Port 590: TNS CML — Oracle's forgotten connection manager

Port 590 is officially assigned to TNS CML (Transparent Network Substrate Connection Manager Listener), a component of Oracle's database networking infrastructure. Despite its official status in the IANA registry, this port represents a piece of Oracle's networking history that's been largely superseded by later implementations.

What TNS CML Is

TNS (Transparent Network Substrate) is Oracle's proprietary networking protocol that enables communication between Oracle clients and databases.¹ It provides an abstraction layer that allows applications to connect to Oracle databases without worrying about underlying network topology, hardware, or operating systems.²

The "CML" portion stands for Connection Manager Listener—a component that received and routed database connection requests in Oracle's networking stack.³

The Reality of Port 590

Here's what makes port 590 unusual: it's officially assigned, but practically obsolete.

Oracle Connection Manager evolved significantly over the years, and modern implementations use different ports entirely. The default port for Oracle Connection Manager became 1521, with administrative ports like 1630 and 1830 for different functions.⁴ Port 590 appears to have been used in very early versions of Oracle's connection management architecture, but it was superseded as the technology matured.

If you scan a network today, you'll almost never find anything listening on port 590. The assignment exists as a historical record more than active infrastructure.

Security Considerations

Port 590 has been flagged in some security databases as having been used by malware in the past.⁵ This doesn't mean the port itself is dangerous—it means that because the port is rarely used for its intended purpose, malware authors have occasionally repurposed it for command-and-control communications.

The practical implication: if you find something listening on port 590, it's worth investigating. It's unlikely to be a legitimate Oracle Connection Manager (which would be on port 1521 or others), so it could be either:

• A very old Oracle installation that hasn't been updated in decades
• Malware or unauthorized software using an obscure port
• A completely unrelated service that someone configured to use this port

How to Check What's on Port 590

On Linux or macOS:

sudo lsof -i :590
# or
sudo netstat -tulpn | grep :590

On Windows:

netstat -ano | findstr :590

If something is listening, investigate what process owns it. Legitimate Oracle software today shouldn't be using this port.

Why Obsolete Ports Matter

Port 590 represents something important about how the Internet evolves. The IANA registry is permanent—once a port is assigned, it stays assigned. But technology moves on. Protocols change. Better implementations emerge.

The registry accumulates history. Some ports carry massive amounts of traffic (like 443 for HTTPS). Others, like 590, become archaeological sites—evidence of how things used to work, preserved in the registry even as the actual usage fades to zero.

This is how we make room for the new while preserving the old. Port 590 will always belong to TNS CML. But what actually runs on it today is probably nothing at all.

Related Ports

• Port 1521 — Oracle TNS Listener (the modern, actively used port)
• Port 1630 — Oracle Connection Manager (default listening port)
• Port 1830 — Oracle Connection Manager administrative port
• Port 66 — Oracle SQL*Net (another legacy Oracle networking port)