Port 107: rtelnet — The Remote Telnet Service

What Port 107 Does

Port 107 is assigned to the Remote User Telnet Service, known as rtelnet. When you connect to port 107 on a machine that supports it, you get a Telnet session, but not to the machine's operating system. Instead, you get a Telnet client running on that machine, pointed back at you or at another host. The machine becomes a relay, a window, a way to verify that the network path between two points is alive.

The protocol uses standard Telnet on the connection between the originating user and the server. Both TCP and UDP are registered for port 107, though TCP is the practical transport.¹

How It Works

The technical insight behind rtelnet is elegant in its simplicity. Take a small device with no operating system shell. It has no command prompt, no login screen, nothing to greet you when you connect. Normally, this means you cannot interact with it remotely at all.

rtelnet solves this by placing a User Telnet process back to back with a Server Telnet process. When an operator connects to port 107, they reach the Server Telnet. That server is wired directly into a User Telnet client running on the same device. The operator appears to be a local terminal on the remote machine.¹

The glue between these two processes is a Pseudo Teletype (PTY) device driver, a software construct that acts like a terminal but actually shuttles character streams between processes. No new protocol was invented. No new specification was needed beyond Telnet itself. Just two existing programs, facing each other like mirrors, with a PTY in between.

The Story Behind Port 107

In November 1982, Jon Postel published RFC 818, formalizing the Remote User Telnet Service.¹ The idea came from Mike Mulligan at BBN (Bolt, Beranek and Newman), the Cambridge, Massachusetts research firm that had built the original ARPANET routers.²

BBN had a problem. They were running TC68K terminal concentrators, custom devices built around the Motorola MC68000 microprocessor, that connected terminals to FiberNet, BBN's internal fiber optic local area network.¹ These concentrators were scattered across multiple buildings. Each one had a single network connection, sixteen RS-232 terminal ports, and a programmable timer. They ran a micro operating system called MOS with IP, ICMP, TCP, and Telnet stacked on top.

The TC68Ks worked well, but testing them was a headache. When a concentrator in another building stopped responding, someone had to physically walk to it. There was no shell to log into, no diagnostic prompt. These devices existed to serve terminals, not to be terminals themselves.

Mulligan's solution: configure the TC68K software to run a User Telnet client back to back with a Server Telnet, and listen on a dedicated port. An operator could connect from one concentrator to a remote one and appear as though they were a local terminal. They could verify the network path was operational, check system statistics, and diagnose problems, all without leaving their chair.¹

Postel saw the general utility of this pattern and assigned it port 107.

Jon Postel and the Numbering of Everything

Jon Postel was the person who kept the Internet's numbers.³ Starting in 1969, he maintained lists of protocol parameters on scraps of notebook paper. This quiet practice grew into IANA, the Internet Assigned Numbers Authority, which Postel ran single-handedly for nearly three decades. He authored or co-authored over 200 RFCs, edited more than 2,400, and established the standards for TCP/IP, SMTP, and DNS.³

When Postel assigned port 107 to rtelnet, he was doing what he always did: taking a practical solution that someone had built for a specific problem and giving it a permanent address in the architecture of the Internet. The Economist called him the "God" of the Internet.⁴ He died in 1998, two weeks after ICANN was created to take over the work he had been doing alone.³

Security Considerations

rtelnet carries the same security problems as standard Telnet: everything travels in plaintext. Credentials, commands, keystrokes, all readable by anyone who can observe the network traffic.

The protocol was designed for a trusted internal network at BBN in 1982. It was never intended for use across the open Internet. In practice, port 107 sees almost no legitimate traffic today. If you see connections to or from port 107, investigate. It may indicate scanning activity or misconfiguration.

Modern equivalents of rtelnet's functionality (remote device testing and management) are handled by SSH, SNMP, or proprietary management protocols, all with encryption.

Checking What Listens on Port 107

To see if anything is listening on port 107 on your system:

# Linux
sudo ss -tlnp | grep :107

# macOS
sudo lsof -iTCP:107 -sTCP:LISTEN

# Windows
netstat -an | findstr :107

On most modern systems, nothing will be listening. If something is, you should find out what and why.

Related Ports

The Weight of Port 107

Port 107 is a fossil of a specific moment in networking history: when the Internet's infrastructure was being built out of small, purpose-built devices scattered across buildings, and the people maintaining them needed a way to reach those devices without walking to them.

The solution was not to build something new. It was to take what already existed, Telnet, and point it at itself. A protocol talking to its own reflection. That is the kind of engineering that Postel loved to formalize: practical, minimal, and born from a real problem in a real building.

Almost no one uses port 107 anymore. But the pattern it established, giving small devices a way to be managed remotely over standard protocols, is the foundation of every network management system that followed.