beautypg.com

2 pass-code lockout – Campbell Scientific CR1000 Measurement and Control System User Manual

Page 72

background image

Section 5. System Overview

72 

 

 

LoggerNet:

• All datalogger functions and data are easily accessed via RS-232 and Ethernet

using Campbell Scientific datalogger support software.

• Cora command find-logger-security-code.

Telnet:

• Watch IP traffic in detail. IP traffic can reveal potentially sensitive

information such as FTP login usernames and passwords, and server
connection details including IP addresses and port numbers.

• Watch serial traffic with other dataloggers and devices A Modbus capable

power meter is an example.

• View data in the Public and Status tables.
• View the datalogger program, which may contain sensitive intellectual

property, security codes, usernames, passwords, connection information, and
detailed or revealing code comments.

FTP:

• Send and change datalogger programs.
• Send data that have been written to a file.

HTTP:

• Send datalogger programs.
• View table data.
• Get historical records or other files present on the datalogger drive spaces.
• More access is given when a .csipasswd is in place (so make sure users with

administrative rights have strong log-in credentials)

5.1.10.2 Pass-code Lockout

Pass-code lockouts (historically known simply as "security codes") are the oldest
method of securing a Campbell Scientific datalogger. Pass-code lockouts can
effectively lock out innocent tinkering and discourage wannabe hackers on non-IP
based telecommunications links. However, any serious hacker with physical
access to the datalogger or to the telecommunications hardware can, with only
minimal trouble, overcome the five-digit pass-codes blocking access. Systems
that can be adequately secured with pass-code lockouts are probably limited to:

• private, non-IP radio networks
• direct links (hardwire RS-232, short-haul, multidrop, fiber optic)
• non-IP satellite
• land-line, non-IP based telephone, where the telephone number is not

published.

• cellular phone wherein IP has been disabled, providing a strictly serial

connection.

See also other documents in the category Campbell Scientific Measuring instruments: