Port 285 sits in the well-known port range (0-1023), but it has no official assignment. IANA lists it as "Unassigned" for both TCP and UDP.1 It's a door number with no service behind it, one of roughly 24% of well-known ports that remain unallocated.2
What "Unassigned" Means
The well-known port range is managed by IANA through strict procedures defined in RFC 6335.3 To get a port in this range, you need IETF Review or IESG Approval—you have to document why a port in the registered range (1024-49151) won't work. The bar is high because this range is small and densely allocated.
Port 285 hasn't met that bar. It sits between port 284 (assigned to "corerjd") and port 286 (assigned to "FXP Communication"), an empty slot in an otherwise occupied neighborhood.1
The Malware Problem
Here's what makes port 285 notable: it's been associated with trojan malware, specifically variants known as "Delf" and "WCTrojan."4 Malware authors look for unassigned ports precisely because they're unmonitored. An empty house in a good neighborhood.
If you find something listening on port 285, it's worth investigating. There's no legitimate service that should be there.
Why Unassigned Ports Matter
The Internet's port system includes thousands of unassigned numbers. They exist as administrative gaps—reserved space for future protocols that don't exist yet. Most sit empty and forgotten.
But these gaps serve a purpose. They're room for growth. The Internet in 1980 had no idea it would need ports for HTTPS (443), or SMTP submission (587), or thousands of other services that came later. Unassigned ports are the future's real estate.
The problem is that in the present, they're nobody's responsibility. No service is watching them. No daemon is supposed to answer. That makes them attractive to malware that wants to operate quietly.
How to Check Port 285
On Linux or macOS:
On Windows:
If you see something listening and you didn't install it, investigate. Unassigned ports should be silent.
The Bigger Picture
Port 285 is one of hundreds of unassigned well-known ports. Each one is a potential gap in network monitoring. Security professionals know to watch for unexpected traffic on unusual ports, but the sheer number of unassigned ports makes comprehensive monitoring difficult.
IANA maintains the official registry to prevent chaos—to ensure that when a service claims a port, no one else is using it. But they can't police every unassigned number. That's left to firewalls, intrusion detection systems, and administrators who know their networks well enough to spot anomalies.
Port 285 is a reminder that empty space in a system isn't truly empty. It's either reserved for the future or occupied by something that doesn't belong.
Related Ports
- Port 284 — corerjd (assigned)
- Port 286 — FXP Communication (assigned)
- Well-known range — Ports 0-1023 (system ports)
Was this page helpful?