Security Basics mailing list archives

Re: Securing eRIC express

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 3 Jan 2007 15:52:38 +0100

On 2007-01-02 Thomas D. wrote:

we are going to use some "eRIC express" cards, to administrate some
remote servers.
These cards are reachable through the internet, 24h/7d.

The handbook tells us, that we will have to use a username/password
for authentication.
I am note sure how secure this will be. Is there anything we can do to
protect these cards?


The embedded web server of the eRIC express cards supports SSL. Enable
"Force HTTPS" and have strong password(s) and you should be fine.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

Securing eRIC express Thomas D. (Jan 02)
- Re: Securing eRIC express Nick Owen (Jan 02)
  - RE: Securing eRIC express Thomas D. (Jan 02)
    - Re: Securing eRIC express Paul daSilva (Jan 04)
    - RE: Securing eRIC express Thomas D. (Jan 04)
- Re: Securing eRIC express Ansgar -59cobalt- Wiechers (Jan 04)
- <Possible follow-ups>
- Re: RE: Securing eRIC express barcajax (Jan 04)
  - Re: RE: Securing eRIC express Ansgar -59cobalt- Wiechers (Jan 04)
  - RE: Securing eRIC express Thomas D. (Jan 04)
- Re: RE: Securing eRIC express vladimir . jirasek (Jan 04)