1. Ports
  2. Port 40

Port 40: Unassigned — The Empty Seat Between Two Neighbors

Port 40 has no assigned service. No protocol runs here by default. No RFC defines what it should carry. It sits in the well-known port range (0 to 1023), flanked by two protocols from the earliest days of the Internet, and it has been empty since the beginning.

That emptiness is not an accident. It is an artifact.

Why Port 40 Is Empty

In the 1970s, the ARPANET used a transport protocol called NCP (Network Control Protocol) that preceded TCP1. NCP was simplex, meaning each connection could only carry data in one direction. To have a two-way conversation, an application needed two ports: one odd-numbered for sending, one even-numbered for receiving. Every service occupied a pair.

On January 1, 1983, the ARPANET switched from NCP to TCP/IP in what is known as "flag day"2. TCP is full-duplex. One port handles both directions. The even-numbered return ports were no longer necessary.

Many of those even-numbered slots were never reassigned. Port 40 is one of them. It has been unassigned in the IANA Service Name and Transport Protocol Port Number Registry for over four decades3.

The Neighbors

Port 40 sits between two protocols that did get assigned:

  • Port 39: Resource Location Protocol (RLP), defined in RFC 887 by Mike Accetta at Carnegie Mellon in December 19834. It helped networked devices locate resources before DNS became the dominant lookup mechanism.
  • Port 41: Graphics, an early protocol for remote graphics display.

Both are relics of the early ARPA Internet. Neither sees meaningful use today. Port 40 is the gap between two museum pieces.

The Well-Known Port Range

Ports 0 through 1023 are designated as "well-known" or "system" ports by IANA5. On most Unix-like systems, binding to a port in this range requires root or equivalent privileges. These ports were intended for core Internet services: SSH on 22, SMTP on 25, HTTP on 80, DNS on 53.

Not every number in the range has been claimed. Port 40 is proof that having a low number does not guarantee significance. IANA assigns well-known ports through "IETF Review" or "IESG Approval" procedures as described in RFC 63356. No one has ever submitted a request for port 40.

Security Considerations

An unassigned port that is open on your machine is worth investigating. Nothing should be listening on port 40 under normal circumstances. If something is, find out what.

On Linux or macOS:

sudo lsof -i :40
sudo netstat -tlnp | grep :40
ss -tlnp | grep :40

On Windows:

netstat -ano | findstr :40

If a process is bound to port 40 and you do not recognize it, treat it as suspicious. Unassigned ports are sometimes used by malware precisely because they are unlikely to conflict with legitimate services.

Why Unassigned Ports Matter

The port system has 65,535 possible numbers. Only a fraction have official assignments. The unassigned majority serves a purpose: it is the open space that allows the Internet to grow. Custom applications, internal tools, development servers, testing environments, all of these use ports that IANA has not claimed.

Port 40 could be used by anyone for anything. No authority has reserved it. That is both its freedom and its risk.

Frequently Asked Questions

Previous

Port 39: RLP — The Internet Learns to Ask for Help

Next

Port 41: Graphics — Where the Network Learned to See

Was this page helpful?

😔
🤨
😃