Port 1340 is officially registered with IANA for NAAP (Network Access Authentication Protocol), a UDP-based protocol designed to solve one of wireless networking's fundamental paradoxes: how does a mobile device authenticate to a network it's not yet connected to?
What NAAP Does
NAAP is a client/server protocol that runs over UDP, enabling mobile terminals to authenticate with edge routers before gaining IP network access.1 It was designed specifically for public Wireless Local Area Networks (WLANs), where users need to prove who they are before receiving network connectivity.
The protocol is extensible and can work with any Extensible Authentication Protocol (EAP) method capable of distributing a session key.2 It also includes authentication service discovery, so devices can find where to authenticate.
The Problem It Solved
In the early 2000s, wireless networks faced a bootstrapping problem. To get on the network, you needed to authenticate. But to authenticate, you needed to communicate—which requires network access. NAAP attempted to break this circular dependency by providing a lightweight UDP-based protocol that could run before full network access was granted.
History
NAAP was created by Henry Haverinen and published in 2002.2 The protocol came with a sophisticated test bed that could simulate dropped, delayed, duplicated, and modified packets—helping developers find edge cases that would be nearly impossible to catch in normal testing.
It was technically sound. Extensible. Addressed a real need.
And then 802.1X became the standard everyone actually deployed.
Why You've Never Heard of It
NAAP represents something common in networking: a good idea that lost to a better-marketed one. While NAAP focused specifically on wireless authentication, 802.1X provided port-based network access control that worked for both wired and ethernet networks. The broader applicability won.
Today, port 1340 sits quietly in the IANA registry, officially assigned but rarely seen in the wild. It's a reminder that in protocol wars, technical merit is necessary but not sufficient. Adoption matters more than elegance.
Security Considerations
If you see port 1340 active on your network, it's worth investigating. Given NAAP's limited deployment, any traffic on this port could be:
- Legacy equipment from the early 2000s still running the protocol
- Custom software repurposing the port for unrelated services
- Potential malicious activity using an obscure port that's less likely to be monitored
Checking What's Listening
To see if anything is listening on port 1340:
Linux/Mac:
Windows:
Why Unassigned Ports Matter
Port 1340 technically isn't unassigned—it has NAAP. But practically, it might as well be. These registered-but-unused ports serve a purpose in the ecosystem: they prevent fragmentation. When someone reserves a port for NAAP, it means no one else officially claims it for something incompatible. Even if NAAP never achieved widespread deployment, the reservation prevents future confusion.
The port number space is finite. Registered ports (1024-49151) are where organizations can request official assignments from IANA for their protocols. Some, like HTTP (80) and HTTPS (443), become essential Internet infrastructure. Others, like NAAP, become historical footnotes.
Both matter. The successful ones carry the Internet's traffic. The forgotten ones carry its history.
Related Ports
- Port 1812 - RADIUS authentication (what most networks actually use)
- Port 1813 - RADIUS accounting
- Port 1645 - RADIUS authentication (older assignment)
Esta página foi útil?