06-04-2014 05:14 AM
I'm getting a positive hit on a retina scan for low level encryption (Audit ID:
12237). The scan states that it is set to 56 bit. I need to change to
128-bit to comply.
It is getting the hit on port 2821 and the service on the port is
vrts-at-port. This is on the server that I am getting the hit.
Any idea as to how I can change this or why I should not change?
Everything I am finding is pointing me to the client application.
Solved! Go to Solution.
06-04-2014 05:33 AM
Port 2821 is VERITAS Authentication Service. Netbackup access control used that port before netbackup 7.5. In 7.5 and newer the authentication service uses 1556.
But 2821 may be used for at lot of other Symantec software. So what Symantec software do you have on the client ?
06-04-2014 05:33 AM
Port 2821 is VERITAS Authentication Service. Netbackup access control used that port before netbackup 7.5. In 7.5 and newer the authentication service uses 1556.
But 2821 may be used for at lot of other Symantec software. So what Symantec software do you have on the client ?
06-04-2014 05:39 AM
First, thank you for your reply.
NetBackup 7.0 Linux as far as I know. Don't think Norton is on there.
06-04-2014 05:53 AM
I found this tech note - it is for Windows. You mentioned the client is Linux:
OpsCenter 7.x Server installations may be fail vulnerability assessments due to low strength SSL ciphers being supported by the Symantec Product Authentication Service(VRTSat) component.
http://www.symantec.com/docs/TECH142600
06-04-2014 05:55 AM
Storage Foundation uses port 2821 (VrtsAT) as well.
http://www.symantec.com/docs/TECH158411
06-04-2014 08:42 AM
Is there a Linux fix in the database?
06-04-2014 10:55 AM
I think the "fix" is to upgrade to at least 7.5. (Preferably 7.6.0.2!)
06-05-2014 11:44 PM
I am not sure the VRTSat problem is related to the Netbackup client at all.
Can you do a
# rpm -qa
and attach the output as a file to a post ?