CAM - How to Hide the Jetty WebServer Version from Being Returned in a Telnet HTTP Response
(Doc ID 1493198.1)
Last updated on JUNE 21, 2019
Applies to:Sun Storage Common Array Manager (CAM) - Version 6.0 and later
CAM (Common Array Manager) FMS (Fault Management Services) uses port 8654. A telnet connection attempt to port 8654 on a server that has CAM installed will be refused, but information can still be obtained from the server that will reveal the Operating System and version, the java version, and the webserver being used (Jetty) along with it's version. This information may be useful to a malicious attacker, and may be viewed as a security risk.
This document describes how to prevent the server information and software versions from being returned in response to an HTTP request to port 8654 on a CAM server.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document