Port 900 occupies a peculiar position in the port registry. It has an official assignment—omginitialrefs (OMG Initial Refs)—but you'll almost never see it actually used. This is a ghost port: technically assigned, practically abandoned.
What OMG Initial Refs Was
In the 1990s and early 2000s, the Object Management Group (OMG) created CORBA (Common Object Request Broker Architecture)—a standard for making objects in distributed systems talk to each other across different platforms and languages. Port 900 was assigned to handle the exchange of initial object references when these systems were starting up.12
When a CORBA client needed to find objects on a server, it would connect to port 900 to get those initial references. Think of it as a directory service for distributed objects—a way to bootstrap the connection between systems that needed to share complex data structures across networks.
This was genuinely innovative technology at the time. Before REST APIs, before microservices, before JSON, there was CORBA—and port 900 was part of that infrastructure.
Why You Don't See It Anymore
CORBA lost. The web won.
The rise of HTTP-based APIs, XML-RPC, SOAP, and eventually REST and JSON fundamentally changed how distributed systems communicate. Modern services don't exchange object references through specialized ports—they exchange data through HTTP on port 80 or HTTPS on port 443.3
Port 900 remains assigned in the IANA registry, but the technology it was built for has largely disappeared from production networks. Some legacy enterprise systems still run CORBA, but they're increasingly rare.
The Well-Known Port Range
Port 900 sits in the well-known port range (0–1023)—ports that IANA officially assigns to specific services.4 This range is supposed to contain the Internet's core infrastructure: DNS on 53, HTTP on 80, HTTPS on 443. Port 900 earned that designation during an era when CORBA seemed like it might be fundamental infrastructure too.
It wasn't.
But the assignment remains, a historical marker of a different approach to distributed computing.
Security Considerations
Because port 900 is rarely used legitimately anymore, if you see traffic on port 900, it's worth investigating. Attackers sometimes use obscure assigned ports for:
- Backdoors — Malware that wants to hide in plain sight might use an officially assigned but rarely monitored port
- Command and control — Some trojans have been observed using port 900 for communications
- Port scanning — Security scanners routinely check well-known ports including 900
If your firewall logs show unexpected activity on port 900, don't assume it's legitimate CORBA traffic. It probably isn't.
Checking What's Listening
On most systems, you can check if anything is actually using port 900:
Linux/macOS:
Windows:
In most modern networks, these commands will return nothing. That's expected. Port 900 belongs to a different era of computing.
Why Obsolete Ports Matter
Port 900 tells a story about how the Internet evolves. Technologies that once seemed essential—CORBA, DCOM, RPC—get replaced by simpler approaches. Ports get assigned to services that eventually disappear, leaving behind numbered ghosts in the registry.
The IANA doesn't typically reclaim these assignments. Once a port is designated, it usually stays that way, even if the service it was created for becomes obsolete. So port 900 remains officially assigned to omginitialrefs, a service that most network engineers under 30 have never encountered.
It's a reminder that the protocols we build today might also become historical footnotes tomorrow.
Related Ports
Other CORBA and OMG-related services used nearby port numbers in the well-known range, most of which are equally obsolete in modern networks. The entire ecosystem of distributed object technologies left these assignments behind.
Frequently Asked Questions About Port 900
Esta página foi útil?