EasyManua.ls Logo

Metasphere MM-IM - Security; Telnet; Root Password

Default Icon
85 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
MM-IM User Guide
70
Security
In an increasingly connected environment, security is important. An RTU must be resilient
to many forms of attack, while still providing its expected service. As the MM-IM can be
used with IP connections that are externally accessible, the following security issues are
described in detail.
Telnet
The MM-IM is supplied with a telnet server, however due to the lack of encryption or
authentication in the protocol it has been disabled by default. Ssh connections are
available as an alternative. This is in line with the needs of many customers.
Enabling telnet
If telnet is required for a specific MM-IM it can be enabled using a manual process. Any
upgrade made to the MM-IM may revert to disabled telnet, and require the steps to be
undertaken again.
1. Log in to the MM-IM using ssh to reach the command console
2. Enter vi /etc/init.d/rcS and page down or scroll to around line 90 to find the
following text:
3. #echo $Linux_string: Starting telnetd...
4. #/sbin/telnetd
5. Uncomment the hashes by pressing ‘x’ while the cursor is over them.
6. Save the file and exit the editor with :wq
7. Reboot the MM-IM
Root password
The MM-IM runs the Linux Operating System, and contains a root user account to provide
access for development, diagnostic and upgrade functionality. Previous to the v6.0c6135
firmware release a default password of
password
was used, which provides little security.
Upgrading to v6.0c6135 will change the root password to medinaM5 for security. The
upgrade script will ask for the current password and only apply this if it has remained as
password
.
Changing the root password
While the new default root password is an improvement over using
password
, changing it
can further improve security. The following steps indicate how this can be achieved.
Note: this should not be done to a MM-IM that is running in a production environment
1. Open an ssh connection to the MM-IM and login as root
2. Enter ./killa to stop the MM-IM running
3. Enter rw to allow the filesystem to be writable
4. Enter passwd and follow the prompts
5. Power cycle or reboot with the reboot command
If the password is changed and subsequently lost or forgotten the unit will need to be
returned to Metasphere and reprogrammed to return it to the default. Therefore it is
advised that company procedure for changing the password is followed, as it would be for

Table of Contents