Quantcast
Channel: Symantec Connect - Articles
Viewing all articles
Browse latest Browse all 1863

How to harden Mobility Suite

July 9, 2015, 4:23 pm
$
0
0
Ensure that openssl is up to date and does not include the heartbleed exploit.

1. Run rpm -q openssl from the Terminal to check what version of openssl is currently installed on the Mobility Suite. The expected result should appear in the following format:

openssl-1.0.1e-16.el6_5.15.x86_64

2. If the Terminal output displays anything below openssl-1.0.1e-16.el6_5.7.x86_64, then the following command will need to be run for openssl to be upgraded:

yum -y update openssl

3. Run the rpm -q openssl command again from the Terminal to check the installed openssl package version again. Ensure that the version displayed appears higher than openssl-1.0.1e-16.el6_5.7.x86_64. An example of an update to date version of the openssl package is as follows:

openssl-1.0.1e-30.el6_6.5.x86_64

Source: http://wiki.centos.org/Security/Heartbleed

A script which performs these steps automatically and modifies iptables to allow all the ports necessary for use with Mobility Suite has been attached to this article as 'HardenMobilitySuite.sh_.zip'. The script's permissions may need to be modified before it can be run after it has been uncompressed. In order to uncompress, qualify the script for use, and execute it the following commands need to be run from the Terminal in the directory where the script is located:

yum -y install unzip
unzip HardenMobilitySuite.sh_.zip -d ~
cd ~
chmod +x HardenMobilitySuite.sh
./HardenMobilitySuite.sh

See http://www.symantec.com/docs/HOWTO100354 for instructions on permitting access to the necessary FQDN's for use with Mobility Suite.

See http://www.symantec.com/docs/HOWTO98546 for instructions on permitting access to the necessary ports and IP address range for use with Mobility Suite's iOS device communication.

See http://www.symantec.com/docs/HOWTO94496 for a list of ports needed for the various services and environmental options that can or will be employed by Mobility Suite.

See http://www.symantec.com/docs/HOWTO100093 for the list of ports required for RabbitMQ Cluster communication for use with Mobility Suite.

See http://www.symantec.com/docs/HOWTO110235 for the list of commands to run in the Terminal to add firewall exceptions for ports needed by Mobility Suite.

This connect article was compiled from information listed in HOWTO110230.

Search
Viewing all articles
Browse latest Browse all 1863
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>