Security Basics mailing list archives
Re: Securing eRIC express
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 3 Jan 2007 15:52:38 +0100
On 2007-01-02 Thomas D. wrote:
we are going to use some "eRIC express" cards, to administrate some remote servers. These cards are reachable through the internet, 24h/7d. The handbook tells us, that we will have to use a username/password for authentication. I am note sure how secure this will be. Is there anything we can do to protect these cards?
The embedded web server of the eRIC express cards supports SSL. Enable "Force HTTPS" and have strong password(s) and you should be fine. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq --------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
Current thread:
- Securing eRIC express Thomas D. (Jan 02)
- Re: Securing eRIC express Nick Owen (Jan 02)
- RE: Securing eRIC express Thomas D. (Jan 02)
- Re: Securing eRIC express Paul daSilva (Jan 04)
- RE: Securing eRIC express Thomas D. (Jan 04)
- RE: Securing eRIC express Thomas D. (Jan 02)
- Re: Securing eRIC express Nick Owen (Jan 02)
- Re: Securing eRIC express Ansgar -59cobalt- Wiechers (Jan 04)
- <Possible follow-ups>
- Re: RE: Securing eRIC express barcajax (Jan 04)
- Re: RE: Securing eRIC express Ansgar -59cobalt- Wiechers (Jan 04)
- RE: Securing eRIC express Thomas D. (Jan 04)
- Re: RE: Securing eRIC express vladimir . jirasek (Jan 04)