3 Replies Latest reply on Apr 30, 2003 7:48 AM by jburugupalli

    Closing Ports

    tyrone

      I am planning to use JBOSS/TOMCAT with Apache and I'm concerned their ports being "open to the public". Can JBOSS/TOMCAT be run as a service under inetd so I can use TCPWRAPPERS? Is there a better approach besides using something like IPCHAINS? Putting the box behind a firewall is not an option.

        • 1. Re: Closing Ports
          jwkaltz

          Sorry I don't mean to be rude, but if you don't want the public to access the Tomcat & JBoss ports than the obvious solution would be a firewall or ipchains or whatever. Why is this not a solution for you ?

          • 2. Re: Closing Ports
            tyrone

            I should have given more detail. I don't have physical access to the server and I can't redesign the network it’s on to put it behind a firewall. I only want users to have access to the web layer thru Apache/port 80. I don't want the ports that Jboss & Tomcat uses to be accessible to the public.

            I was wondering if there was a simple solution to restrict those ports to localhost (a configuration option?). So far, ipchains seems to be the only solution. Or maybe I'm worrying about nothing?

            T.

            • 3. Re: Closing Ports
              jburugupalli

              HI,
              I also have the same problem ...that i want to close all the ports which JBoss needs and open only port 80 throuhg which all the traffic will be allowed...and i want to access jboss with stanalone client..

              is there a simple solution ...one solution which i know is using JProxy ...which inturn listens on a port 80 for example and redirects all the calls to their respective ports.

              i want more options and simple solutions if possible

              can any one help me out

              regards
              jani