New Ranks & Badges For The Community!
Notice something different? The ranks and associated badges have gone "Star Fleet". See what they all mean HERE
Highlighted
Lieutenant Lieutenant
Lieutenant
288 views

Request Ports 28009 and 5001 To Listen on LocalHost Only

I would like to request that ports 28009 and 5001 listen on localhost by default as there are concerns on whether untrusted or malicious external communication can be established using these ports as they normally appear to be listening from 0.0.0.0:28009 & 0.0.0.0:5001 by default, versus 127.0.0.1:28009 & 127.0.0.1:5001 respectively. 

We were informed that SiteScope normally listens on these ports for very specific communication proprietary to SiteScope & MicroFocus, however it might be beneficial to open these ports only in cases where troubleshooting requires these ports to be opened to further reduce risk in cases where hardening is a mission critical step.

Part of our findings is also that SiteScope does not appear to need these ports open in order to carry out its primary functions and full-functionality is expected when these ports are specifically blocked on local firewall.

Thanks and respects.

 

Labels (1)
Tags (1)
2 Replies
Highlighted
Micro Focus Expert
Micro Focus Expert

Hello 

 

Those are apache required ports for SiteScope.

 

You'll need to change the ports before disabling those ports because if you disable the ports Sitescope will break.

 

Additional details for : 5001

https://community.microfocus.com/t5/Application-Perf-Mgmt-BAC-BSM/SiteScope-ports/td-p/434131

port: 

28005 --> Tomcat Shutdown

28009 --> Tomcat AJP connector

 

Regards,

 

Miguel Torres
Micro Focus SW Support

If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.

[Opinions expressed in my postings are mine alone, and do not reflect the opinions of my employer.No warranties express or implied for any solution/suggestion posted.]
0 Likes
Highlighted
Lieutenant Lieutenant
Lieutenant

Good day,

While I see the point that shutting or blocking the ports isn't ideal, I would like to reinforce that we need those ports to be tied to "localhost" (when SiS starts) so that even if the ports are up and listening, they are not reachable externally.

 

We had worked this situation out with 2 support staff and concluded that blocking the ports locally would not cause SiS to malfunction, but I am curious on your thoughts on how it would.

I'd appreciate your thoughts. 

Thanks and respects

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.