Port 1866 sits in the registered port range — officially claimed, minimally documented, and largely forgotten.
What the Registry Says
The IANA port registry lists port 1866 as assigned to swrmi, on both TCP and UDP. The registrant is listed as Jun Yoshii. That's essentially the complete public record. What swrmi stands for, what protocol it used, what software shipped with it — the registry doesn't say, and public documentation doesn't fill the gap.1
The name suggests a possible connection to RMI (Remote Method Invocation), a Java mechanism for calling methods on objects running in other JVMs across a network. The "sw" prefix might indicate a software vendor or project name. But this is inference, not documentation. Treat it as such.
What the Registered Port Range Means
Ports 1024 through 49151 are registered ports — also called user ports. They aren't reserved for system use (that's ports 0–1023), and they aren't dynamically assigned for temporary connections (that's ports 49152–65535). Registered ports exist for software vendors and protocol designers to stake a claim: "this is where my service listens."
Registration with IANA doesn't require working code. It doesn't require ongoing maintenance. It doesn't expire automatically. So the registered port range is littered with entries from software that was proposed, partially built, or quietly discontinued — each one a small fossil from a moment in the Internet's development.
Port 1866 appears to be one of those fossils.
Is Anything Actually Using This Port?
Possibly. Custom applications sometimes use unoccupied or obscure registered ports without any relation to the official registration. If you see traffic on port 1866 and you didn't put it there, the answer isn't "it's swrmi" — the answer is to check what's actually running.
On Linux and macOS:
On Windows:
The process ID from those commands will tell you which application owns the port. That's the only reliable answer.
Why Unassigned-in-Practice Ports Matter
The port number system works because most software respects it. When a server opens port 443, you can reasonably expect HTTPS. When you see port 22, you expect SSH. This shared understanding lets firewalls be written, security policies be enforced, and network traffic be reasoned about.
Ports like 1866 — registered but undocumented — create small ambiguities in that system. If your firewall blocks all traffic except known services, you need a policy for ports whose purpose you can't verify. If you're auditing a server and see an open port 1866, you can't look it up and immediately know whether it belongs there.
The answer in both cases is the same: check what's actually listening. Port numbers are labels, not locks.
האם דף זה היה מועיל?