DX Application Performance Management

 View Only
Expand all | Collapse all

Please Vote UP for this IDEA - WebView Startup Script Oversight - https://communities.ca.com/ideas/235730860

  • 1.  Please Vote UP for this IDEA - WebView Startup Script Oversight - https://communities.ca.com/ideas/235730860

    Posted Apr 25, 2016 10:26 AM

    Please Vote UP for this IDEA - WebView Startup Script Oversight - https://communities.ca.com/ideas/235730860



  • 2.  Re: Please Vote UP for this IDEA - WebView Startup Script Oversight - https://communities.ca.com/ideas/235730860

    Broadcom Employee
    Posted Apr 25, 2016 10:39 AM

    How are you supposed to do port checks? the server is in the internal network. That makes no sense at all.

    Give your EM service account access to use either and restrict it all others is the better solution.



  • 3.  Re: Please Vote UP for this IDEA - WebView Startup Script Oversight - https://communities.ca.com/ideas/235730860

    Posted Apr 25, 2016 04:52 PM

    to reiterate Florian_Cheval feedback from my "Idea" thread:

     

    "Disabling/removing any piece of software that is not strictly necessary to the operation of a server is considered a good security practice.

    If a malevolent individual gets a shell access to any server where telnet or nc is installed, you just made it super easy for him/her to start establishing network connections to all servers in the vicinity (even with a service account).

    So yes, removing telnet is a good and common security practice. We already used to do that at my previous employer 10 years ago ☺"

     

    Let's not start on this thread also, Hiko_Davis ........... , going back and forth.

     

    Cheers,

    Manish