Preconfigured Services and Network Ports
Oracle ILOM comes preconfigured with most services enabled by default. This makes the deployment of Oracle ILOM simple and straightforward. However, each open service network port on the server represents a potential attach point by a malicious user. It is therefore important to understand the initial Oracle ILOM settings, and their purpose, and to choose which services are actually required for a deployed system. For best security, enable only the required Oracle ILOM services.
The following table lists the services that are enabled by default with Oracle ILOM.
Table 4-2 Services and Ports Enabled by Default
Service | Port(s) |
---|---|
HTTP Redirection |
80 |
HTTPS |
443 |
IPMI TLS client connections Note: IPMI TLS client connections are supported as of Oracle ILOM firmware 3.2.8 and later. |
623 (TCP) |
Remote KVMS for Oracle ILOM Remote Console |
5120, 5121, 5122, 5123, 5555, 5556, 7578, 7579 |
Remote KVMS for Oracle ILOM Remote Console Plus |
443 |
Service Tag |
6481 |
SNMP (Traps and SNMP v3 user accounts) |
161 |
Single Sign-on |
11626 |
SSH |
22 |
The following table shows the services that are disabled by default with Oracle ILOM.
Table 4-3 Services and Ports Disabled by Default
Service | Port(s) |
---|---|
IPMI v2.0 Sessions ( |
623 (UDP) |