Article ID: 6579, created on Aug 5, 2009, last review on May 9, 2014

  • Applies to:
  • H-Sphere

Symptoms

Parallels H-Sphere Control Panel can not pass PCI (payment card industry) scan because Linux distributives by default allow access into  all ports. That may cause various vulnerabilities for services working  on these ports.

Resolution


Filter incoming traffic to all ports not used by Parallels H-Sphere or  not used in your cluster from outside.

All ports (and services) used by Parallels H-Sphere Control Panel and  theirs accessibility status from outside is described on the document
"Parallels H-Sphere Installation Guide" -> "Preparing for Parallels H-Sphere Installation" -> "Required Components and Configuration" -> "Ports"

All other ports access should be restricted strongly. Use iptables/ipchains for that.

f213b9fa8759d57bee5d547445806fe7 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF