Table of Contents
Advertisement
iPlex Installation and Hardware Specification Guide
Internet Security Concerns
90
The possible risks when a iPlex (or any equipment from any vendor, for that mat-
ter) connects directly to the Internet:
•
Unauthorized access (break-in): unauthorized individuals can take control of the device,
modify its configuration, bring it down, etc.
•
Denial of Service (DoS): attackers may be able to bring down the unit or cause it to
malfunction by subjecting it to different or unexpected traffic patterns without necessarily
gaining access to it.
This chapter discusses the various ways to connect the iPlex to the Internet and
the possible vulnerabilities of each.
Unauthorized Access
Unauthorized access occurs when a third party gains access to one of the control
interfaces in the iPlex (Web, SNMP or CLI). This can happen in one of two ways:
1 Access is gained due to a bug, hole or vulnerability in the iPlex code or
Operating System
.
NOTE
At this time, no such bugs, holes or vulnerabilities have been dis-
covered in ANY version of the
2 Access is gained because the third party can either guess the passwords or
monitor (sniff) the traffic going to the iPlex and read these passwords.
Since the first method is known not to happen, the focus will be on the second
method.
Access to the iPlex through the CLI and Web interfaces share the same usernames
and passwords. Generally, TANDBERG Television suggests that passwords
should not be constructed so as to be easily guessed. When the iPlex leaves
TANDBERG Television, it has a default password "skystream." TAND-
BERG Television installation personnel may leave it as such. The SCM will not
boot until a root password is set. TANDBERG Television installation personnel
may set the root password to "TANDBERG Television" and leave it as such.
This procedure is strongly discouraged as this may be an easily guessed password.
Users are strongly urged to use secure passwords for access to the iPlex. A secure
password has a combination of upper and lower-case letters, digits, and special
characters.
Access to the iPlex through SNMP requires knowledge of the community string.
The read-only community string defaults to "public" and the read-write commu-
nity string defaults to "private". Again, these are easily guessed strings and should
be changed.
iPlex
software.
Hide quick links:
Advertisement
Table of Contents
