RE: Securing eRIC express

["Thomas D." <whistl0r () googlemail com>]

Thx for your reply!

barcajax@XXXX wrote on Wednesday, January 03, 2007 1:13 AM:
> Btw is this the card you are referring to?
> http://www.techland.co.uk/index/eric

Well, its original name is "eRIC express" (http://tinyurl.com/tnpu9).


> According to this link, you can set up an encrypted channel using
> "HTTPS protocol or socket security layer SSL2.3".

The web interface uses https, that's right. But I am more afraid about the
login authentication than about insecure communication.

 
> I suggest setting up VPN tunnel to this site followed by HTTPS on top
> of that. Limit the number of login attempts to this box as well.

That's problem:
We aren't allowed to configure the router that way, that only our static
corporate IP address is allowed to connect on the eRIC port, because it
isn't our network equipment.
A VPN tunnel would require a counterpart, but we aren't allowed to install
something between "eRIC express" and the router, which connects the card
with the internet. Raritan told us, that an "eRIC express" card cannot be
that VPN counterpart...


-- 
Thomas D.




---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------