Port 1744: NCPM-FT — A Name Without a Face

What Port 1744 Is

Port 1744 lives in the registered port range (1024–49151). These ports are assigned by IANA — the Internet Assigned Numbers Authority — to specific services upon application. Unlike the well-known ports below 1024, which require root privileges to open on Unix systems and carry protocols everyone knows (HTTP, SSH, DNS), registered ports are the middle tier: officially claimed, but less universally recognized.

IANA lists port 1744 as belonging to NCPM-FT on both TCP and UDP. That's the entirety of the official record. What NCPM-FT stands for, what software uses it, or who originally registered it — that documentation has either never existed publicly or has been lost. The name appears in port databases like a name tag on an empty chair.

Who Actually Uses It

The most documented real-world use of port 1744 is Unitrends, an enterprise backup and disaster recovery platform. Unitrends uses a two-port system for communication between its appliance and the agents running on protected machines:

• Port 1743 — Command and control: instructions, job coordination, agent communication
• Port 1744 — Data transfer: the actual backup payload moving from protected asset to appliance

This pairing is common in backup software architecture. You separate the signaling channel from the data channel so that a slow or large backup transfer doesn't interfere with control messages. Port 1744 is the pipe; port 1743 is the dispatcher telling it what to carry.¹

If port 1744 is in use, Unitrends can fall back to dynamically assigned high ports (1745–1749 on Windows, 1745–1844 on Linux/Unix). Whether it uses 1744 or falls back depends on firewall configuration and the appliance's port security settings.

How to Check What's Using It

If port 1744 is open on a system you manage, these commands will tell you what's behind it:

On Linux/macOS:

# Show process listening on port 1744
ss -tlnp sport = :1744

# Alternative with lsof
lsof -i :1744

On Windows:

# Show listening port with process ID
netstat -ano | findstr :1744

# Resolve the PID to a process name
Get-Process -Id <PID>

If you see Unitrends agent processes, that's expected. If you see something you don't recognize, dig further — unrecognized open ports deserve scrutiny.

Why Unassigned Ports Matter

The registered port range contains thousands of ports like 1744: officially claimed by IANA, practically obscure. They matter for a few reasons:

Firewall configuration. When administrators lock down systems, they need to know which ports legitimate software uses. A backup agent silently opening port 1744 looks suspicious if nobody documented it. Understanding that Unitrends needs 1743 and 1744 open prevents backup jobs from failing mysteriously.

Security scanning. Port scanners flag unexpected open ports. A port with a vague or unknown name like NCPM-FT generates noise in security audits. Knowing the actual context — backup software, not malware — resolves the alert.

The ghost registration problem. Many registered ports were claimed decades ago by software that no longer exists, by companies that have since dissolved, or for protocols that were never publicly documented. NCPM-FT may be one of these. The port number is taken; the tenant is gone. This happens throughout the registered range and is a quiet artifact of the Internet's history.