What This Port Is
Port 10364 belongs to the registered ports range (1024–49151). These ports are assigned by IANA to specific services upon request by organizations that need them. Unlike well-known ports (0–1023) that most people interact with every day, registered ports are often invisible—used by specialized software, industrial systems, and enterprise applications that don't need to be public-facing.1
The Service: ABB Ranger 2003
Port 10364 is the default communication port for ABB Ranger 2003, an industrial control system developed by ABB (Asea Brown Boveri), a multinational power and automation technology company.2 3
The Ranger 2003 platform runs in SCADA (Supervisory Control and Data Acquisition) systems, primarily in the energy sector. Specifically, it handles real-time control and monitoring in hydroelectric power plants, electrical substations, and other critical infrastructure. The system includes multiple components—Data Acquisition Servers (DAS), redundant systems (RDAS), web services—all communicating across TCP/10364 and related ports in its protocol family (10307, 10311, 10365).4
Why It Matters
If port 10364 is open on a system you're auditing, there's a good chance an ABB Ranger SCADA system is running behind it. This is important because:
- SCADA systems are critical infrastructure. They control the flow of electricity, water, and other utilities.
- They were designed in a different era. Security wasn't built in from the start. Ranger 2003 uses vendor-specific protocols, not open standards, which makes security harder to audit.
- They must keep running. You can't patch an active power plant the way you patch a web server. That creates a security tension.
Security researchers have spent years documenting vulnerabilities in ICS systems like Ranger. The fact that port 10364 has a clear identity—rather than being a mystery—is actually valuable from a defensive perspective.5
Checking for This Port
On Linux/Unix:
On macOS:
On Windows:
If nothing is listening on 10364, that's normal—not every network runs ABB systems. If something is listening and you don't recognize it, investigate. Unauthorized industrial control system traffic is a serious signal.
Why Unassigned Ports Exist
The Internet has ~65,000 ports. The well-known ports (0–1023) capture the most important services: HTTP, SMTP, DNS, SSH. But there are thousands of other services in the world—some industrial, some legacy, some proprietary.
The registered port range exists because organizations need space to operate without colliding with each other. When ABB requested port 10364, they got it. When another vendor needs a new port, they request one. This system has worked for decades.
The value is in clarity: a port that has a name is better than a port that doesn't. "Port 10364 is for Ranger SCADA" tells you something. A mystery port tells you nothing, and mystery is where security problems hide.
The Honesty
Port 10364 is not a hack. It's not exploited in mainstream security incidents—not because it's secure, but because it runs on air-gapped networks in power plants. The people who need to know about it already do.
But if you see it listening on a system where you didn't expect to find industrial control traffic, that's a signal. Not necessarily a problem, but a signal worth following.
Was this page helpful?