Port 433 is officially assigned to NNSP (NNTP for transit servers)—a specialized variant of the Network News Transfer Protocol designed for bulk article transfers between news servers.1
What NNSP Does
NNSP is NNTP with a specific job: moving newsgroup articles between servers. When one Usenet server synchronizes with another, flooding thousands of posts across the network, it uses port 433 for these transit operations.2
Port 119 handles reading clients—humans browsing newsgroups, posting messages, catching up on threads. Port 433 handles transit servers—machines talking to machines, bulk transfers, the backbone synchronization that keeps Usenet's distributed network coherent.
Why Two Ports for the Same Protocol
RFC 3977 specifies that if a host offers separate servers for transit and reading clients, "port 433 SHOULD be used for the transit server, and 119 for the reading server."3
This separation makes operational sense. Reading clients make small, interactive requests. Transit servers flood articles in bulk. Mixing them on the same port means one bulk transfer could choke the responsiveness for readers. Separate ports allow different resource allocation, different rate limiting, different priorities.
The Protocol History
Brian Kantor and Phil Lapsley wrote RFC 977 in March 1986, defining NNTP—the protocol that lets Usenet work as a distributed system rather than a single centralized server. Articles posted to one server propagate to all the others through a web of transit connections.4
RFC 3977, published in October 2006, updated and replaced the original specification. It clarified ambiguities, added new functionality, and formalized the distinction between reading and transit operations that led to port 433's assignment.5
Port 433 was officially registered with IANA on July 6, 2018, though the protocol and practice existed long before the formal registration.6
Security Considerations
NNSP runs on both TCP and UDP, though TCP is the primary transport. The original protocol sent everything in plaintext, including authentication credentials.
RFC 8143 defines how to use TLS with NNTP, either through STARTTLS (upgrading an existing connection) or implicit TLS on a dedicated port (563 for secure NNTP).7 Transit servers should use encryption when synchronizing across untrusted networks, but many internal transit connections still run unencrypted.
The bigger security concern: Usenet has no central authority, no global moderation, no delete function that works across servers. Once an article propagates through transit servers, it exists in hundreds of locations. This makes abuse harder to contain.
The Genuine Strangeness
Usenet still runs. Newsgroups still exist. Binary distribution still happens through multi-part posts split across dozens of messages. Port 433 still carries bulk article floods between servers using a protocol architecture from 1986.
The world moved to web forums, then social media, then Discord and Reddit. But the infrastructure pattern that made Usenet work—distributed servers, transit protocols, eventual consistency through flooding—never actually died. It just became invisible, running quietly in corners of the Internet where people still value decentralization and persistent archives.
Related Ports
- Port 119 — NNTP for reading clients (where humans browse newsgroups)
- Port 563 — NNTPS (NNTP over TLS for secure connections)
Checking What's Listening
To see if anything is listening on port 433:
Linux/Mac:
Windows:
Most systems won't have anything on port 433 unless they're running Usenet transit servers, which are increasingly rare outside dedicated news hosting operations.
Frequently Asked Questions
Was this page helpful?