The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at

TCP-IP Ports and how they work


Internet Protocol (IP) is the method by which data is transferred across the internet. It does this by exchanging chunks of information called packets. A packet has two parts – a ‘header’ followed by a ‘body’. The header describes the packet's destination and the body contains the data IP is transmitting.


Transmission Control Protocol (TCP) provides a communication service between an application program and the Internet Protocol (IP). When an application program sends a large chunk of data across the internet using IP, instead of breaking the data into IP-sized packages with a series of IP requests, the software can issue a single request to TCP and let TCP handle the IP details.


Due to network congestion an occasional unpredictable behaviour, IP packets can be lost, duplicated, or delivered out of order. TCP can detect these problems, request retransmission of lost packets or rearrange out-of-order packets, and help minimise network congestion to reduce the occurrence of further problems. Once the TCP receiver has finally reassembled a perfect copy of the data originally transmitted, it passes that to the application program.


A port is a number used to uniquely identify a transaction over a network by specifying both the host, and the service. They are necessary to differentiate between many different IP services, such as web service (HTTP), mail service (SMTP), and file transfer (FTP).


When clients attempt to connect to your server they need your computer’s IP address, but they also need to indicate which service they want to communicate with, so that the data is sent to the appropriate application. The port number serves to uniquely identify that service on a particular host. The default port number for SMTP is 25, so packets of information relating to email are directed here.  Likewise the default for HTTP is 80, which is used to identify packets for transfer to the web server.

Port numbers are used in providing firewall security by stipulating the destination of information on a network. If your computer is within an intranet, and you wish to prevent anyone outside the network accessing the internet through your web server, you could set a firewall to prohibit any packet destined to port 80 (the port assigned to your web server) from passing through your routers. Alternatively a firewall could block all packets except those destined to port 25 – this would allow SMTP (mail) service for your intranet, but nothing else. Firewalls can also be configured to allow or refuse access based on the network number of the source computer.

Was this article helpful?