TCP Port Service Multiplexer

From Wikipedia, the free encyclopedia
Jump to: navigation, search

The TCP Port Service Multiplexer (TCPMUX) is a little-used Internet protocol defined in RFC 1078. The specification describes a multiplexing service that may be accessed with a network protocol to contact any one of a number of available TCP services of a host on a single, well-known port number.[1]

Security risks[edit]

Enabling TCPMUX on a server allows an attacker to easily find out the services running on the host, either by using the "HELP" command or by requesting a large number of services. This has the same effect as port scanning the host for available services iteratively. Because TCPMUX allows someone to use any service only by accessing port number 1, the protocol makes it difficult to apply traditional port-based firewall rules that block access from certain or all hosts to specific services.

These issue are mitigated, to a large extent, if TCPMUX is used on a secure local network; and the "HELP" command might also (could also) return an empty list, making it harder for attackers to use use it as a port scanning tool even if the network is not secured.

See also[edit]

References[edit]

  1. ^ RFC 1078, TCP Port Service Multiplexer (TCPMUX), M Lottor (November 1988)

External links[edit]