Updated add tcpmux service.md (markdown)

author: Anonymous <anon@anon.com> 2023-01-06 00:49:24 +0100
committer: Anonymous <anon@anon.com> 2023-01-06 00:49:24 +0100
commit: da9bda6b3f64a07255a7a77c24046c6a0ae9cdea (patch)
tree: 7a213bddd0907c4127e4b5995d5bfa3769d309d4 /agenda
parent: f793a1d6d36545f270b898c3af59d7e28ce60062 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/agenda/add tcpmux service.md b/agenda/add tcpmux service.md
index b729c29..1b47227 100644
--- a/agenda/add tcpmux service.md
+++ b/agenda/add tcpmux service.md
@@ -1,4 +1,4 @@
 [rfc1078](https://www.rfc-editor.org/rfc/rfc1078.txt) is deprecated, but the protocol is too simple to not implement.
-The implementation should feature an application level firewall, that correspond to the rules added to iptables/nftables to mitigate [security risks](https://en.wikipedia.org/wiki/TCP_Port_Service_Multiplexer#Security_risks).
+The implementation should feature an application level firewall, that correspond to the rules added to iptables/nftables to mitigate [security risks](https://en.wikipedia.org/wiki/TCP_Port_Service_Multiplexer#Security_risks). If that's not possible (or additionally), allow access only from within the VPNs.
 
 Bonus level: find as many clients that support tcpmux as possible
 \ No newline at end of file
author	Anonymous <anon@anon.com>	2023-01-06 00:49:24 +0100
committer	Anonymous <anon@anon.com>	2023-01-06 00:49:24 +0100
commit	da9bda6b3f64a07255a7a77c24046c6a0ae9cdea (patch)
tree	7a213bddd0907c4127e4b5995d5bfa3769d309d4 /agenda
parent	f793a1d6d36545f270b898c3af59d7e28ce60062 (diff)