TCP Port Service Multiplexer

The TCP Port Service Multiplexer (TCPMUX) is a little-used Internet protocol defined in RFC 1078. The specification describes a multiplexing service that may be accessed with a network protocol to contact any one of a number of available TCP services of a host on a single, well-known port number.[1]

Security risks

Enabling TCPMUX on a server allows an attacker to easily find out the services running on the host, either by using the "HELP" command or by requesting a large number of services. This has the same effect as port scanning the host for available services iteratively. Because TCPMUX allows someone to use any service only by accessing port number 1, the protocol makes it difficult to apply traditional port-based firewall rules that block access from certain or all hosts to specific services.

These issue are mitigated, to a large extent, if TCPMUX is used on a secure local network; and the "HELP" command might also (could also) return an empty list, making it harder for attackers to use it as a port scanning tool even if the network is not secured.

See also

References

  1. RFC 1078, TCP Port Service Multiplexer (TCPMUX), M Lottor (November 1988)

External links


This article is issued from Wikipedia - version of the Tuesday, May 19, 2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.