1 Rookie
•
3 Posts
0
481
Disabling TCP ports on Unity storage
Hello all,
I'd like to disable some TCP ports (ex. 139, 445) for security reasons (caught on internal port scan during security audit)
I know I can disable it on NAS configuration via web management but,
I want to make these ports can't be scanned.
I've checked all svc_* commands but nothing seemed to be make that happen.
1. svc_firewall only supports for UDP
2. tcp_wrapper(hosts.deny) doesn't support for smb/cifs
3. no parameters for svc_nas param cifs facility
Is there any methods I can try?
Thanks in advance.
Kind Regards,
DELL-Sam L
Moderator
Moderator
•
7.1K Posts
0
February 8th, 2023 06:00
Hello Byung-kwan Kim,
Here is a link to the Dell Unity Family Security Configuration Guide which states which ports can be disabled and which should be left open. The guide also has our best practices for security settings as well.
https://dell.to/3JSo5Xg
Byung-kwan Kim
1 Rookie
1 Rookie
•
3 Posts
0
February 14th, 2023 18:00
Thanks for reply.
I checked the guide you gave.
but couldn't find disabling instruction for those ports.
so, that means TCP 139, 445 should be left opened?
DELL-Sam L
Moderator
Moderator
•
7.1K Posts
0
February 15th, 2023 00:00
Hello Byung-kwan Kim,
If you are using SMB file sharing, then ports 139 & 445 need to be left open.