1. Ports
  2. Port 2089

Port 2089: Security Encapsulation Protocol — A Ghost Registration and Ham Radio Voices

What Range This Port Belongs To

Port 2089 is a registered port — it falls in the range 1024–49151, the middle band of the port number space.

IANA divides ports into three ranges:

  • 0–1023: Well-known ports. Assigned to foundational protocols like HTTP (80), HTTPS (443), and SSH (22). Require root/administrator privileges to bind on most operating systems.
  • 1024–49151: Registered ports. Any organization or individual can apply to IANA to claim a port for a specific purpose. No privilege required to bind.
  • 49152–65535: Ephemeral (dynamic) ports. Not registered. Used temporarily by your OS when you initiate an outgoing connection.

The Official Registration: A Protocol That Never Was

IANA lists port 2089 as assigned to the Security Encapsulation Protocol (SEP), registered to Maya Zimerman for both TCP and UDP.1

There is no RFC for SEP. No reference implementation. No documentation anyone has found in the wild. The name was claimed, and then nothing followed. This is more common than you'd think — the registered ports list contains dozens of entries like this: a name, a contact, and a silence that stretches decades.

The Real Traffic: Amateur Radio

The more interesting story on port 2089 is IRLP — the Internet Radio Linking Project.

IRLP connects amateur radio repeater stations to each other over the Internet. A ham radio operator in Vancouver keys up a radio, their repeater digitizes the audio, and sends it as UDP packets to a repeater in New Zealand, where it comes back out over the air as RF. Long-distance radio communication without the radio waves doing the long-distance part.

IRLP was created in 1997 by Dave Cameron (VE7LTD) and uses the UDP port range 2074–2093 for its voice streams — port 2089 lands squarely in this range.2 The audio is transmitted using a VoIP application, and all nodes authenticate via PGP before any audio is relayed.

So while the registered owner of port 2089 is a protocol that never shipped, the traffic that actually appears on this port is probably someone's voice, digitized, bounced through the Internet, and emerging from a radio antenna somewhere else in the world.

How to Check What's Listening on Port 2089

If you want to see what's using this port on your own machine:

macOS / Linux:

# Show what process is bound to port 2089
lsof -i :2089

# Or with ss (Linux)
ss -tulpn | grep 2089

Windows:

netstat -ano | findstr :2089

The PID in the output maps to a process you can look up in Task Manager or with tasklist.

Why Unassigned and Ghost Ports Matter

The registered port range is a shared namespace. When a port gets claimed — even by a protocol that never materializes — it means other software should avoid it to prevent conflicts. In practice, this breaks down: nothing enforces the registry, and software picks ports for all kinds of reasons.

What this means practically:

  • If you're building software that needs a port, check IANA's registry before hardcoding one3
  • If you see unexpected traffic on a registered-but-obscure port, it's more likely to be IRLP, a game server, or custom application than the registered protocol
  • Security tools that flag "unknown" ports are right to flag them — you should know what's on your network

이전

Port 2088: IP Busy Lamp Field — The Port for the Little Light on Your Desk Phone

다음

Port 2091: PRP — A Registered Port Nobody Can Find

이 페이지가 도움이 되었나요?

😔
🤨
😃