Ran into an issue with a security audit being performed found that our NetMRI appliance has TFTP open and thats just no good so here is how you disable TFTP (block) since there is no way to turn off TFTP in NetMRI
The attached diagnostics allow you to update the NetMRI appliance IP Tables (firewall) configuration to Reject and Accept tftp traffic.
The diagnostics can be applied using the “diag <filename.gpg>” command from the NetMRI admin shell.
EXAMPLE:
EGserver001> diag IPTables-REJECT-TFTP.gpg +++ Processing Diagnostic File IPTables-REJECT-TFTP.gpg +++ Checking Digital Signature +++ Unpacking Diagnostic Directory ------------------------------------------------------------------------- DESCRIPTION: IPTables-REJECT-TFTP This diagnostic will change the TFTP PORT (port 69) from ACCEPT to REJECT IPTABLES will then be reloaded ------------------------------------------------------------------------- Do you want to execute this script? (n|y): y +++ Executing Diagnostic Script Legacy library ctime.pl will be removed from the Perl core distribution in the next major release. Please install it from the CPAN distribution Perl4::CoreLibs. It is being used at COMMON.pm, line 3. Legacy library ctime.pl will be removed from the Perl core distribution in the next major release. Please install it from the CPAN distribution Perl4::CoreLibs. It is being used at COMMON.pm, line 3. +++ Loading Server Configuration Version : 7.4.5.99860 SerialNo: 4850201603100009 Network : EventGuyZ *** Creating a backup of exiting IPTABLES Contents *** *** Modifying IPTABLES Contents *** patching file iptables Hunk #1 succeeded at 38 (offset -14 lines). *** Reloading IPTABLES Chains *** Redirecting to /bin/systemctl restart iptables.service *** Successfully modified IPTABLES and Reloaded IPTABLES Chains *** EGserver001>
