When looking at the security please be aware that the ssh port allows
access with a default private key that is publicly available.
So make sure you remove the line karaf=... in etc/keys.properties and
you should also change the password of the karaf user in user.properties.
Christian
Am 12.02.2013 10:44, schrieb Graham Leggett:
Hi all,
I am currently trying to security harden the default version of karaf. When the
default latest version of v2.3.0 is started up with a default configuration, it
binds to and listens on the following ports:
[minfrin@localhost bin]$ lsof -p 11151 | grep LISTEN
java 11151 minfrin 15u IPv6 357257 0t0 TCP *:59514
(LISTEN)
java 11151 minfrin 68u IPv6 357493 0t0 TCP
localhost:59113 (LISTEN)
java 11151 minfrin 87u IPv6 357859 0t0 TCP
*:rmiregistry (LISTEN)
java 11151 minfrin 88u IPv6 357860 0t0 TCP *:44444
(LISTEN)
java 11151 minfrin 99u IPv6 358277 0t0 TCP
*:ldoms-migr (LISTEN)
Can anyone confirm what services these ports are exposing, and how they can be
controlled, secured, or switched off?
Regards,
Graham
--
--
Christian Schneider
http://www.liquid-reality.de
Open Source Architect
Talend Application Integration Division http://www.talend.com
