Internet-Security.com TCP port 5061 details

TCP port 5061 is the default port for SIP over TLS (often called SIPS), providing encrypted SIP signaling.
Enterprise VoIP platforms such as Cisco Unified Communications Manager/CUBE, Microsoft Skype for Business/Lync, and Microsoft Teams Direct Routing (SBCs to sip.pstnhub.microsoft.com) use TCP 5061 for secure SIP.
Open-source PBXs like Asterisk and FreeSWITCH commonly listen on 5061 when TLS is enabled.
Session border controllers including AudioCodes Mediant and Oracle/Acme Packet (Acme/Oracle SBC) handle secure SIP trunks on 5061.
SIP proxies and PBXs such as Kamailio, OpenSIPS, 3CX, and Avaya Aura/Session Manager use 5061 for TLS-secured SIP between phones, trunks, and servers.
SIP trunk providers like Twilio Elastic SIP Trunking and Bandwidth accept SIP over TLS on 5061.
Many IP phones (e.g., Cisco, Poly/Polycom, Yealink) register via 5061 when configured for TLS.
Security: 5061 is frequently scanned and targeted for VoIP toll fraud and SIP credential brute forcing, though TLS reduces interception risk.

TCP 5061