Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Open protocols

A nessus scan was ran on our 6500 that has 2 ssl modules and the followig ports showed open. Can these be disabled, are there any vulnerablilities? What are they used for?

dc (2001/tcp)

dynamid (9002/tcp)

etlservicemgr (9001/tcp)

globe (2002/tcp)

newoak (4001/tcp)

pxc-splr-ft (4003/tcp)

pxc-spvr-ft (4002/tcp)

X11:1 (6001/tcp)

X11:2 (6002/tcp)

X11:3 (6003/tcp)

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Open protocols

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a00801f33c4.html#wp1254193

2001,2002 and 2003 are used to display debug messages.

The other ports also have a use to display engineering data.

You can't really attack the SSLM on those ports, but you should normally block all traffic going to the SSLM management interfaces except SSH/Telnet.

Gilles.

1 REPLY
Cisco Employee

Re: Open protocols

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a00801f33c4.html#wp1254193

2001,2002 and 2003 are used to display debug messages.

The other ports also have a use to display engineering data.

You can't really attack the SSLM on those ports, but you should normally block all traffic going to the SSLM management interfaces except SSH/Telnet.

Gilles.

1038
Views
0
Helpful
1
Replies
CreatePlease login to create content