Internet-Security.com TCP port 514 details

TCP 514 is used by the legacy BSD Remote Shell service (rsh/rcmd, service name “shell”), provided by in.rshd/remshd on Unix systems such as Solaris, AIX, HP‑UX, and older Linux.
Many network/storage platforms expose rsh on 514/TCP for command execution, including Cisco IOS routers/switches (ip rcmd rsh) and NetApp ONTAP.
Several real-world syslog implementations accept plain syslog over TCP on port 514, notably rsyslog and syslog‑ng, as well as collectors like Graylog; network devices such as Cisco IOS, Juniper Junos, Palo Alto, and Fortinet can send syslog to 514/TCP when configured.
Older HPC/cluster tools have used rsh on 514/TCP for launching jobs (e.g., historical MPICH and PBS/Torque setups).
Security note: rsh on 514/TCP is commonly abused because it is unencrypted and relies on weak host-based trust (.rhosts/hosts.equiv), enabling spoofing and lateral movement; attackers have historically exploited rsh trust relationships (e.g., in the Morris Worm) and it remains a frequent pentest target.

TCP 514