Preconfigured
Services and Network Ports
Oracle ILOM comes preconfigured with most services enabled
by default. This makes the deployment of Oracle ILOM simple and
straightforward. However, each open service network port on the
server represents a potential attach point by a malicious user.
It is therefore important to understand the initial Oracle ILOM
settings, and their purpose, and to choose which services are actually
required for a deployed system. For best security, enable only the
required Oracle ILOM services.
The following table lists the services that are enabled by
default with Oracle ILOM.
Table 4 Services and Ports Enabled by Default
|
|
HTTP redirection to HTTPS |
80 |
HTTPS |
443 |
IPMI TLS client connections
Note -
IPMI TLS client connections are supported as of Oracle ILOM firmware 3.2.8 and later.
|
623 (TCP)
|
IPMI LAN and LANPLUS client connections |
623 (UDP) |
Remote KVMS for Oracle ILOM
Remote Console |
5120, 5121, 5122, 5123, 5555,
5556, 7578, 7579 |
Remote KVMS for Oracle ILOM Remote Console Plus (Oracle ILOM firmware 3.2.2 and later) |
443 |
Remote KVMS for Oracle ILOM Remote Console Plus (Oracle ILOM
firmware prior to 3.2.2)
|
5120, 5555
|
Service Tag |
6481 |
SNMP |
161 |
Single Sign-on |
11626 |
SSH |
22 |
|
The following table shows the services that are disabled by
default with Oracle ILOM.
Table 5 Services and Ports Disabled by Default
|