I have ZCM 10.2 installed at one of my customers. They recently had a penetration test performed and one of the recommendations was to modify the Sybase startup because "The remote Sybase SQL Anywhere / Adaptive Server Anywhere database is configured to listen for client connection broadcasts, which allows an attacker to see the name and port that the Sybase SQL Anywhere / Adaptive Server Anywhere server is running on." Their recommendation is to "Switch off broadcast listening via the '-sb' switch when starting sybase."

Just to see what the options are, I launched Sybase with the -? switch and it looks to me like the '-sb' switch requires additional information. I know I can dig around in the registry but I don't want to break what's working now.

Sybase (a.k.a. Novell ZENworks Embedded Datastore) runs as a service on a Windows 2003 Server - They have <100 workstations so it's sufficient for their purposes.

Any suggestions or recommendations for implementing this?