This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.
Josh, > Some of our broadcast stations subscribe to weather information services > provided by Weather Central. Weather Central is apparently using your > product in conjunction with their application to deliver weather information > to our stations. Our preferred security strategy is to route all Internet > traffic through our proxy firewalls where the relevant protocols are > subjected to the highest possible level of compliance verification. > Apparently, your program, LDM, does not work with proxies, and we are forced > to loosen our perimeter protection to allow this traffic to pass through a > stateful packet filter. So far, we have been doing this on a temporary > basis, hoping that the application would, at some point in the future, be > modified to be proxy aware. Can you provide us with details regarding the > protocol involved that you are running over TCP port 388? Can you tell us > if there is any plan to make this application compatible with proxying in > the future? We'd be glad to discuss this with your development team and to > provide clarification, should you need it. Hmm... "Proxy aware" and "proxy compatible" can mean different things to different people depending on the context. What's your context? Are the broadcast stations running LDM-s that connect directly to Weather Central and does this require opening up port 388 throughout your organization? Would you prefer that all the station LDM-s connect to an internal proxy server instead? Are you asking if there's a "proxy" version of the LDM that could be run on a highly secure host and to which all of the station LDM-s would connect? Having asked all that, the protocol used by the LDM is old fashioned ONC RPC over TCP connections. A description of the individual RPC messages can be found at <http://www.unidata.ucar.edu/software/ldm/ldm-6.6.3/basics/protocol.html> Also, the LDM, itself, can be used as a proxy server (depending on your definition of "proxy server"). For what it's worth, there has never been a "break in" using the LDM to the best of my knowledge. As the developer of the LDM, I don't think such an act is even possible. Regards, Steve Emmerson Ticket Details =================== Ticket ID: JGM-828686 Department: Support LDM Priority: Normal Status: Closed