Hazelcast ports open on external interface on Enforce.


Article ID: 169555


Updated On:


Data Loss Prevention Enforce


Port scanner found ports 5701, 5702, 5703 are open to external interface despite only being needed on localhost


Open hazelcast-config.xml in %DLP_Home%/Protect/config and locate the section starting with "<properties>"
Add the following line to the bottom of the properties list:
<property name="hazelcast.socket.bind.any">false</property>
Save the file and restart VontuManager

Confirm hazelcast now listens on localhost by doing a “netstat –lnpt | egrep “(5701|5702|5703)”(Linux) or "netstat -nao | findstr “5701 5702 5703”(windows). The output should be something like this (on ipv4 systems, ipv6 would show up as tcp6 in “Proto” and :::* in the “Foreign Address” columns):

[[email protected]]# netstat -lnpt | egrep "(5701|5702|5703)"
tcp        0      0*               LISTEN      20071/java
tcp        0      0*               LISTEN      20198/java
tcp        0      0*               LISTEN      19989/java
[[email protected]]#


Note, this will also be addressed in a future release of DLP.