Fibre Channel (SAN)

Can open ports identified from a security scan not documented in the FOS Administrator Guide be blocked?

by Community Manager ‎08-31-2017 11:15 AM - edited ‎08-31-2017 02:52 PM (386 Views)

When a security scan is run against a FOS switch there may be some open ports identified which are not listed in the FOS Administration Guide.

 

The following describes what some open ports are used for and if they can be blocked or not:

Port(s)

Description

Purpose

Should be Blocked?

2049

RPC-service/udp+tcp (nfs)

Linux Kernel

Yes

27244

Unassigned/tcp

Used by ipadm in HA platform

No

27245

Unassigned/tcp

Used by ipadm in HA platform

No

32768 to 61000

rpc-nlockmgr /tcp

Basically any port in the range of ephemeral ports could be used (32768 to 61000) for sending traps to snmp manager

No

512

512/udp

used by fabric watch for mail alerts

No

513

rlogin 513/tcp

Linux kernel

Yes

514

shell 514/tcp

Linux kernel

Yes

6788

smc-http /tcp

Used by Cluster Node Manager in FOS

No

837

rpc-mountd/tcp

Linux kernel

Yes

840

rpc-mountd /tcp

Linux kernel

Yes

 

Source - Brocade Knowledge Article # 000001140 - MyBrocade login is required to view the following link:

https://brocadecommunity.force.com/customers/apex/Svc_KB_ArticleDetail?kaId=kA070000000LDK9CAO

 

Thank you to @Antonio Bongiorno TechHelp24 for helping me sort out the link issues in my earlier post.

 

NOTE: The IPFILTER command can be used to block the ports which need to be blocked. Additional information can be found via the following link:

http://www.brocade.com/content/html/en/administration-guide/fos-740-extensionguide/GUID-C93515B6-C43A-4652-937E-44DAD2225EAC.html

Contributors