/build/static/layout/Breadcrumb_cap_w.png

Does everyone need access to kbox/datastore/internal/tftpboot/dummy?

We're cleaning up vulnerabilities and need to know if the paths below are required to be accessible by everyone.

If everyone does need access, then can we lock them down to our specific subnets without compromising anything?

/kbox/datastore/internal/tftpboot/dummy
/kbox/datastore/internal/tftpboot/netboot0003
/kbox/datastore/internal/tftpboot/netboot0023


Thanks,
Asked 10 years ago 2303 views
0 Comments   [ + ] Show comments

Answers (1)

Posted by: genfoch01 10 years ago
Orange Senior Belt
1
tftp for PXE boot requires 777 ( all access ) permissions to work since the files are accessed at boot time, there is no method to authenticate a client.  you can set up Firewall rules to restrict access to the K2 for external networks or for some of your internal networks but care must be taken to ensure machines that legitimately need to PXE boot or Netboot (for MAC ) have full access.  
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ