Campbell Scientific CR3000 CR3000 Micrologger - Page 72
Pass-code Lockout
View all Campbell Scientific CR3000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 72 highlights
Section 5. System Overview HTTP: • Send datalogger programs. • View table data. • Get historical records or other files present on the datalogger drive spaces. • More access is given when a .csipasswd is in place (so make sure users with administrative rights have strong log-in credentials) 5.1.9.2 Pass-code Lockout Pass-code lockouts (historically known simply as "security codes") are the oldest method of securing a Campbell Scientific datalogger. Pass-code lockouts can effectively lock out innocent tinkering and discourage wannabe hackers on non-IP based telecommunications links. However, any serious hacker with physical access to the datalogger or to the telecommunications hardware can, with only minimal trouble, overcome the five-digit pass-codes blocking access. Systems that can be adequately secured with pass-code lockouts are probably limited to: • private, non-IP radio networks • direct links (hardwire RS-232, short-haul, multidrop, fiber optic) • non-IP satellite • land-line, non-IP based telephone, where the telephone number is not published. • cellular phone wherein IP has been disabled, providing a strictly serial connection. Up to three levels of lockout can be set. Valid pass codes are 1 through 65535 (0 is no security). Note If a pass code is set to a negative value, a positive code must be entered to unlock the CR3000. That positive code will equal 65536 + (negative security code). For example, a security code of -1111 must be entered as 64425 to unlock the CR3000. Methods of enabling pass-code lockout security include the following: • Status table - Security(1), Security(2) and Security(3) registers are writable variables in the Status table wherein the pass codes for security levels 1 through 3 are written, respectively. • integrated keyboard / display settings • Device Configuration Utility (DevConfig) - Security passwords 1 through 3 are set on the Deployment tab • SetSecurity() instruction - SetSecurity() is only executed at program compile time. It may be placed between the BeginProg and Scan() instructions. Note Deleting SetSecurity() from a CRBasic program is not equivalent to SetSecurity(0,0,0). Settings persist when a new program is downloaded that has no SetSecurity() instruction 72