Port 2280 sits in the registered port range — the middle tier of the port numbering system, from 1024 to 49151. IANA (the Internet Assigned Numbers Authority) maintains this range as a reservation system. Organizations and vendors can formally register a port for a named service, creating an official mapping that the rest of the world can look up.
Port 2280 has no such registration. IANA lists it as unassigned.
That doesn't mean nothing is using it.
What Has Been Observed
Port 2280 is associated with a service called lnvpoller, with port 2281 paired alongside it for a companion service called lnvconsole. The "lnv" prefix points to Lenovo — these appear to be internal network services that run on Lenovo systems, likely related to device management or hardware monitoring.
The catch: Lenovo has never publicly documented these services. When a network engineer spotted traffic on ports 2280 and 2281 in a Microsoft community forum and asked what they were, the answer was a shrug — unrelated to Active Directory, probably Lenovo-specific, investigate accordingly.1
This is how a significant portion of the registered port range actually works. Companies use ports without registering them. The registry records the reservation; it doesn't take attendance.
The Port Range and What It Means
The registered range (1024–49151) sits between two others:
- Well-known ports (0–1023): Assigned to foundational protocols — HTTP, HTTPS, SSH, DNS. These require operating system privileges to open, which is part of the point.
- Registered ports (1024–49151): Intended for vendor and application use. No privilege required. Registration is voluntary.
- Dynamic/ephemeral ports (49152–65535): Assigned temporarily by the OS for outgoing connections. Your browser uses one of these when it connects to a server.
An unassigned port in the registered range is not a gap in the system — it's just a door that hasn't been labeled yet. Or one that's been quietly opened without asking.
How to Check What's Listening on Port 2280
If you see traffic on port 2280 and want to know what's responsible:
On Linux/macOS:
On Windows:
The process ID in the output will tell you which application opened the port. Cross-reference it with Task Manager or tasklist on Windows, or ps aux on Linux/macOS.
If you find lnvpoller or a Lenovo-related process, that's expected on Lenovo hardware. If you find something unfamiliar, investigate — unassigned ports occasionally attract the wrong kind of attention, and security databases have flagged port 2280 as having historical associations with malware.2
Presence of traffic on the port is not itself alarming. What matters is whether the process behind it belongs there.
Why Unassigned Ports Matter
The registered port range has 48,128 slots. Most of them are unassigned. This isn't a problem — it's a resource. Applications need somewhere to listen, and the registered range is where they stake their claim, formally or not.
Unassigned ports also serve a useful function in network forensics: unexpected traffic on them is easy to spot precisely because nothing is supposed to be there. A process quietly opening port 2280 on a system with no Lenovo hardware is a signal worth following.
The port registry is a map. Unassigned territories aren't empty — they're just unmapped.
Related Ports
- Port 2281 — lnvconsole, the companion Lenovo service
- Port 2279 — Unassigned, same neighborhood
- Port 1024 — The floor of the registered range; where application-space ports begin
Frequently Asked Questions
Nakatulong ba ang pahinang ito?