Security Training

 View Only
last person joined: 5 days ago 

Expand all | Collapse all

Block Vulnerable Ports on Aruba 7030 Controller

This thread has been viewed 23 times
  • 1.  Block Vulnerable Ports on Aruba 7030 Controller

    Posted Feb 01, 2023 02:09 PM
    An ASV scan on my aruba 7030 box showed the following ports to be open yet vulnerable. I seek assistance on how to block these ports on the aruba wireless controller.  Thanks and will be counting on your support.

    ftp 21 TCP File Transfer [Control]
    http 8080 TCP HTTP Alternate (see port 80)
    http 32000 TCP Mercur mail server access by http
    http 80 TCP World Wide Web HTTP
    http 8088 TCP unknown
    http over ssl 443 TCP http protocol over TLS/SSL
    http over ssl 4343 TCP UNICALL
    http over ssl 8082 TCP Sun Microsystems NetBeans (Forte)
    http over ssl 8081 TCP unknown
    isakmp 500 UDP isakmp
    named udp 53 UDP Domain Name Server
    pptp 1723 TCP pptp
    snmp 161 UDP SNMP
    ssh 22 TCP SSH Remote Login Protocol
    tftp 69 UDP Trivial File Transfer
    unknown 9199 TCP unknown
    unknown 17 TCP Quote of the Day


    Thank you


  • 2.  RE: Block Vulnerable Ports on Aruba 7030 Controller

    EMPLOYEE
    Posted Feb 06, 2023 05:22 AM
    Check this hardening guide the open port & common false positives section. As you can see, these ports are open for a reason. Then under WAN interface protection you can see how to create an interface acl in case you really want to lock down ports that are not in use.

    As you can seriously break things by locking down too many ports, make sure that you involve your Aruba Partner and or Aruba Support to provide you guidance.

    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: Block Vulnerable Ports on Aruba 7030 Controller

    Posted Feb 08, 2023 06:57 AM

    Hello Herman,

     

    Thanks for your great contribution.

    Can you share a document on how to create lock down a port?

    Eg if I want to lock down FTP, SNMP etc.

     

    Regards,

     

    David






  • 4.  RE: Block Vulnerable Ports on Aruba 7030 Controller

    EMPLOYEE
    Posted Feb 10, 2023 03:41 AM

    You can lock down the control plane with firewall cp.

    For the interface lockdown, check the hardening guide starting page 18.

    If you don't have lab equipment to test prior to deployment, I would work with your Aruba partner or Aruba Support to prepare this change.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------