Jump to content

How to prevent TFTP on NetMRI Appliances


rev.dennis

16 views

Ran into an issue with a security audit being performed found that our NetMRI appliance has TFTP open and thats just no good so here is how you disable TFTP (block) since there is no way to turn off TFTP in NetMRI

The attached diagnostics allow you to update the NetMRI appliance IP Tables (firewall) configuration to Reject and Accept tftp traffic.

The diagnostics can be applied using the "diag <filename.gpg>" command from the NetMRI admin shell.

EXAMPLE:

EGserver001> diag IPTables-REJECT-TFTP.gpg

+++ Processing Diagnostic File IPTables-REJECT-TFTP.gpg
+++ Checking Digital Signature
+++ Unpacking Diagnostic Directory

-------------------------------------------------------------------------
DESCRIPTION: IPTables-REJECT-TFTP

This diagnostic will change the TFTP PORT (port 69) from ACCEPT to REJECT
IPTABLES will then be reloaded
-------------------------------------------------------------------------

Do you want to execute this script? (n|y): y

+++ Executing Diagnostic Script
Legacy library ctime.pl will be removed from the Perl core distribution in the next major release. Please install it from the CPAN distribution Perl4::CoreLibs. It is being used at COMMON.pm, line 3.
Legacy library ctime.pl will be removed from the Perl core distribution in the next major release. Please install it from the CPAN distribution Perl4::CoreLibs. It is being used at COMMON.pm, line 3.
+++ Loading Server Configuration
Version : 7.4.5.99860
SerialNo: 4850201603100009
Network : EventGuyZ

*** Creating a backup of exiting IPTABLES Contents ***

*** Modifying IPTABLES Contents ***
patching file iptables
Hunk #1 succeeded at 38 (offset -14 lines).

*** Reloading IPTABLES Chains ***
Redirecting to /bin/systemctl  restart iptables.service

*** Successfully modified IPTABLES and Reloaded IPTABLES Chains ***

EGserver001> 

IPTables-REJECT-TFTP.gpg IPTables-ACCEPT-TFTP.gpg

0 Comments


Recommended Comments

There are no comments to display.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...