headers
Ronny Trommer | 23 Apr 2009 16:13

[opennms-devel] Hardening OpenNMS Server


Hi at all,

is it possible to bind the ports

  	- TCP 8981 Jetty-AJP
	- TCP 1099 OpenNMS
	- TCP 1199 OpenNMS

	- UDP 162 OpenNMS Trapd
	- UDP 514 OpenNMS Syslogd

on a specific IP-Address instead of 0.0.0.0 ?

Thx in advance

--
Ronny Trommer (Germany)
Web: http://www.open-factory.org
IRC: irc.freenode.org - #opennms

PGP key: 7ED9 1A00 0BD9 EB84 9F63  5808 B1BC E829 E383 98A0
Keyserver: keyserver.pgp.com
Permalink | Reply |
headers
David Hustace | 24 Apr 2009 14:22
Favicon
Gravatar

Re: [opennms-devel] Hardening OpenNMS Server


On Apr 23, 2009, at 10:13 AM, Ronny Trommer wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi at all,

is it possible to bind the ports


on a specific IP-Address instead of 0.0.0.0 ?


  - TCP 8981 Jetty-AJP

Yes.  Set this property in opennms.properties
#org.opennms.netmgt.jetty.host = 127.0.0.1


- TCP 1099 OpenNMS
- TCP 1199 OpenNMS

Yes.  Change the java.rmi.server.hostname in opennms.properties.

- UDP 162 OpenNMS Trapd

No.  


- UDP 514 OpenNMS Syslogd

No.


I would open enhancement bugs for the "No" responses.



David Hustace
President, The OpenNMS Group, Inc.
 

------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensign option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Please read the OpenNMS Mailing List FAQ:
http://www.opennms.org/index.php/Mailing_List_FAQ

opennms-devel mailing list

To *unsubscribe* or change your subscription options, see the bottom of this page:
https://lists.sourceforge.net/lists/listinfo/opennms-devel
Permalink | Reply |
headers
Alexander Hoogerhuis | 24 Apr 2009 03:54
Picon

Re: [opennms-devel] Hardening OpenNMS Server

Ronny Trommer wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi at all,
> 
> is it possible to bind the ports
> 
>   	- TCP 8981 Jetty-AJP
> 	- TCP 1099 OpenNMS
> 	- TCP 1199 OpenNMS
> 
> 	- UDP 162 OpenNMS Trapd
> 	- UDP 514 OpenNMS Syslogd
> 
> on a specific IP-Address instead of 0.0.0.0 ?
> 

At least the RMI and AJP related ports obey this (by experience from my 
own OpenNMS'es), and I don't see why you should not be able to get the 
same result with the trap and syslog services.

> Ronny Trommer (Germany)

-A

------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensign option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Please read the OpenNMS Mailing List FAQ:
http://www.opennms.org/index.php/Mailing_List_FAQ

opennms-devel mailing list

To *unsubscribe* or change your subscription options, see the bottom of this page:
https://lists.sourceforge.net/lists/listinfo/opennms-devel
Permalink | Reply |

Gmane