Port 1707 sits in the registered port range (1024–49151). These ports are assigned by IANA to specific services and applications — not reserved like the well-known ports below 1024, but not ephemeral either. When software claims a registered port, it's supposed to mean something.
Port 1707 is assigned to something called vdmplay.
That's where the trail goes cold. No RFC. No protocol specification. No vendor documentation. No Stack Overflow questions. The name "vdmplay" appears in port databases across the web, all copying from the same IANA entry, none of them able to explain what it actually is or was. It may have been a game-related service. It may have been abandoned before it was ever documented. The honest answer: nobody knows.
The One Notable Moment
Port 1707 did briefly matter — for the wrong reasons.
SalesLogix, a CRM application popular in the early 2000s, listened on port 1707. Version 6.1 had a striking problem: it would answer a GetConnection request with the database password, and it never checked whether the person asking was authenticated.1
Send the right request to port 1707. Receive the database credentials. No login required.
CVE-2004-1611 documented this. The vulnerability allowed remote attackers to either execute arbitrary commands on the server or simply collect the database password as a party favor. SalesLogix has since been acquired by Sage, and this version is long retired. But the port still carries this footnote.
What Range This Port Belongs To
| Range | Name | Meaning |
|---|---|---|
| 0–1023 | Well-known ports | Assigned to core Internet services (HTTP, DNS, SSH) |
| 1024–49151 | Registered ports | Assigned to specific applications by IANA |
| 49152–65535 | Dynamic/ephemeral ports | Used temporarily by clients for outgoing connections |
Registered ports like 1707 require an application developer to submit a request to IANA. The assignment is a form of coordination — it prevents two unrelated services from colliding on the same port. When a port sits assigned but undocumented, it suggests the service either never launched, shut down quietly, or simply never needed the public Internet to know what it was doing.
What Might Be Listening Here Today
On a modern system, port 1707 is almost certainly unused unless you've installed something that specifically chose it. Any activity here is either:
- Leftover SalesLogix — unlikely on anything built in the last decade
- Malware — some trojans scan for and use obscure registered ports to avoid detection
- Custom application — a developer chose this port because it was free
How to Check What's Listening on Port 1707
On Linux or macOS:
On Windows:
If something appears, the process ID will tell you what's actually using it. Cross-reference with Task Manager or ps aux to identify the application.
Why Unassigned-in-Practice Ports Matter
The registered port range has over 48,000 slots. Many are assigned but dormant — services that launched, failed, or were acquired and discontinued. These ports aren't dangerous in themselves, but they're useful to understand: if something is listening on a port with no documented purpose, that's worth investigating. The port registry is a map. A blank spot on the map isn't a problem — it's a signal to look closer.
- SpeedGuide: Port 1707
- GRC Port Authority: Port 1707
- IANA Service Name and Transport Protocol Port Number Registry
此頁面對您有幫助嗎?