2010-12-19 12:36 AM
IHAC that had a thorough review by security exprts.
one of their findings was list of ports being listened with "*" source IP.
the ports are over TCP & UDP, and are dynamic - changing with every service restart
the process listening is "dfmmonitor" & "dfmeventd"
these ports are not documented.
I would like to know if possible to configure application not to listen to these ports or at least open them on localhost only.
Thank you in Advance,
2012-06-08 07:20 AM
I am currently having the same problem at my customer with regard to use of dynamic UDP ports. We can't even identify which services are using the ports. In your case were "dfmmonitor" & "dfmeventd" listening on dynamic ports on the filer? Did you ever find an answer to how to secure the system from opening these dynamic ports?
Thank you in advance for any insight. We are running up against some regulation issues and need solve this security problem.
2012-06-12 11:31 PM
Looks like there is no way in the current product to make them listen in fixed ports. For a detailed list of port used by DFM pls take at look at the below FAQ link.
2012-06-13 06:05 AM
Thanks for the response. I don't see any info on dynamic ports in use in the FAQ. Can you tell me if DFM requires any dynamic ports to be open on the FAS system itself?