Port 491 sits in the well-known ports range (0-1023), officially assigned by IANA to a service called "go-login"—the authentication gateway for GO-Global remote access software.1 Most people have never heard of it. Most network administrators will never configure it. But for the organizations that use GO-Global, this port is the threshold between here and there.
What Runs on Port 491
GO-Global is remote access and application publishing software made by GraphOn. Port 491 listens for TCP connections from clients who want to connect to and control remote computers.2 Think of it as a quieter cousin to Remote Desktop Protocol (RDP on port 3389) or VNC—same purpose, different implementation, smaller footprint in the collective awareness of the Internet.
When a GO-Global client connects to port 491, it's requesting access to a remote desktop or published application. The go-login service handles the authentication handshake, establishing the secure tunnel through which keyboard strokes, mouse movements, and screen pixels will flow.
The Well-Known Range
Port 491 falls in the 0-1023 range, historically called "well-known ports" and requiring root privileges to bind on Unix systems. IANA manages these assignments carefully. Getting a port number in this range means your protocol was deemed significant enough to warrant a permanent address in the Internet's nervous system.
GO-Global received this assignment, placing it alongside protocols like HTTP (80), HTTPS (443), and SSH (22). Whether it truly belongs in that company is a question of perspective—for the systems administrators who rely on it, absolutely. For the rest of the Internet, it's a curiosity.
Security Considerations
Port 491 carries authentication credentials and remote desktop sessions. If exposed to the Internet without proper security measures, it becomes an attack vector.
Protect this port:
- Never expose it directly to the public Internet without a VPN or firewall
- Use GO-Global's built-in SSL/TLS encryption for all connections3
- Monitor connection logs for unusual authentication attempts
- Restrict access to known IP addresses when possible
Attack activity on port 491 is relatively low compared to more popular remote access ports, but that's no reason for complacency.4 Attackers scan the entire port range. An open port 491 tells them exactly what software you're running.
How to Check What's Listening
On Linux or macOS:
On Windows:
If you see something listening on port 491 and you're not running GO-Global, investigate immediately. Malware occasionally squats on officially assigned ports, hoping the legitimate service name provides cover.
The Nature of Registered Ports
Port 491's official assignment illustrates how the port system actually works. IANA doesn't just hand out numbers to anyone. You submit a formal request, justify the need, demonstrate that your protocol serves a legitimate purpose. GraphOn did this for GO-Global, and port 491 became theirs.
But official assignment doesn't guarantee adoption. The Internet is littered with officially assigned ports that almost nobody uses. Port 491 serves its purpose for GO-Global users—a small but real population—while remaining invisible to everyone else.
That's fine. Not every port needs to be famous. The Internet works because there are 65,535 port numbers, enough for the essential protocols everyone uses and the specialized ones that quietly serve specific communities.
Related Ports
- Port 3389 (RDP) — Microsoft's Remote Desktop Protocol, the dominant remote access protocol for Windows systems
- Port 5900 (VNC) — Virtual Network Computing, the open-source alternative for remote desktop access
- Port 22 (SSH) — Secure Shell, often used for command-line remote access to Unix systems
- Port 5631 (pcANYWHEREdata) — Symantec's remote access solution, another niche player in the same space
The Honest Truth
Port 491 exists for GO-Global and probably nothing else. Attack activity is minimal.4 If you're not running GraphOn's software, this port should be closed on your systems. If you are running GO-Global, this port is your front door—secure it accordingly.
The broader lesson: even obscure port assignments matter. Every open port is a potential entry point. Know what's listening, know why it's listening, and close everything else.
Frequently Asked Questions
Was this page helpful?