Originally posted by Martin Braun
View Post
-
Guest repliedGreat work, so I could disable this UDP port and the other two 'walking ports' are at least not my own configuration fault. Thanks for your help.
-
Hi,
44335/udp is a push port for the outlook connector. This can be configured at the push.properties file.
//edit
Those other JMX Port should be bound to localhost by default as they are configured like that at the server.properties:
MonitorJMXBindAddress=localhost
This i obviously a bug and has been reported. Thank you!Last edited by Martin Heiland; 08-06-2007, 10:05 AM.Leave a comment:
-
Guest repliedThanks, that closed at least those two ports.
I still have two ports listening on any-Interface, the port numbers changing every restart of the server. And there remains one udp port 44335 I can't associate any service with.
Could these ports be configured to listen only on localhost?Leave a comment:
-
Hi,
you've to comment out the following lines at the admindaemons and groupware's cache.ccf:
and every following up line starting with jcs.auxiliary.LTCP.*Code:# AVAILABLE AUXILIARY CACHES # TCP Lateral Cache to broadcast PUTS and REMOVALS (and possibly GETS) to other local caches jcs.auxiliary.LTCP=org.apache.jcs.auxiliary.lateral.socket.tcp.LateralTCPCacheFactory jcs.auxiliary.LTCP.attributes=org.apache.jcs.auxiliary.lateral.socket.tcp.TCPLateralCacheAttributes jcs.auxiliary.LTCP.attributes.TcpServers=127.0.0.1:57461 jcs.auxiliary.LTCP.attributes.TcpListenerPort=57462
GreetingsLast edited by Martin Heiland; 08-06-2007, 09:15 AM.Leave a comment:
-
Guest repliedI'm not yet familiar with JCS but I don't need clustering or multiple instances at all. So I would be glad to downsize some of the features. Any hint what to disable where?Originally posted by Martin Braun View PostLeave a comment:
-
Hi,
Port 1099 is for RMI access, which is used for administration of the admindaemon (command line tools and so on). 9999 is for JMX which provides a monitoring service.
Those other Ports are used for the different caches that are provided by the groupware and administration daemon. This is a feature which is used when setting up clusters of OX Servers that communicate (synchronize) which each other. If you are familiar with the JCS Protocol, you can configure the caching configuration at the cache.ccf file at the groupware and admindaemon "/etc" directory. This caching feature is not required when only running one instance of the Open-Xchange Server on one physical server. This caching is also the cause for random ports usage.
Greetings.Last edited by Martin Heiland; 08-04-2007, 10:15 PM.Leave a comment:
-
Port binding not using localhost?
One question concerning security: When I have a server without any firewall in front, I have some ports open to the outside coming from OX.
Why are the ports 57461 and 57462 listening on all interfaces and not only on localhost?
Using netstat -an one can see which ports listen only on localhost, like 1099 or 9999.
And some ports are used in a random range, new ones for every new startup of the groupware server, some "feature" of java or jndi I dislike most.
Is there any known tweakup to the config files to reduce the number of open ports to the world outside?
Leave a comment: