Lantronix SLC 32 Lantronix SLC - User Guide - Page 265
Appendix B: Security Considerations, Security Practice, Factors Affecting Security
View all Lantronix SLC 32 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 265 highlights
Appendix B: Security Considerations The SLC console manager provides data path security by means of SSH or Web/SSL. Do not assume that you have complete security, however. Securing the data path is only one way to ensure security. This appendix briefly discusses some important security considerations. Security Practice Develop and document a Security Practice. For example, the Security Practice document should state the rules to maintaining security. For example, do not leave sessions open or advertise passwords because these actions could compromise SSH and SSL. Or, do not speculate about the facility and network infrastructure with reference to how vulnerable the CAT 5 wiring is to tapping. Factors Affecting Security External factors affect the security provided by the SLC device, for example: Telnet sends the login exchange as clear text across Ethernet. A person snooping on a subnet may read your password. A terminal to the SLC console manager may be secure, but the path from the SLC device to the end device may not be secure. With the right tools, a person having physical access to open the SLC console manager may be able to read the encryption keys. There is no true test for a denial-of-service attack; there is always a legitimate reason to request a storm. A denial-of-service filter locks out some high-performance automated/ scripted requests. The SLC device always attempts to service requests and does not filter out potential denial-of-service attacks. SLC™ Console Manager User Guide 265