HP StorageWorks MSA 2/8 HP StorageWorks Fabric OS Procedures V3.1.x/4.1.x User - Page 95

Basic Security in FOS Disabling the Telnet Interface From a security standpoint, with the addition of SSH, the telnet interface is no longer necessary to manage the switch. Some customers may wish to disable telnet to prevent a user from passing cleartext passwords over the network when logging in to the switch. The configure [telnetd] command is provided to allow customers to disable the telnet interface. The default configuration of the switch will ship with telnet enabled. For more information on the configure command, refer to the HP StorageWorks Fabric OS Version 3.1.x/4.1.x Reference Guide. 1. Log in to the switch as Admin. 2. Enter configure [telnetd] at the command line. This configure command can be run with the switch enabled. 3. Press Enter. The Telnet interface is disabled. SNMP, HTTP, API, RSNMP, WSNMP, SES, and MS are managed through their respective policies when security is enabled. Refer to the HP StorageWorks Secure Fabric OS Version 1.0 User Guide for information. Listeners In order to make the Fabric OS more secure, the principal has been adopted that the Linux subsystem should provide only the minimal necessary functionality required to implement supported features and capabilities. Removal of Unused Listeners Changing the principal to provide the minimum Linux subsystem functionality required that a number of listeners be removed from this version of the Fabric OS. Some listeners are required for CP to CP communications on the internal network of the Core Switch 2/64. These listeners are blocked on the Core Switch 2/64, and are not started on the SAN Switch 2/32. Table 5: Removed Listeners for the Core Switch 2/64 and SAN Switch 2/32 Listener Name chargen echo daytime Core Switch 2/64 Do not start Do not start Do not start SAN Switch 2/32 Do not start Do not start Do not start Fabric OS Procedures Version 3.1.x/4.1.x User Guide 95