Port 2805: WTA WSP-S — A Relic of the WAP Era

What Port 2805 Is

Port 2805 is registered with IANA under the service name wta-wsp-s: Wireless Telephony Application, Wireless Session Protocol, Secure.

It operates on both TCP and UDP.

If you've never heard of it, you're not missing much. WTA WSP-S is a product of the WAP era — a brief, strange window in the late 1990s and early 2000s when the mobile industry tried to build its own version of the Internet before the real Internet arrived on mobile devices.

The WAP Stack, Briefly

WAP (Wireless Application Protocol) was a framework designed to deliver Internet-like services to feature phones with tiny screens, slow connections, and limited processing power. Rather than use the existing web stack (HTTP, HTML, TCP/IP), WAP created its own parallel stack:

• WML instead of HTML (Wireless Markup Language)
• WSP instead of HTTP (Wireless Session Protocol)
• WTP instead of TCP (Wireless Transaction Protocol)
• WTLS instead of TLS (Wireless Transport Layer Security)

Within this stack, WTA (Wireless Telephony Application) was a framework for building phone-specific services — things like click-to-call from a WAP page, voicemail integration, and call control. WSP-S was the secure version of the session layer it ran over.

Port 2805 was assigned for secure WTA sessions. Port 2804 got the non-secure variant.¹

Why It's Obsolete

WAP had a fundamental problem: it tried to solve the mobile web problem by replacing the web rather than adapting it. The WAP gateway architecture required carriers to act as intermediaries between mobile devices and Internet content, which introduced latency, broke end-to-end encryption, and gave carriers control over what users could access.

When Apple released the iPhone in 2007 with a full-fledged web browser capable of rendering real HTML, the entire WAP stack became irrelevant almost immediately. Smartphones simply connected to the actual Internet over HTTP and HTTPS on standard ports. WTA was never widely deployed even in WAP's brief heyday.

Port 2805 is registered but essentially unused. You will not encounter WTA WSP-S traffic on modern networks.

Checking What's Using Port 2805

If you see traffic on port 2805, it almost certainly isn't WTA. To check what's listening:

On macOS or Linux:

lsof -i :2805

On Windows:

netstat -ano | findstr :2805

On Linux with ss:

ss -tlnp | grep 2805

If something is listening on port 2805, it's either a development service someone ran on an arbitrary port, custom application traffic, or something worth investigating further.

The Registered Port Range

Port 2805 sits in the registered ports range (1024–49151). This range is managed by IANA, and services must apply to have a port number assigned. Registration doesn't mean active use — it means an organization at some point submitted a request and received an allocation.

The registered range is less tightly controlled than the well-known ports (0–1023), which require root/administrator privileges to bind on most operating systems. Anyone can bind a process to port 2805 without special permissions, which makes these port numbers useful for application servers, development environments, and custom protocols.