Disable any services that are not required to support the operational and management requirements of the platform.
By default, Oracle ILOM employs a network secure-by-default configuration whereby nonessential services are already disabled. However, based on your security policies and requirements, it might be necessary to disable additional services.
-> show /SP/services
Replace servicename with the name of the service identified in Step 2.
-> show /SP/services/servicename servicestate
While the majority of services recognize and use the servicestate parameter to record whether the service is enabled or disabled, there are a few services, such as servicetag, ssh, sso, and wsman, that use a parameter called state. Regardless of the actual parameter used, a service is enabled if the servicestate or state parameter returns a value of enabled, as shown in these examples:
-> show /SP/services/https servicestate /SP/services/https Properties: servicestate = enabled
-> show /SP/services/ssh state /SP/services/ssh Properties: state = enabled
-> set /SP/services/http servicestate=disabled
Depending on the tools and methods used, these additional services can be disabled if they are not required or used:
For a browser administrative Interface (HTTP, HTTPS), type:
-> set /SP/services/http servicestate=disabled -> set /SP/services/http secureredirect=disabled -> set /SP/services/https servicestate=disabled
For the keyboard, video, mouse service (KVMS), type:
-> set /SP/services/kvms servicestate=disabled
For Web services management (WS-Man over HTTP/HTTPS) - (Oracle ILOM version 3.1 and older), type::
-> set /SP/services/wsman state=disabled
For Single-Sign On services (SSO), type:
-> set /SP/services/sso state=disabled