Product: Stratusphere FIT/UX
Product Version: 6..x
Expires on: 365 days from publish date
Updated: June 10, 2020
If you're no longer running any 5.8.x version Connector ID Keys or using 5.8.x Network Station appliances, then you could drop traffic to these legacy TCP ports on the internal firewall to reduce the attack surface of the Stratusphere HUB and resolve any items being flagged on security scans relating to ciphers or certificates for these TCP ports 5501 and 5502.
SSH using PuTTY or other tool so you can copy/paste.
SSH to HUB as friend/sspassword (if defaults)
Execute the following:
su - (same sspassword when prompted, if default)
sed -i 's/5501.*ACCEPT/5501 -m state --state NEW,RELATED,ESTABLISHED -j DROP/; s/5502.*ACCEPT/5502 -m state --state NEW,RELATED,ESTABLISHED -j DROP/' /etc/sysconfig/iptables
<CTRL+D twice to logoff>
You can now confirm that the legacy TCP ports 5501 and 5502 have been disabled using a tool of your choosing, i.e., telnet <hubAddress> 5501