TCP Port Service Multiplexer

From Wikipedia, the free encyclopedia
Jump to: navigation, search

The TCP Port Service Multiplexer (TCPMUX) is a little-used Internet protocol defined in RFC 1078. The specification describes a multiplexing service that may be accessed with a network protocol to contact any one of a number of available TCP services of a host on a single, well-known port number.[1]

Description[edit]

A host may connect to a server that supports the TCPMUX protocol on TCP port 1. The host then sends a name of the service required, followed by the carriage return and line feed characters (CRLF). The server replies with a "+" or "-" character and an optional message, followed by CRLF. In case of a positive reply ("+"), the protocol or service requested is started, otherwise the connection is closed.

This service also features a reserved name, "HELP". If the remote server receives this message it will output a multi-line message listing the names of all supported services, one service name per line.

Security risks[edit]

Enabling TCPMUX on a server allows an attacker to easily find out the services running on the host, either by using the "HELP" command or by requesting a large number of services. This has the same effect as port scanning the host for available services iteratively. Because TCPMUX allows someone to use any service only by accessing port number 1, the protocol makes it difficult to apply traditional port-based firewall rules that block access from certain or all hosts to specific services.

See also[edit]

References[edit]

  1. ^ RFC 1078, TCP Port Service Multiplexer (TCPMUX), M Lottor (November 1988)

External links[edit]