0 Replies Latest reply on Jul 25, 2006 9:57 AM by Peter Halverson

    Security Lockdown

    Peter Halverson Newbie

      I'm trying to lock down our 2.4 portal server by removing all unneeded JBoss services and interfaces (RMI invokers, JMS stuff, tomcat AJP listeners, etc). Has anyone done this before? Is it documented anywhere what the minimal set of services JBP needs? If not, can someone identify which (if any) of the following standard JBoss services are needed by JBP?

      • RMI/JRMP/HTTP invokers (port 4444)
      • WebService access for remote classloading (8083)
      • remote JNDI access (1098,1099)
      • JBoss MQ
      • JBoss WS

        Does clustering have any additional service requirements?