HPE Community
Operating System - HP-UX
1830503 Members
2540 Online
110006 Solutions
New Discussion

ports and protocol for

 
SOLVED
Go to solution
PamelaJThrasher
Regular Advisor

‎08-07-2009 06:46 AM

‎08-07-2009 06:46 AM

ports and protocol for

I need to put in a firewall request to allow one of my servers (phcb1cne) to remsh to another server (phcb1cnb) and start a package (cmmodpkg -e pkg_name).

I do not believe the phcb1cnb will need to respond to the phcb1cne.

What port(s) do I need to open on which server(s) to make this work? Also what protocol is remsh? UPD? TCP? Both? Something else?

Thanks in advance.


0 Kudos
8 REPLIES 8
Ganesan R
Honored Contributor

‎08-07-2009 07:03 AM

‎08-07-2009 07:03 AM

Solution

Re: ports and protocol for

Hi,

By default all the unsecure ports will be blocked at firewall. If you need only remsh port to be opened on firewall, ask them to open 514.

remsh uses the port number 514. You can also check in /etc/services file to find if the port is enabled on servers.

#grep 514 /etc/services
Best wishes,

Ganesh.
0 Kudos
PamelaJThrasher
Regular Advisor

‎08-07-2009 07:35 AM

‎08-07-2009 07:35 AM

Re: ports and protocol for

Here is what I see from grep 514 /etc/services

shell 514/tcp cmd # remote command, no passwd use

looks like I am all set.

Thank you!
0 Kudos
Ganesan R
Honored Contributor

‎08-07-2009 08:08 AM

‎08-07-2009 08:08 AM

Re: ports and protocol for

Hi Again,

Yes. From server side remsh port is open. And it should be opened at firewall as well if there is a firewall between the servers.

To confirm if the port is opened on all the places, use this command,

#telnet 514

Trying...
Connected to
Escape character is '^]'.
Connection closed by foreign host.

If you get the message like above you are through.
Best wishes,

Ganesh.
0 Kudos
PamelaJThrasher
Regular Advisor

‎08-07-2009 08:56 AM

‎08-07-2009 08:56 AM

Re: ports and protocol for

Will do. Thanks again.
0 Kudos
Tim Nelson
Honored Contributor

‎08-07-2009 10:39 AM

‎08-07-2009 10:39 AM

Re: ports and protocol for

I see you got your answer and only wished to add one comment..

In this day and age of cybercrime using unencrypted protocals should be detered.

using ssh (port 20) would help thwart the criminals.. the more fences put up the more likely they would move on to somewhere else.

0 Kudos
PamelaJThrasher
Regular Advisor

‎08-07-2009 10:49 AM

‎08-07-2009 10:49 AM

Re: ports and protocol for

Tim-
Thanks for the words of advice. I will encourage my customer to re-architect their failover solution to not rely on remsh.
0 Kudos
PamelaJThrasher
Regular Advisor

‎08-07-2009 10:49 AM

‎08-07-2009 10:49 AM

Re: ports and protocol for

.
0 Kudos
Steven Schweda
Honored Contributor

‎08-07-2009 11:43 AM

‎08-07-2009 11:43 AM

Re: ports and protocol for

> using ssh (port 20) [...]

Would tend to confuse people, because port
20 is normally used for FTP. Port 22 is more
common for SSH (although security fanatics
often suggest using some other port for it,
to evade common attacks on port 22).

http://www.iana.org/assignments/port-numbers

Note also that port 514 (shell) may be used
for rsh/remsh with a command, while port 513
(login) may be used for rsh/remsh for an
interactive session (without a command).
That is, for example,
remsh host
and
remsh host 'sleep 30'
don't use the same port.

"netstat -an" can be helpful when exploring
in this region.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.