I found this addition in the License Administration Guide for FlexNet 11.10.1. “Note • For security purposes, best practice is not to use a default port for the license server. Instead, specify a port number outside of the range 27000 through 27009.” Anyone know why? (Other than what is mentioned in this post Potential Security Vulnerability in FlexNet license manager, but should this not be fixed?)
Jimmy,
If I had to speculate, I'd say that because the master daemon lmgrd is known to use ports 27000~27009, it becomes easier to locate the vulerability by testing known ports. Whereas if you used a non default port, it may get overlooked. Just my two cents...
Yes, that was my thought also but on the other hand there are not that many ports anyway to test on as it would be automated.
Yeah, I am not even sure that there are any cases of this even being exploited other than something they may have found internally. I'm certainly not going to make a habit on making the NLM use a different port.
I agree, I think the only good thing to do is to at least update the FlexNet exe files once in a while.