CAM - How to Hide the Jetty WebServer Version from Being Returned in a Telnet HTTP Response
Last updated on OCTOBER 05, 2017
Applies to:Sun Storage Common Array Manager (CAM) - Version 6.0 and later
CAM (Common Array Manager) FMS (Fault Management Services) uses port 8654. A telnet connection attempt to port 8654 on a server that has CAM installed will be refused, but information can still be obtained from the server that will reveal the Operating System and version, the java version, and the webserver being used (Jetty) along with it's version. This information may be useful to a malicious attacker, and may be viewed as a security risk.
This document describes how to prevent the server information and software versions from being returned in response to an HTTP request to port 8654 on a CAM server.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms