A superfluous NFS server that is not sharing any file systems has been detected.
How to Fix;
Disable the NFS server.
Obliviously, I don't think I want to disable the NFS server service on all of my cvm's - is there any official documentation that I can share with my peers to support this so that I can get an exemption from this risk on these systems?
Best answer by danny_sre
Since the CVM’s are the storage controllers for the environment we would not want to disable NFS. This is particularly true if the hypervisors are ESXi ( ref: https://portal.nutanix.com/#/page/kbs/details?targetId=kA032000000TStNCAW )
Note the following:
CVM, Stargate service is always listening on ports 2049 (NFS), 3261/3260 (iSCSi), 445 (SMB), no matter what kind of hypervisor we are using. This can cause security scan warnings for vulnerabilities on CVM in the environment.
Please review and let me know if you have any additional questions.