Disable port 5489 in vRealize Log Insight 4.8
Article ID: 319587
Updated On:
Products
VMware Aria Suite
Issue/Introduction
In vRealize Log Insight 4.8 the vami-sfcb service has been enabled.
This service enabled port 5489 which listens on SSL2 and SSL3 protocols.
Some security scanners will alert on this port as a security vulnerability.
The vami-sfcb service is part of a CIM daemon that responds to CIM client requests, which is not needed on vRealize Log Insight and can be safely disabled without affecting vRealize Log Insight.
This service enabled port 5489 which listens on SSL2 and SSL3 protocols.
Some security scanners will alert on this port as a security vulnerability.
The vami-sfcb service is part of a CIM daemon that responds to CIM client requests, which is not needed on vRealize Log Insight and can be safely disabled without affecting vRealize Log Insight.
Environment
VMware vRealize Log Insight 4.8.x
Resolution
The vami-sfcb service can be safely disabled.
To do so:
To do so:
- Log into the vRealize Log Insight Primary node as root via SSH or Console.
- Run the following command to stop the vami-sfcb service:
service vami-sfcb stop
- Run the following command to disable vami-sfcb from restarting on boot:
chkconfig vami-sfcb off
- Repeat steps 1-3 on all other nodes in the vRealize Log Insight cluster.
Feedback
Yes
No
Powered by
