summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnonymous <anon@anon.com>2023-01-06 00:49:24 +0100
committerAnonymous <anon@anon.com>2023-01-06 00:49:24 +0100
commitda9bda6b3f64a07255a7a77c24046c6a0ae9cdea (patch)
tree7a213bddd0907c4127e4b5995d5bfa3769d309d4
parentf793a1d6d36545f270b898c3af59d7e28ce60062 (diff)
Updated add tcpmux service.md (markdown)
-rw-r--r--agenda/add tcpmux service.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/agenda/add tcpmux service.md b/agenda/add tcpmux service.md
index b729c29..1b47227 100644
--- a/agenda/add tcpmux service.md
+++ b/agenda/add tcpmux service.md
@@ -1,4 +1,4 @@
[rfc1078](https://www.rfc-editor.org/rfc/rfc1078.txt) is deprecated, but the protocol is too simple to not implement.
-The implementation should feature an application level firewall, that correspond to the rules added to iptables/nftables to mitigate [security risks](https://en.wikipedia.org/wiki/TCP_Port_Service_Multiplexer#Security_risks).
+The implementation should feature an application level firewall, that correspond to the rules added to iptables/nftables to mitigate [security risks](https://en.wikipedia.org/wiki/TCP_Port_Service_Multiplexer#Security_risks). If that's not possible (or additionally), allow access only from within the VPNs.
Bonus level: find as many clients that support tcpmux as possible \ No newline at end of file