DeviceMaster LT Security Features
Security Modes
DeviceMaster LT User Guide: 2000586 Rev. B
The following subsections provide information about DeviceMaster LT security
features.
The DeviceMaster LT supports two security modes.
Security
Mode
SSL encryption for serial port data streams for both NS-Link and
SocketServer. Secure Data mode:
•
Requires SSL encryption of TCP connections to SocketServer
(Ports 8000, 8001, 8002, and so forth).
•
Disables UDP access to SocketServer.
•
Disables RFC1006 (ISO-over-TCP) access to SocketServer.
•
Disables MAC-mode access to serial ports. MAC mode admin
and ID commands are still allowed.
Secure Data
•
Requires SSL encryption of NS-Link TCP connections (Port
4606). Not directly supported by NS-Link drivers for Windows
and Linux. The Linux driver has been tested using stunnel,
but manual setup is required.
•
Requires SSH instead of telnet connection to the diagnostic
log (TCP Port 4607).
•
Two values for http READ and WRITE commands: A2:
Enable.
Encrypts/authenticates configuration and administration
operations (web server, IP settings, load SW, and so forth.). Secure
Config mode:
•
Disables MAC mode admin commands except for ID request†.
•
Disables TCP/IP admin commands except for ID request†.
Secure Config
•
Disables telnet console access (Port 23)†.
•
Disables unencrypted http:// access via Port 80.
•
Disables e-mail notification and SNMP features.
•
Two values for http READ and WRITE commands: A3:
Enable.
† Affects both RedBoot and SocketServer/NS-Link applications.
DeviceMaster LT Security Features
Description
DeviceMaster LT Security - 51