How to secure access to OpenManage Webtools

Matt Domsch Matt_Domsch at dell.com
Thu Jun 7 21:29:49 CDT 2007


On Wed, Jun 06, 2007 at 02:21:49PM -0700, Byron wrote:
> Hi,
> 
> I have a question on how best to secure access to the
> Open Manage web page.
> 
> I have installed OM5.2.0 on CentOS5 (Final) 32bits and
> we are using RSYSLOG to log messages.
> 
> OM 5.2.0 does seem to log a failed login to
> /var/log/secure (See below), but it fails to mention
[snip]
> WHAT ip was the culprit :(
> My goal is to autoban the offending IP with a tool
> called FAIL2BAN, which checks the logfiles for errors.

iptables log rules to note the connection attempt should work.
Something like this in your /etc/sysconfig/iptables file that
otherwise is configured to let this traffic through with the ACCEPT rule:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1311 -j LOG
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1311 -j ACCEPT


 
> If there are other (better?) ways to secure access to
> Open Manage, I'd love to hear them!

iptables is always your friend for securing network ports.  You can
limit access to hosts from your own netblocks etc.

Thanks,
Matt

-- 
Matt Domsch
Software Architect
Dell Linux Solutions linux.dell.com & www.dell.com/linux
Linux on Dell mailing lists @ http://lists.us.dell.com



More information about the Linux-PowerEdge mailing list