TCP Port Service Multiplexer

The TCP Port Service Multiplexer (TCPMUX) is a little-used Internet protocol defined in RFC 1078. The specification describes a multiplexing service that may be accessed with a network protocol to contact any one of a number of available TCP services of a host on a single, well-known port number.^[1]

Security risks

Enabling TCPMUX on a server allows an attacker to easily find out the services running on the host, either by using the "HELP" command or by requesting a large number of services. This has the same effect as port scanning the host for available services iteratively. Because TCPMUX allows someone to use any service only by accessing port number 1, the protocol makes it difficult to apply traditional port-based firewall rules that block access from certain or all hosts to specific services.

These issue are mitigated, to a large extent, if TCPMUX is used on a secure local network; and the "HELP" command might also (could also) return an empty list, making it harder for attackers to use it as a port scanning tool even if the network is not secured.

See also

• List of TCP and UDP port numbers

References

External links

• TCPMUX – a mostly overlooked TCP service—Article that contains the source code of the original tcpmux daemon.