IBM i Global

Hello,

Is it possible to secure ports 5555 and 445 on an IBM i V7R4 system?

Regards,

Thanks

------------------------------
Manuel R.
------------------------------

Hello,

Is it possible to secure ports 5555 and 445 on an IBM i V7R4 system?

Regards,

Thanks

------------------------------
Manuel R.
------------------------------

Hello,

Is it possible to secure ports 5555 and 445 on an IBM i V7R4 system?

Regards,

Thanks

------------------------------
Manuel R.
------------------------------

Dear Manuel

In IBM i, port 445 is used for IBM i Netserver function using CIFS protocol which is a newer protocol that is more secured than the old NetBios (used by port 137-139). More information here on this : Can NetServer Run With The NetBIOS Protocol Disabled? at  https://www.ibm.com/support/pages/node/646207  

If you have no need to use Netserver whatsoever, just make sure this TCP/IP server is not started.   But if you have a need to use CIFS and want more security control of this, you can decide to deploy a firewall and exercise access policy with it but this adds management burden to IT security admin team.      

Port 5555 (and 5544) is used by IBM i Management Central (MTGC) function used by the old Windows-based IBM i Navigator tool from IBM i Access for Windows product which was not supported by IBM for several years now.  MGTC was also dropped from IBM support as of IBM i 7.5.  More info here:  https://www.ibm.com/support/pages/management-central-common-errors 

MGTC is no longer a useful thing to use in IBM i 7.4 as there is another more modern alternative for it which is Navigator for i tool (used from a browser).  So, I would say it is advisable to NOT run IBM i Management Central Server and you would have no need to worry about securing it.  

------------------------------
Chance favors only the prepared mind.
-- Louis Pasteur
------------------------------
Satid S.

Original Message:
Sent: Sat December 30, 2023 01:00 AM
From: spw iaix
Subject: secure ports 5555 and 445

Hello,

Is it possible to secure ports 5555 and 445 on an IBM i V7R4 system?

Regards,

Thanks

------------------------------
Manuel R.
------------------------------

------------------------------
Manuel R.

Original Message:
Sent: Mon January 01, 2024 04:36 AM
From: Satid Singkorapoom
Subject: secure ports 5555 and 445

Dear Manuel

In IBM i, port 445 is used for IBM i Netserver function using CIFS protocol which is a newer protocol that is more secured than the old NetBios (used by port 137-139). More information here on this : Can NetServer Run With The NetBIOS Protocol Disabled? at  https://www.ibm.com/support/pages/node/646207  

If you have no need to use Netserver whatsoever, just make sure this TCP/IP server is not started.   But if you have a need to use CIFS and want more security control of this, you can decide to deploy a firewall and exercise access policy with it but this adds management burden to IT security admin team.      

Port 5555 (and 5544) is used by IBM i Management Central (MTGC) function used by the old Windows-based IBM i Navigator tool from IBM i Access for Windows product which was not supported by IBM for several years now.  MGTC was also dropped from IBM support as of IBM i 7.5.  More info here:  https://www.ibm.com/support/pages/management-central-common-errors 

MGTC is no longer a useful thing to use in IBM i 7.4 as there is another more modern alternative for it which is Navigator for i tool (used from a browser).  So, I would say it is advisable to NOT run IBM i Management Central Server and you would have no need to worry about securing it.  

------------------------------
Chance favors only the prepared mind.
-- Louis Pasteur
------------------------------
Satid S.

Original Message:
Sent: Sat December 30, 2023 01:00 AM
From: spw iaix
Subject: secure ports 5555 and 445

Hello,

Is it possible to secure ports 5555 and 445 on an IBM i V7R4 system?

Regards,

Thanks

------------------------------
Manuel R.
------------------------------

You can enable or enforce SMB signing:  SMB Signing and IBM i NetServer Support  Use the NETS option though, Navigator for i isn't presently handling that option correctly, I have a defect report in with the developer.

------------------------------
Manuel R.

Original Message:
Sent: Mon January 01, 2024 04:36 AM
From: Satid Singkorapoom
Subject: secure ports 5555 and 445

Dear Manuel

In IBM i, port 445 is used for IBM i Netserver function using CIFS protocol which is a newer protocol that is more secured than the old NetBios (used by port 137-139). More information here on this : Can NetServer Run With The NetBIOS Protocol Disabled? at  https://www.ibm.com/support/pages/node/646207  

If you have no need to use Netserver whatsoever, just make sure this TCP/IP server is not started.   But if you have a need to use CIFS and want more security control of this, you can decide to deploy a firewall and exercise access policy with it but this adds management burden to IT security admin team.      

Port 5555 (and 5544) is used by IBM i Management Central (MTGC) function used by the old Windows-based IBM i Navigator tool from IBM i Access for Windows product which was not supported by IBM for several years now.  MGTC was also dropped from IBM support as of IBM i 7.5.  More info here:  https://www.ibm.com/support/pages/management-central-common-errors 

MGTC is no longer a useful thing to use in IBM i 7.4 as there is another more modern alternative for it which is Navigator for i tool (used from a browser).  So, I would say it is advisable to NOT run IBM i Management Central Server and you would have no need to worry about securing it.  

------------------------------
Chance favors only the prepared mind.
-- Louis Pasteur
------------------------------
Satid S.

Original Message:
Sent: Sat December 30, 2023 01:00 AM
From: spw iaix
Subject: secure ports 5555 and 445

Hello,

Is it possible to secure ports 5555 and 445 on an IBM i V7R4 system?

Regards,

Thanks

------------------------------
Manuel R.
------------------------------

Dear Manuel

In IBM i, port 445 is used for IBM i Netserver function using CIFS protocol which is a newer protocol that is more secured than the old NetBios (used by port 137-139). More information here on this : Can NetServer Run With The NetBIOS Protocol Disabled? at  https://www.ibm.com/support/pages/node/646207  

If you have no need to use Netserver whatsoever, just make sure this TCP/IP server is not started.   But if you have a need to use CIFS and want more security control of this, you can decide to deploy a firewall and exercise access policy with it but this adds management burden to IT security admin team.      

Port 5555 (and 5544) is used by IBM i Management Central (MTGC) function used by the old Windows-based IBM i Navigator tool from IBM i Access for Windows product which was not supported by IBM for several years now.  MGTC was also dropped from IBM support as of IBM i 7.5.  More info here:  https://www.ibm.com/support/pages/management-central-common-errors 

MGTC is no longer a useful thing to use in IBM i 7.4 as there is another more modern alternative for it which is Navigator for i tool (used from a browser).  So, I would say it is advisable to NOT run IBM i Management Central Server and you would have no need to worry about securing it.  

------------------------------
Chance favors only the prepared mind.
-- Louis Pasteur
------------------------------
Satid S.

Original Message:
Sent: Sat December 30, 2023 01:00 AM
From: spw iaix
Subject: secure ports 5555 and 445

Hello,

Is it possible to secure ports 5555 and 445 on an IBM i V7R4 system?

Regards,

Thanks

------------------------------
Manuel R.
------------------------------