HP StorageWorks Fabric OS 5.2.x administrator guide (5697-0014, November 2009)
86 Configuring standard security features
Blocking listeners
HP StorageWorks switches block Linux subsystem listener applications that are not used to implement
supported features and capabilities. Table 19 lists the listener applications that switches either block or do
not start.
Accessing switches and fabrics
If you are using the FC-FC Routing Service, be aware that you cannot execute the secModeEnable
command on backbone fabrics (you cannot run this command in secure mode when a backbone fabric is
connected to edge fabrics). Refer to ”Using the FC-FC routing service” on page 227 for details about the
FC-FC Routing Service and it relationship with Secure Fabric OS.
Table 20 lists the defaults for accessing hosts, devices, switches, and zones.
Table 19 Blocked Listener Applications
Listener
application
SAN Director 2/128 and
4/256 SAN Director
4/8 SAN Switch and 4/16 SAN Switch,
SAN Switch 2/8V, SAN Switch 2/16V,
SAN Switch 2/32, SAN Switch 4/32,
4/64 SAN Switch and 400 MP Router
chargen Do not start Do not start
echo Do not start Do not start
daytime Do not start Do not start
discard Do not start Do not start
ftp Do not start Do not start
rexec Block with packet filter Do not start
rsh Block with packet filter Do not start
rlogin Block with packet filter Do not start
time Block with packet filter Do not start
rstats Do not start Do not start
rusers Do not start Do not start
Table 20 Access defaults
Hosts Any host can access the fabric by SNMP
Any host can telnet to any switch in the fabric
Any host can establish an HTTP connection to any switch in the fabric
Any host can establish an API connection to any switch in the fabric
Devices All device ports can access SES
All devices can access the management server
Any device can connect to any FC port in the fabric
Switch access Any switch can join the fabric
All switches in the fabric can be accessed through serial port
Zoning Node WWNs can be used for WWN-based zoning