What are the open ports on the Symantec Security Information Manager v4.6
search cancel

What are the open ports on the Symantec Security Information Manager v4.6

book

Article ID: 177321

calendar_today

Updated On:

Products

Security Information Manager

Issue/Introduction



Resolution

The main iptables firewall on the Symantec Security Information Manager v4.6 has been modified to deny everything by default and only accept connections for the following applications and ports.:


    ApplicationPort
    Ssh22
    https 443
    Syslog514
    Ldaps636
    Ibmdiradm3539
    Db2tcpcm3700
    Simserver10010
    eventservice10012
    Db2tcp50000
    Ethereal ports 10099-49999
    Collector ports10514-10650

    Ports that are listening on 127.0.0.1 i.e the loopback IP address do not need to be blocked on the firewall.

    The following is a list of all the known ports and their bound IP’s that are present on a SSIM appliance:
PortProtocolFirewall blockedProcess
127.0.0.1:80tcpyeshttp
50000tcpnoDb2tcpcm
3700tcpnoDb2tcpcm
127.0.0.1:10080tcpYesassetsvc
127.0.0.1:55557tcpyesassetsvc
127.0.0.1:10050TcpYesManager
127.0.0.1:8005TcpYesManager
127.0.0.1:8009Tcpyesmanager
10021TcpYessimserver
10010TcpNosimserver
127.0.0.1:55558TcpYesNotificationsvc
10022TcpYeseventservice
127.0.0.1:8015TcpYeseventservice
127.0.0.1:8019TcpYeseventservice
8090Tcpyeseventservice
10012tcpnoeventservice
127.0.0.1:55559TcpYesRulesvc
127.0.0.1:55560TcpYesDimserver
127.0.0.1:55561TcpYesSchedulersvc
127.0.0.1:55562TcpYesIcesvc
127.0.0.1:10030TcpYesSimdbmu
127.0.0.1:55566TcpYesKbsvc
5998TcpYesAgent
127.0.0.1:55567tcpyesTicketsvc
127.0.0.1:55568tcpyesEventfindersvc
127.0.0.1:55569tcpyesQuerysvc
127.0.0.1:55570tcpyesStatsvc
3539TcpNoibmdiradm
127.0.0.1:55571TcpYesConfigurationsvc
127.0.0.1:8086TcpYesAgent
22TcpNossh
443TcpNohttps
636TcpNoldaps
18777UdpYesSvclauncher
127.0.0.1:8025TcpYesWsrf
127.0.0.1:8029tcpyesWsrf
127.0.0.1:55550Tcpyesrxservice
127.0.0.1:8889TcpYesQueueMonitor







Powered by Wolken Software