Installation & Licensing
Welcome to Autodesk’s Installation and Licensing Forums. Share your knowledge, ask questions, and explore popular Download, Installation, and Licensing topics.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Why to specify a port number outside of the range 27000 through 27009 for lmgrd?

4 REPLIES 4
Reply
Message 1 of 5
JTBWorld
410 Views, 4 Replies

Why to specify a port number outside of the range 27000 through 27009 for lmgrd?

I found this addition in the License Administration Guide for FlexNet 11.10.1. “Note • For security purposes, best practice is not to use a default port for the license server. Instead, specify a port number outside of the range 27000 through 27009.” Anyone know why? (Other than what is mentioned in this post Potential Security Vulnerability in FlexNet license manager, but should this not be fixed?)


Jimmy Bergmark
JTB World - Software development and consulting for CAD and license usage reports
https://jtbworld.com

Tags (2)
4 REPLIES 4
Message 2 of 5
TravisNave
in reply to: JTBWorld

Jimmy,


If I had to speculate, I'd say that because the master daemon lmgrd is known to use ports 27000~27009, it becomes easier to locate the vulerability by testing known ports.  Whereas if you used a non default port, it may get overlooked.  Just my two cents...



Travis Nave Send TravisNave a Private Message                                             Need help in your post? Mention me with @TravisNave



My Expert Contributions to the
Autodesk Forums:
FLEXnet License Admin | MSI Cleanup Utility | .NET Framework Cleanup Tool | IPv6 NLM Fix | adskflex.opt Options File | Combine .LIC Files
Message 3 of 5
JTBWorld
in reply to: TravisNave

Yes, that was my thought also but on the other hand there are not that many ports anyway to test on as it would be automated.


Jimmy Bergmark
JTB World - Software development and consulting for CAD and license usage reports
https://jtbworld.com

Message 4 of 5
TravisNave
in reply to: JTBWorld

Yeah, I am not even sure that there are any cases of this even being exploited other than something they may have found internally.  I'm certainly not going to make a habit on making the NLM use a different port.



Travis Nave Send TravisNave a Private Message                                             Need help in your post? Mention me with @TravisNave



My Expert Contributions to the
Autodesk Forums:
FLEXnet License Admin | MSI Cleanup Utility | .NET Framework Cleanup Tool | IPv6 NLM Fix | adskflex.opt Options File | Combine .LIC Files
Message 5 of 5
JTBWorld
in reply to: TravisNave

I agree, I think the only good thing to do is to at least update the FlexNet exe files once in a while.


Jimmy Bergmark
JTB World - Software development and consulting for CAD and license usage reports
https://jtbworld.com

Can't find what you're looking for? Ask the community or share your knowledge.

Post to forums  

Administrator Productivity


Autodesk Design & Make Report