HMC

 View Only
  • 1.  vHMC vulnerabilities of ports 2300 and 2301

    Posted Wed March 27, 2024 05:42 PM

    Hello,

    Please can you help me, is it possible to overcome the following vulnerabilities

    FQDN: Does not reversely resolve Interception of user credentials and data due to use of the TELNET TCP/2301 protocol

    FQDN: Does not reversely resolve Interception of user credentials and data due to use of the TELNET TCP/2300 protocol

    Thanks,



    ------------------------------
    Regards,

    Jorge L
    ------------------------------


  • 2.  RE: vHMC vulnerabilities of ports 2300 and 2301

    IBM Champion
    Posted Thu March 28, 2024 07:40 AM

    That's a bit opaque.

    Is there a CVE for that ?
    What are those vulnerabilities supposed to be?



    ------------------------------
    José Pina Coelho
    IT Specialist at Kyndryl
    ------------------------------



  • 3.  RE: vHMC vulnerabilities of ports 2300 and 2301

    IBM Champion
    Posted Thu March 28, 2024 08:53 AM

    Sure! No problem.  Just upgrade your HMC to the most current release and it drops system consoles on unsecure telnet.  You will have to use secure telnet.  Easy to set up.  Much easier than setting up secure telnet for regular 5250 sessions.

    The only concern is if you're running an older Power system which doesn't support the most current versions of HMC, or if you let your firmware and hmc versions drag so far behind that you may need to stairstep their upgrades to current versions.

    Never checked about setting up secure console sessions until I had to so maybe it could be done on the older releases of HMC but I tend to upgrade pretty quickly and who can remember versions of HMC that old for such a long period?



    ------------------------------
    Robert Berendt IBMChampion
    ------------------------------