Port 3058: Videobeans — A Name in a Registry

What This Port Is

Port 3058 sits in the registered port range (1024-49151). These ports are assigned by IANA — the Internet Assigned Numbers Authority — to specific services upon request. Unlike the well-known ports below 1024, registered ports don't require elevated privileges to use, and IANA's assignment is a reservation, not a guarantee that anyone built anything.

According to the IANA registry, port 3058 is assigned to a service called videobeans, registered by Hiroyuki Takahashi, for both TCP and UDP. ¹

That's where the trail ends.

The Ghost Service

Videobeans has no documentation. No product page. No GitHub repository. No archived website. No forum posts from people troubleshooting it. Whatever it was — a video streaming tool, a media sharing platform, a personal project — it left no footprint.

This is not unusual. The registered port range contains thousands of assignments made by developers who intended to build something, built something that never gained traction, or built something that worked internally and was never publicly documented. IANA doesn't reclaim ports when services disappear. The name stays in the registry indefinitely.

So port 3058 is officially spoken for, and practically empty.

Observed Activity

In 2009, a security researcher noticed VoIP attack traffic originating from port 3058 — multiple IP addresses, identical behavior, consistent source port. The speculation was compromised machines running the same vulnerable software. ² Whether that software had any connection to "videobeans" is unknown. Attackers routinely use arbitrary source ports, and a quiet registered port is a convenient place to hide traffic.

If you're seeing activity on port 3058 on your network, it's worth investigating. It's not carrying any legitimate well-known service.

What's Actually Listening on This Port

If you want to check what's using port 3058 on your machine:

macOS / Linux:

sudo lsof -i :3058
sudo ss -tlnp sport = :3058

Windows:

netstat -ano | findstr :3058

The process ID in the output maps to whatever is actually using the port. If nothing is listed, nothing is listening.

Why Unassigned-in-Practice Ports Matter

The registered port range was designed with good intentions: let developers claim ports so services don't collide. In practice, it created a sprawling registry full of dead assignments. There are roughly 48,000 registered ports. A fraction of them carry active, documented services.

The rest are like port 3058: officially registered, practically unclaimed, occasionally exploited by traffic that needs a port that looks legitimate but won't raise immediate flags.

This is part of why security tools don't just check whether a port is assigned — they check whether the traffic on that port matches what's expected for that assignment. A claimed name in a registry doesn't make a port safe or meaningful.