is.

How to Check What's Listening

On Linux/macOS:

# Show the process using port 1769
ss -tlnp sport = :1769

# Or with lsof
lsof -i :1769

On Windows:

# Show connections and owning process IDs
netstat -ano | findstr :1769

# Then look up the PID
tasklist | findstr <PID>

If something unexpected is listening on 1769, cross-reference the process name with what's installed on the machine. An unfamiliar process on any port is worth understanding.

Why Unassigned (and Obscure) Ports Matter

The port registry is a map. Like all maps, it's more accurate in some places than others. Well-known ports (0–1023) are tightly controlled and well-documented. Registered ports were meant to be nearly as orderly. In reality, thousands of registrations belong to software that is defunct, proprietary, or simply never widely deployed.

Port 1769 is a minor example of this: officially claimed, functionally obscure. The registration prevents another vendor from accidentally colliding with it, and it provides a starting point if you need to trace the port's origin. But it won't tell you much about what you'll find if you actually encounter it.