My Oracle Support Banner

CAM - How to Hide the Jetty WebServer Version from Being Returned in a Telnet HTTP Response (Doc ID 1493198.1)

Last updated on JUNE 21, 2019

Applies to:

Sun Storage Common Array Manager (CAM) - Version 6.0 and later
All Platforms

Goal

CAM (Common Array Manager) FMS (Fault Management Services) uses port 8654. A telnet connection attempt to port 8654 on a server that has CAM installed will be refused, but information can still be obtained from the server that will reveal the Operating System and version, the java version, and the webserver being used (Jetty) along with it's version.  This information may be useful to a malicious attacker, and may be viewed as a security risk.

This document describes how to prevent the server information and software versions from being returned in response to an HTTP request to port 8654 on a CAM server.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.