Planet Networking & Communication MH-5001 User Manual page 54

MH-5001 User Manual
You should avoid allowing management access for an interface connected to the Internet unless this is required for your
configuration. To improve the security of a MH-5001 unit that allows remote management from the Internet, add secure
administrative user passwords, change these passwords regularly, and only enable secure management access using HTTPS or SSH.
Remote Management
Access methods
Telnet
SSH
WWW
HTTPS
SNMP
MISC
The priority of the remote management methods to configure the MH-5001 is like the following order.
Console > SSH > Telnet > HTTPs > HTTP
Telnet is a protocol for remote computing on the Internet. It allows a computer to act as a remote
terminal on another machine, anywhere on the Internet. This means that when you telnet to a
particular host and port, the remote computer (which must have a telnet server) accepts input directly
from your computer (which must have a telnet client) and output for your session is directed to your
screen. There are many library and information resources that are accessible through telnet.
Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface
and protocol for securely getting access to a remote computer. It is widely used by network
administrators to control Web and other kinds of servers remotely. SSH is actually a suite of three
utilities - slogin, ssh, and scp - that are secure versions of the earlier UNIX utilities, rlogin, rsh, and
rcp. SSH commands are encrypted and secure in several ways. Both ends of the client/server
connection are authenticated using a digital certificate, and passwords are protected by being
encrypted. SSH uses RSA public key cryptography for both connection and authentication.
Encryption algorithms include Blowfish, DES, and IDEA. IDEA is the default.
World Wide Web. Two meanings - First, loosely used: the whole constellation of resources that can
be accessed using Gopher, FTP, HTTP, telnet, USENET, WAIS and some other tools. Second, the
universe of hypertext servers (HTTP servers) which are the servers that allow text, graphics, sound
files, etc. to be mixed together.
WWW allows HTTP connections to the web-based manager through the selected interface. HTTP
connections are not secure and can be intercepted by a third party.
HyperText Transfer Protocol Secure. A secure protocol for sending information back and forth over
the Internet. The HTTPS protocol most frequently relies on the SSL (Secure Socket Layer)
encryption system but others such as TLS (Transport layer security) are also available.
Simple Network Management Protocol; a standard for gathering statistical data about network traffic
and the behavior of network components; SNMP uses management information bases (MIBs),
which define what information is available from any manageable network device
ICMP is an acronym for Internet Control Message Protocol. An ICMP is the standard error and
control message protocol for Internet systems. The most well known use of ICMP messages is the
Echo Request, Echo Reply sequence used by ping.
Table 5-1 Definition of the Remote Management Methods
Definition
51
Chapter 5
Remote Management