What Port 1864 Is
Port 1864 sits in the registered ports range (1024–49151). These ports are not claimed by the operating system itself — that's the well-known range below 1024 — but they are formally registered with IANA for specific applications.
Port 1864's official assignment is Paradym 31 Port, for both TCP and UDP.
The Registered Service: Paradym 31
Paradym 31 is industrial control software for the Advantech ADAM-5510/P31, a programmable logic controller used in factory automation and remote I/O applications.1 This is machinery on a shop floor somewhere, not a web service. The software uses port 1864 for communication between the controller and programming workstations.
This explains something you'll notice if you search port databases: most list 1864 as "unknown" or leave it blank. The registration exists, but Paradym 31 is obscure enough that even comprehensive port reference sites often miss it. The IANA registry has a door marked for factory floors, and almost nobody knows it's there.2
What You're Likely to Find on Port 1864
Almost certainly not Paradym 31.
If you find port 1864 open on a general-purpose server or home network, it's almost certainly something else: a custom application that picked an available port, a misconfigured service, or in some documented cases, malware that chose this quiet corner of the port space because nobody is watching it.3
The SANS Internet Storm Center shows occasional scanning activity against this port — automated probes checking whether anything answers. That's normal background noise across the entire port range, not a specific campaign targeting Paradym 31.4
How to Check What's Using Port 1864
On Linux/macOS:
On Windows:
The process ID in the output tells you exactly what's listening. On Linux, cross-reference with ps aux | grep <PID>. On Windows, check Task Manager or use tasklist /FI "PID eq <PID>".
Why Unassigned-in-Practice Ports Matter
The registered port range has over 48,000 slots. IANA assigns them to specific services upon request, but registration doesn't guarantee adoption — plenty of registered services are defunct, vendor-specific, or so narrow that they never saw widespread deployment.
This creates a large grey zone: ports that are technically claimed but effectively available. Applications, malware, and network tools all take advantage of this. A port that nobody is actively monitoring is a port that blends in.
Port 1864 is a small example of this: officially registered, practically invisible, and open for whatever happens to show up.
หน้านี้มีประโยชน์หรือไม่?