1. Ports
  2. Port 3613

Port 3613: Alaris Device Discovery — The Port Inside Hospital Infusion Pumps

What Runs on Port 3613

Port 3613 is registered to Alaris Device Discovery (alaris-disc), a protocol used by the BD Alaris infusion pump system. It operates on both TCP and UDP.

The BD Alaris system is a modular infusion platform deployed across hospitals worldwide. It delivers fluids, medications, and blood products to patients — adults, pediatric, and neonatal. The pump's Point-of-Care Unit (PCU) uses port 3613 to communicate with the Alaris Systems Manager (SM), the central software that configures devices, distributes drug libraries, and monitors the fleet.

When a nurse wheels an Alaris pump into a room and it connects to the hospital Wi-Fi, port 3613 is how it finds its management system. The device registers itself, pulls its configuration, and begins reporting status. The connection is outbound only — the PCU does not accept unsolicited inbound traffic on this port.1

The Range It Lives In

Port 3613 sits in the registered port range (1024–49151). These ports are not reserved by the operating system the way well-known ports (0–1023) are — any process can bind to them without elevated privileges. But IANA maintains a registry of registered ports so that developers and administrators know which applications claim which numbers.

Alaris registered this port in June 2004, with Chris Dern listed as the contact.2 That registration predates many of the hospital network security frameworks that exist today, from an era when medical devices joining IP networks was still a relatively new idea.

Why This Port Matters

Hospital networks have become a serious security concern. Medical devices like infusion pumps are often running older embedded operating systems, receive infrequent updates, and sit on the same network as clinical workstations. The Alaris system has been the subject of multiple security advisories from CISA.3

BD's own guidance recommends isolating Alaris PCUs on a dedicated VLAN and using firewall rules or access control lists to restrict port 3613 traffic to only the Systems Manager endpoints.1 This limits the blast radius if something on the network is compromised.

If you see port 3613 traffic on a network that doesn't run Alaris equipment, that's worth investigating.

How to Check What's Listening on This Port

# On Linux/macOS — show what process is using port 3613
ss -tlnp | grep 3613
lsof -i :3613

# On Windows
netstat -ano | findstr :3613

On a hospital network with Alaris devices, you'd expect to see the Systems Manager software listening here. On any other network, nothing should be.

Précédent

Port 3612: Data Protector — The Backup Port That Outlasted Its Owners

Suivant

Port 3614: Satchwell Sigma — The Building's Nervous System

Cette page vous a-t-elle été utile ?

😔
🤨
😃