Veritas-bu
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Veritas-bu] Java port 13722 on the client

2005-10-17 04:28:05
Subject: [Veritas-bu] Java port 13722 on the client
From: Stella.Lee AT datacraft-asia DOT com (Stella Lee@PS@DCSG-KBT)
Date: Mon, 17 Oct 2005 16:28:05 +0800 
Hi Bobby,

Port 13722 is used by bpjava-msvc on both master & clients.
According to Veritas support note 279085, there is format string
overflow vulnerability in the program.

regards
Stella Lee
Datacraft (S) Pte Ltd
-----Original Message-----
From: veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of Bobby
Williams
Sent: Saturday, October 15, 2005 6:34 PM
To: 'Jeff Lightner'; denis AT kapusta DOT com
Cc: veritas-bu AT mailman.eng.auburn DOT edu
Subject: RE: [Veritas-bu] Java port 13722 on the client

Does anyone know where it is getting set on a Windows client?

It is not in the \install\system32\drivers\etc\services file. 

I can run a netstat -a on a windows client and it shows up.  I can't
find it
listed in the registry.

Basically, if I can't find where it is being set, I can't turn it off.

I have email from Veritas that I got yesterday ( I opened a support case
to
see if closing the port fixes the problem ) that says if the port is
closed
on a windows client, the windows interface still works.

I want to close the port on all clients, but need to find where it is
set in
windows.

Thanks. 




Bobby Williams
2205 Peterson Drive
Chattanooga, Tennessee  37421
423-296-8200

-----Original Message-----
From: veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of Jeff
Lightner
Sent: Friday, October 14, 2005 4:05 PM
To: denis AT kapusta DOT com
Cc: veritas-bu AT mailman.eng.auburn DOT edu
Subject: RE: [Veritas-bu] Java port 13722 on the client

What do you mean by "open"?  On my "clients" though there is an entry in
inetd (or xinetd depending on OS) for this it isn't actively listening.
It would only become active if there were a request to the port because
inetd (or xinetd) would see that request and open it.

You can use the Java client to access your Netbackup client machines but
when you do you'll only get the option for "Backup,Archive, and
Restore".   This would let you initiate manual backups, archives or
restores from the client host instead of the master host.

If you're concerned about security it should be safe to disable this
port in
your /etc/inetd.conf (or /etc/xinetd.d/bpjava-msvc) file.  You just
won't be
able to talk to them from your workstation Java GUI is all.

-----Original Message-----
From: denis AT kapusta DOT com [mailto:denis AT kapusta DOT com]
Sent: Friday, October 14, 2005 3:58 PM
To: Jeff Lightner
Cc: veritas-bu AT mailman.eng.auburn DOT edu
Subject: Re: [Veritas-bu] Java port 13722 on the client

Let me rephrase this. This port is also open on the clients not master
server.  I can see why would it be open on the server, but why is it
open on
client? 

 --Denis 

Jeff Lightner writes: 

> This is the LISTENing port named bpjava-msvc (see /etc/services).  It 
> sits there and waits for someone to attach to the system using the
Java
> Client (GUI) which you can run from another installation or from your
> local Windows workstation.   
> 
> The Java Client allows you to monitor activity, define policies,
perform
> manual restores etc... 
> 
> -----Original Message-----
> From: veritas-bu-admin AT mailman.eng.auburn DOT edu
> [mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of 
> denis AT kapusta DOT com
> Sent: Friday, October 14, 2005 10:19 AM
> To: veritas-bu AT mailman.eng.auburn DOT edu
> Subject: [Veritas-bu] Java port 13722 on the client
> 
> Hello,
> Can anybody explain the purpose of this open port on the client? I can

> not see any usable purpose.
> 
> Thank you
> 
>  --Denis
> 
> _______________________________________________
> Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu 
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
 


_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu


****************************************************************************
This email and all contents are subject to the following disclaimer:

http://www.datacraft-asia.com/disclaimer
****************************************************************************
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Veritas-bu] Status 156, WEAVER, Simon
Next by Date:  [Veritas-bu] NBU Email Notification NBU 3.4 NT 4, WEAVER, Simon
Previous by Thread:  [Veritas-bu] Java port 13722 on the client, Bobby Williams
Next by Thread:  [Veritas-bu] Veritas NetBackup - Disaster Recovery, Wil Morris
Indexes:  [Date] [Thread] [Top] [All Lists]