Security Training

An ASV scan on my aruba 7030 box showed the following ports to be open yet vulnerable. I seek assistance on how to block these ports on the aruba wireless controller.  Thanks and will be counting on your support.

ftp	21	TCP	File Transfer [Control]
http	8080	TCP	HTTP Alternate (see port 80)
http	32000	TCP	Mercur mail server access by http
http	80	TCP	World Wide Web HTTP
http	8088	TCP	unknown
http over ssl	443	TCP	http protocol over TLS/SSL
http over ssl	4343	TCP	UNICALL
http over ssl	8082	TCP	Sun Microsystems NetBeans (Forte)
http over ssl	8081	TCP	unknown
isakmp	500	UDP	isakmp
named udp	53	UDP	Domain Name Server
pptp	1723	TCP	pptp
snmp	161	UDP	SNMP
ssh	22	TCP	SSH Remote Login Protocol
tftp	69	UDP	Trivial File Transfer
unknown	9199	TCP	unknown
unknown	17	TCP	Quote of the Day

Thank you

Check this hardening guide the open port & common false positives section. As you can see, these ports are open for a reason. Then under WAN interface protection you can see how to create an interface acl in case you really want to lock down ports that are not in use.

As you can seriously break things by locking down too many ports, make sure that you involve your Aruba Partner and or Aruba Support to provide you guidance.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Feb 01, 2023 11:55 AM
From: kindavid23
Subject: Block Vulnerable Ports on Aruba 7030 Controller

An ASV scan on my aruba 7030 box showed the following ports to be open yet vulnerable. I seek assistance on how to block these ports on the aruba wireless controller.  Thanks and will be counting on your support.

ftp	21	TCP	File Transfer [Control]
http	8080	TCP	HTTP Alternate (see port 80)
http	32000	TCP	Mercur mail server access by http
http	80	TCP	World Wide Web HTTP
http	8088	TCP	unknown
http over ssl	443	TCP	http protocol over TLS/SSL
http over ssl	4343	TCP	UNICALL
http over ssl	8082	TCP	Sun Microsystems NetBeans (Forte)
http over ssl	8081	TCP	unknown
isakmp	500	UDP	isakmp
named udp	53	UDP	Domain Name Server
pptp	1723	TCP	pptp
snmp	161	UDP	SNMP
ssh	22	TCP	SSH Remote Login Protocol
tftp	69	UDP	Trivial File Transfer
unknown	9199	TCP	unknown
unknown	17	TCP	Quote of the Day

Thank you

Original Message:
Sent: 2/6/2023 5:22:00 AM
From: Herman Robers
Subject: RE: Block Vulnerable Ports on Aruba 7030 Controller

Check this hardening guide the open port & common false positives section. As you can see, these ports are open for a reason. Then under WAN interface protection you can see how to create an interface acl in case you really want to lock down ports that are not in use.

As you can seriously break things by locking down too many ports, make sure that you involve your Aruba Partner and or Aruba Support to provide you guidance.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Feb 01, 2023 11:55 AM
From: kindavid23
Subject: Block Vulnerable Ports on Aruba 7030 Controller

An ASV scan on my aruba 7030 box showed the following ports to be open yet vulnerable. I seek assistance on how to block these ports on the aruba wireless controller.  Thanks and will be counting on your support.

ftp	21	TCP	File Transfer [Control]
http	8080	TCP	HTTP Alternate (see port 80)
http	32000	TCP	Mercur mail server access by http
http	80	TCP	World Wide Web HTTP
http	8088	TCP	unknown
http over ssl	443	TCP	http protocol over TLS/SSL
http over ssl	4343	TCP	UNICALL
http over ssl	8082	TCP	Sun Microsystems NetBeans (Forte)
http over ssl	8081	TCP	unknown
isakmp	500	UDP	isakmp
named udp	53	UDP	Domain Name Server
pptp	1723	TCP	pptp
snmp	161	UDP	SNMP
ssh	22	TCP	SSH Remote Login Protocol
tftp	69	UDP	Trivial File Transfer
unknown	9199	TCP	unknown
unknown	17	TCP	Quote of the Day

Thank you

You can lock down the control plane with firewall cp.

For the interface lockdown, check the hardening guide starting page 18.

If you don't have lab equipment to test prior to deployment, I would work with your Aruba partner or Aruba Support to prepare this change.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Feb 08, 2023 06:57 AM
From: kindavid23
Subject: Block Vulnerable Ports on Aruba 7030 Controller

Hello Herman,

 

Thanks for your great contribution.

Can you share a document on how to create lock down a port?

Eg if I want to lock down FTP, SNMP etc.

 

Regards,

 

David

Original Message:
Sent: 2/6/2023 5:22:00 AM
From: Herman Robers
Subject: RE: Block Vulnerable Ports on Aruba 7030 Controller

Check this hardening guide the open port & common false positives section. As you can see, these ports are open for a reason. Then under WAN interface protection you can see how to create an interface acl in case you really want to lock down ports that are not in use.

As you can seriously break things by locking down too many ports, make sure that you involve your Aruba Partner and or Aruba Support to provide you guidance.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Feb 01, 2023 11:55 AM
From: kindavid23
Subject: Block Vulnerable Ports on Aruba 7030 Controller

An ASV scan on my aruba 7030 box showed the following ports to be open yet vulnerable. I seek assistance on how to block these ports on the aruba wireless controller.  Thanks and will be counting on your support.

ftp	21	TCP	File Transfer [Control]
http	8080	TCP	HTTP Alternate (see port 80)
http	32000	TCP	Mercur mail server access by http
http	80	TCP	World Wide Web HTTP
http	8088	TCP	unknown
http over ssl	443	TCP	http protocol over TLS/SSL
http over ssl	4343	TCP	UNICALL
http over ssl	8082	TCP	Sun Microsystems NetBeans (Forte)
http over ssl	8081	TCP	unknown
isakmp	500	UDP	isakmp
named udp	53	UDP	Domain Name Server
pptp	1723	TCP	pptp
snmp	161	UDP	SNMP
ssh	22	TCP	SSH Remote Login Protocol
tftp	69	UDP	Trivial File Transfer
unknown	9199	TCP	unknown
unknown	17	TCP	Quote of the Day

Thank you