The Apache Tomcat shutdown port must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-97293 | ISEC-06-551300 | SV-106397r1_rule | Medium |
| Description |
|---|
| Tomcat uses a port (defaults to 8005) as a shutdown port. Someone could Telnet to the machine using this port and send the default command SHUTDOWN. Tomcat and all web apps would shut down in that case, which is a denial of service attack and would cause an unwanted service interruption. |
| STIG | Date |
|---|---|
| ISEC7 EMM Suite v6.x Security Technical Implementation Guide | 2019-09-05 |
Details
| Check Text ( C-96129r1_chk ) |
|---|
| Verify the shutdown port is disabled. Log in to the EMM Suite server. Browse to Program Files\Isec7 EMM Suite\Tomcat\Conf Open the server.xml with Notepad.exe Select Edit >> Find and search for Shutdown. Verify that the shutdown port has been disabled with below entry: shutdown="-1" If the shutdown port has not been disabled, this is a finding. |
| Fix Text (F-102973r1_fix) |
|---|
| Log in to the EMM Suite server. Browse to Program Files\Isec7 EMM Suite\Tomcat\Conf Open the server.xml with Notepad.exe Select Edit >> Find and search for Shutdown. Change the shutdown to -1 example: shutdown=-1 Save the file and restart the Isec7 EMM Suite Web service with the services.msc |