Port 2358: Unassigned — A Ghost in the Registry

Port 2358 belongs to the registered ports range (1024–49151). IANA keeps the registry for this range — the official record of which services have claimed which numbers — and port 2358 has no entry.¹ No protocol. No RFC. No assigned owner.

What "Registered Range" Means

The registered range sits between the well-known ports (0–1023, where HTTP, SSH, and DNS live) and the ephemeral ports (49152–65535, used temporarily by your OS for outgoing connections). Anyone can submit an application to IANA to claim a port in this range. Most numbers in the registered range have legitimate owners. Port 2358 simply never acquired one.

The "Futrix" Attribution

Several secondary port databases list port 2358 as belonging to a service called "Futrix."² It's worth saying plainly: this attribution is unverified and likely a ghost.

There is a contemporary software company called Futrix — it builds property management tools.³ It has no documented relationship to port 2358 or any network protocol. The name appears to have propagated through port listing sites copying each other, a common phenomenon where one catalog invents or guesses a name and others reproduce it without verification.

No RFC defines a "Futrix" protocol. No open-source project or vendor documentation describes using port 2358 for a service by that name.

How to Check What's Actually on This Port

If you see traffic on port 2358 in your environment, the port database won't tell you what it is. Your system will.

On Linux or macOS:

# Show what process is listening on port 2358
sudo lsof -i :2358

# Or with ss (Linux)
sudo ss -tlnp | grep 2358

On Windows:

# Show listening processes
netstat -ano | findstr :2358
# Then look up the PID
tasklist | findstr <PID>

Whatever is listening will identify itself. That's more reliable than any port database.

Why Unassigned Ports Matter

The port numbering system works because most software announces what it needs. HTTP says "I'll be at 80." SSH says "find me at 22." This coordination lets firewalls, routers, and administrators make sense of traffic without inspecting every packet.

Unassigned ports are the gaps in that coordination. They're not dangerous by nature — plenty of legitimate internal applications use unassigned numbers simply because no standard port fits their need. But they're also the ports that malware prefers, precisely because there's no expected baseline to compare against. Traffic on port 443 looks normal. Traffic on port 2358 raises a question.

The question itself is the point. Knowing a port is unassigned means knowing that anything you find there requires explanation.