Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
ab;2483455 wrote:
Is there a reason you have that socket open at all? Leaving it enabled
but blocked by the host-based firewall (which should block it by default,
unless you have disabled it for some odd reason) should prevent any
outsider from even seeing it see it as an option. You can still use it
yourself by either opening certain boxes to it, or tunneling in over SSH,
or accessing it from the box itself, but that's all assuming you even need
it at all.
Was this ever resolved? This has been a real pain for me on my vulnerability reports. I tried just disabling imon and httpstack but then the 2 servers in replica stop communicating - was a huge nightmare. Is there an easy way to just disable iMon ports 8028 and 8030 without breaking your eDirectory replication?
How did you disable stuff? I've just disabled httpstk, hconserv, imon and embox on an OES2018SP3 box running 40208.00, bounced the daemon and it still communicates just fine. To force TLS 1.2 check out this one