SCS100/200/400 User Guide
6: Application Setup
Security Enhancements
This section describes methods for increasing the security of the SCS.
Incoming Security
You can make the SCS into a highly secure host by turning off the FTP and HTTP
services using the command:
Set/Define Proto [ HTTP | FTP ] [Enabled | Disabled]
Note:
The web interface will no longer be available.
You can further restrict access to only SSH connections to the SCS command line and
serial ports, using the following command:
Set/Define Server Incoming Secure
The
Server Incoming Secure
command disallows unsecure Telnet and TCP connection
attempts. Access is through SSH only.
Port User Restrictions
To reject network connections to ports not on a user’s port target list, use the command:
Set/Define Authentication User <username> Port Target <portlist>
To reject serial logins to ports not on a user’s port list, use the command:
Set/Define Authentication User <username> Port Serial <portlist>
To show the user's current port restrictions, use the command:
Show Authentication User <username>
To reset the permissions back to the default, use the command:
Set/Define Authentication User <username> Port Factory
Com Port Redirector
The Com Port Redirector application allows Microsoft Windows-based PCs to access
modems or other serial devices connected to a Secure Console Server as if those serial
devices were local Com ports. The Redirector creates virtual com ports and intercepts
communications from existing device software, then redirects those communications over
the IP network to the serial ports on your SCS. The Com Port Redirector works in the
background.
The Com Port Redirector software and installation instructions are included on the
distribution CD-ROM or from the Lantronix web site at:
ftp://ftp.lantronix.com/pub/redirector
6-20