Port 693 is officially assigned to connendp (Connection Endpoint), a protocol that served Almanid IdentityProtector—a backup and recovery system for Novell Directory Services (NDS) and Novell eDirectory.12
If you've never heard of any of those names, you're not alone. This is a ghost port.
What connendp Does
Almanid IdentityProtector was enterprise software designed to back up and restore directory services—the systems that stored user accounts, permissions, and organizational structure in corporate networks. In the late 1990s and early 2000s, Novell's directory services were a major player in enterprise IT.
The Connection Endpoint protocol on port 693 handled communication between the backup client and the IdentityProtector service. It managed the transfer of directory data, coordinated backup operations, and facilitated recovery when things went wrong.3
The Well-Known Port Range
Port 693 sits in the well-known port range (0-1023), which is reserved for services assigned by the Internet Assigned Numbers Authority (IANA). Getting a port in this range meant your protocol was important enough to warrant official recognition and permanent assignment.
connendp earned that assignment. It was registered. It was legitimate. It mattered.
And then the world moved on.
What Happened
Novell lost the directory services war to Microsoft Active Directory. The enterprise IT landscape shifted. Companies migrated away. Almanid's IdentityProtector, which depended on Novell's ecosystem, became less relevant with each passing year.
The protocol didn't disappear overnight—legacy systems kept running, maintained by IT departments who couldn't justify the migration cost. But eventually, those systems were decommissioned, replaced, or simply turned off when the last person who knew how to maintain them retired.
Port 693 remains officially assigned to connendp. The IANA registry still lists it. But actual traffic on this port has become vanishingly rare.1
Security Considerations
Some security databases flag port 693 as associated with potential threats.4 This doesn't mean the protocol itself was malicious—it means that, like many enterprise ports, it could be exploited if left exposed and unpatched on legacy systems that nobody's actively maintaining anymore.
If you find port 693 listening on a modern network, it's worth investigating. Either someone is still running ancient Novell infrastructure (unlikely), or something else has claimed the port (more concerning).
How to Check What's Listening
On Linux or macOS:
On Windows:
If you find something listening on 693 and it's not a deliberately maintained legacy system, dig deeper.
Why Ghost Ports Matter
Port 693 represents something genuinely poignant about the Internet: services get assigned ports, companies build products, enterprises depend on them, and then the world moves on.
The port remains assigned. The protocol is still technically valid. But the traffic has stopped flowing.
These ghost ports are historical markers—evidence that the Internet remembers, even when we've forgotten. They're tombstones for protocols that once mattered enough to earn permanent numbers, now carrying almost nothing but the occasional security scanner's probe.
Frequently Asked Questions About Port 693
A fost utilă această pagină?