Port 3612: Data Protector — The Backup Port That Outlasted Its Owners

What Port 3612 Does

Port 3612 belongs to Data Protector, an enterprise backup and recovery platform used by large organizations to protect data across servers, storage systems, and clouds. When Data Protector's components communicate across a network — coordinating backup sessions, reporting status, moving data — some of that traffic flows through port 3612 on both TCP and UDP.

IANA registered the service name dataprotector to this port in September 2002.¹

A Port That Survived Four Owners

The software on this port has an unusually long and peripatetic history.

It began as the OmniBack Network Backup System, developed at Apollo Computer in the late 1980s. When HP acquired Apollo in 1989, OmniBack came along. HP merged the product lines in 1996 with OmniBack II 2.0, and eventually dropped the OmniBack name entirely at version 5.0, rebranding as HP Data Protector.²

In 2017, Micro Focus acquired HPE's software division and the product became Micro Focus Data Protector. In 2023, OpenText acquired Micro Focus, and it became OpenText Data Protector.²

Four corporate owners across nearly four decades. Port 3612 has stayed put through all of it.

Which Range This Port Belongs To

Port 3612 sits in the registered ports range (1024–49151). These ports are not hardcoded into the Internet's infrastructure the way well-known ports are (ports 0–1023), but they are formally recorded in the IANA registry so that software vendors can claim a consistent, documented port number. Applications in this range typically require the user to explicitly run or install the service — nothing is listening on 3612 by default on a general-purpose system.

Security Considerations

Data Protector has had a number of serious vulnerabilities over the years, including remote code execution flaws that allowed unauthenticated attackers to run arbitrary commands.³ If you see port 3612 open on a system you don't recognize, it warrants investigation. Backup agents by nature have broad access to filesystems — a compromised backup service is a compromised server.

Port 3612 should not be exposed to the public Internet. If Data Protector is in use, firewall rules should restrict access to known backup servers only.

How to Check What's Listening

On Linux or macOS:

sudo ss -tlnp | grep 3612
# or
sudo lsof -i :3612

On Windows:

netstat -ano | findstr :3612

If something is listening on 3612 and you didn't install Data Protector, check whether a third-party backup agent was bundled with server management software — some vendors install Data Protector components as part of broader infrastructure packages.