What Port 3528 Is
Port 3528 is listed in multiple port databases as jboss-iiop — the IIOP (Internet Inter-ORB Protocol) listener for JBoss application servers. IIOP is the network protocol that CORBA (Common Object Request Broker Architecture) uses to let distributed objects communicate across a network.
In practice: if you see port 3528 open on a server, a JBoss (or WildFly) instance is almost certainly running with CORBA/IIOP support enabled.
What IIOP Actually Does
CORBA was the 1990s answer to a real problem: how do you let a Java object on one machine call a method on a C++ object on another machine, transparently, as if they were in the same process?
IIOP is the protocol that makes that call happen. It defines exactly how the request is encoded, transmitted, and decoded on the other side. Port 3528 is where the JBoss ORB (Object Request Broker) — the piece of software that routes these calls — sits and waits.
CORBA was a genuine engineering achievement. It was also extraordinarily complex. The specification ran to thousands of pages. The implementations were expensive and fragile. By the mid-2000s, most of the industry had abandoned it in favor of REST, later gRPC, and other approaches that traded theoretical purity for practical simplicity.
Port 3529 is the companion: IIOP over SSL, the encrypted version of the same service.1
The Range This Port Lives In
Port 3528 falls in the registered ports range (1024–49151). These ports are assigned by IANA to specific services and applications. Unlike well-known ports (0–1023), registered ports don't require elevated privileges to bind — any process can open them.
The registered range is where you find enterprise middleware, databases, application servers, and the accumulated decisions of forty years of software. Some ports here carry protocols that now run the Internet. Others, like 3528, carry protocols that the industry quietly moved on from.
Is This Port a Security Concern?
CORBA/IIOP implementations have a checkered security history. If port 3528 is open on a server that doesn't intentionally run a JBoss instance with CORBA support, that's worth investigating. IIOP is not a protocol that should be exposed to the public Internet — it belongs inside a trusted network perimeter, if it's used at all.
Modern JBoss/WildFly deployments rarely need CORBA. It's typically enabled only for legacy application compatibility. If you're running WildFly and don't have CORBA-dependent applications, the iiop-openjdk subsystem can be removed from your configuration.
Checking What's Listening
To see what process has bound port 3528 on a Linux system:
Or with lsof:
On macOS:
On Windows:
If you find something listening there unexpectedly, the process name in the output will tell you what it is.
Frequently Asked Questions
Questa pagina è stata utile?