beautypg.com

2 pass-code lockout – Campbell Scientific CR3000 Micrologger User Manual

Page 72

background image

Section 5. System Overview

72 

 

 

HTTP:

• Send datalogger programs.
• View table data.
• Get historical records or other files present on the datalogger drive spaces.
• More access is given when a .csipasswd is in place (so make sure users with

administrative rights have strong log-in credentials)

5.1.9.2 Pass-code Lockout

Pass-code lockouts (historically known simply as "security codes") are the oldest
method of securing a Campbell Scientific datalogger. Pass-code lockouts can
effectively lock out innocent tinkering and discourage wannabe hackers on non-IP
based telecommunications links. However, any serious hacker with physical
access to the datalogger or to the telecommunications hardware can, with only
minimal trouble, overcome the five-digit pass-codes blocking access. Systems
that can be adequately secured with pass-code lockouts are probably limited to:

• private, non-IP radio networks
• direct links (hardwire RS-232, short-haul, multidrop, fiber optic)
• non-IP satellite
• land-line, non-IP based telephone, where the telephone number is not

published.

• cellular phone wherein IP has been disabled, providing a strictly serial

connection.

Up to three levels of lockout can be set. Valid pass codes are 1 through 65535 (0
is no security).

Note If a pass code is set to a negative value, a positive code must be entered to
unlock the CR3000. That positive code will equal 65536 + (negative security
code). For example, a security code of -1111 must be entered as 64425 to unlock
the CR3000.

Methods of enabling pass-code lockout security include the following:

Status table – Security(1), Security(2) and Security(3) registers are writable

variables in the Status table wherein the pass codes for security levels 1
through 3 are written, respectively.

• integrated keyboard / display settings
Device Configuration Utility (DevConfig) – Security passwords 1 through 3

are set on the Deployment tab

SetSecurity() instruction – SetSecurity() is only executed at program

compile time. It may be placed between the BeginProg and Scan()
instructions.

Note Deleting SetSecurity() from a CRBasic program is not equivalent to
SetSecurity(0,0,0). Settings persist when a new program is downloaded that has
no SetSecurity() instruction

See also other documents in the category Campbell Scientific Measuring instruments: