Hi Stephan,
Rather than specifically blocking these ports, why not use a default DENY
policy and explicitly allow the ones you'd like to the outside world (eg
ssh?) This seems a lot easier than tracking down the specific ports to deny.
Regarding the specific question, my guess is that it's the JM
The read port of data node is random, but I think you can forbid the
port on namenode becuase each read operation should access namenode
first.
On Fri, Sep 3, 2010 at 12:53 AM, Stephan Gammeter
wrote:
> We are trying to secure our HDFS installation by blocking all the ports that
> HDFS requires t
