1. Ports
  2. Port 3564

Port 3564: Electromed SIM Port — A Registered Port Nobody Knocks On

What This Port Is

Port 3564 sits in the registered ports range (1024–49151), the middle tier of the port numbering system between the well-known ports (0–1023) that everyone knows and the ephemeral ports (49152–65535) that operating systems grab temporarily for outbound connections.

IANA's official assignment: esimport — the Electromed SIM port, registered in August 2002.1

Electromed is a medical device company. What their "SIM port" import service did, and whether it ever shipped in a product that saw meaningful use, is not documented anywhere findable. The registration exists. The service, practically speaking, does not.

What "Registered" Actually Means

When a company or project requests a port number from IANA, they get an entry in the registry. That's it. No enforcement. No guarantee the service is still alive. No mechanism to reclaim the number if the project dies.

The registered ports range has over 48,000 slots. Many of them look like this — assigned once, years ago, to a service that quietly stopped running. The assignment is permanent. The service is not.

This matters because the registered range is also where legitimate software lives: databases, application servers, game servers, and development tools all park themselves here. When you see an unfamiliar port in this range, it might be abandoned infrastructure, it might be local software, or it might be something you didn't install.

Who's Knocking

The SANS Internet Storm Center tracks scanning activity across ports. Port 3564 receives regular reconnaissance probes from scanners sweeping the registered range.2

They're not looking for Electromed's SIM import service. They're automated tools testing which ports respond, mapping attack surfaces at scale. A port that responds unexpectedly is more interesting to an attacker than a port that stays silent.

Port 3564 staying silent is the correct behavior for almost any system.

What to Do If You See It

If something is listening on port 3564 on your system, it's not Electromed. Check what it actually is:

On Linux/macOS:

sudo ss -tlnp | grep 3564
# or
sudo lsof -i :3564

On Windows:

netstat -ano | findstr :3564

The output will show the process ID. From there you can identify the application — which is almost certainly something you installed and configured, not an artifact of an obscure 2002 medical device registration.

If you didn't expect anything to be there, that's worth investigating.

הקודם

Port 3563: Unassigned — An Empty Slot in the Registry

הבא

Port 3565: M2PA — Where Telephone Signaling Meets the Internet

האם דף זה היה מועיל?

😔
🤨
😃