Port 35 is assigned to "any private printer server." Both TCP and UDP. That description has appeared in every version of the IANA port registry since the early 1970s1. No specific protocol was ever defined for it. No RFC describes what a "private printer server" on port 35 should do or how it should behave. The assignment exists because Jon Postel, the person who managed the Internet's numbering system for its first three decades, decided to hold this port open for a category of service that never materialized.
What "Any Private Printer Server" Means
In the early days of the ARPANET, Postel reserved several well-known ports for broad categories of "private" services2:
- Port 35: Any private printer server
- Port 57: Any private terminal access
- Port 59: Any private file service
The word "private" here does not mean encrypted or secured. It means proprietary, vendor-specific, not standardized by an RFC. Postel was carving out space for implementations that might need a well-known port but would never go through the formal standards process.
Network printing eventually did get standardized ports. Port 515 became the Line Printer Daemon (LPD) protocol3. Port 631 became the Internet Printing Protocol (IPP). Port 9100 became the de facto standard for raw printing via HP JetDirect. Port 35 was never adopted by any of them.
The Well-Known Port Range
Port 35 sits in the well-known port range (0 to 1023). These ports are controlled by IANA and on most operating systems require root or administrator privileges to bind to4. This range was originally only 0 to 255, later expanded to 0 to 1023.
Having a well-known port number means that client software can connect to a service without needing to discover which port it runs on. Port 80 is HTTP. Port 22 is SSH. Port 35 is... a placeholder that was never claimed.
The Postel Connection
Jon Postel is listed as the contact for port 35's assignment in RFC 17001. This is significant because Postel was both the person who managed the registry and the person who made the reservation. He was, in his own words from RFC 433, the "czar of socket numbers"5, the single human being responsible for deciding which numbers meant what on the early Internet.
The port 35 assignment traces back through the entire chain of Assigned Numbers RFCs: 1700, 1340, 1060, 1010, 990, 960, all the way back to RFC 349 in 19726. It is one of the oldest surviving port assignments in the registry.
Is Anything Actually Using Port 35?
In practice, almost nothing uses port 35 today. If you see traffic on port 35, it is most likely:
- A misconfigured service
- A vulnerability scanner probing well-known ports
- Malware using an uncommon port to avoid detection
Some security databases have flagged port 35 as historically associated with trojan activity, though this is not unique to port 35. Attackers sometimes choose obscure well-known ports precisely because they are rarely monitored7.
How to Check What Is Listening on Port 35
Linux:
macOS:
Windows:
If something is listening on port 35 and you did not put it there, investigate immediately.
Why Unassigned Ports Matter
Port 35 is technically assigned, but to a service category that was never defined. Ports like this reveal something about how the Internet's infrastructure was built: by individuals making judgment calls about what the future might need. Sometimes those calls were prescient (port 25 for email has lasted over 40 years). Sometimes they were reservations for a future that took a different path.
The Internet's port system works because it is a shared agreement. Port 35's story is a reminder that not every agreement gets fulfilled, and that is fine. The system is robust enough to carry 65,535 possibilities, and not all of them need to be used for the architecture to hold.
Frequently Asked Questions
Was this page helpful?