Is Your Terminal Switch Safe from Hackers Looking for IP Addresses?

When it comes to terminal switch products and other out of band management tools, ping command response sometimes creates an overlooked security hole. In many situations, hackers who are interested in gaining access to important network control functions can discover IP addresses for sensitive network devices by randomly pinging a series of IP numbers until they find an address that responds. Once a device responds, the hacker then knows the IP address of the unit, providing an initial foothold that could be used to eventually gain access to secure devices.

You might not see this type of attack every day, but it’s increasingly common for hackers to use ping response as a means of discovering vulnerable access points in an otherwise secure network. That’s why WTI terminal switch products include a simple feature that can be used to defeat this type of attack, by simply disabling the terminal switch or switched PDU’s response to ping commands. When ping response is disabled, hackers won’t be able to discover the IP address for critical devices such as a terminal switch or switched PDU by merely pinging random IP addresses on your network until they get a response.

Note however, that even when ping response is disabled, other WTI terminal switch features that depend on ping operations will still continue to function normally. The main WTI terminal switch function that relies on the ping command is the Ping No Answer Alarm, which allows the terminal switch to automatically ping a specific device on your network at regular intervals, in order to make certain that the device is functioning properly. When the WTI terminal switch ping response is disabled, the Ping No Answer Alarm will continue to function; pinging network devices such as servers and routers in order to check for proper operation.

Since the very nature of a terminal switch it to provide secure, centralized, out of band command access to network devices, it’s imperative that terminal switch operation should be as safe and secure as possible. That’s why WTI terminal switch products include a robust array of security and authentication features, including LDAP, RADIUS, TACACS+, Kerberos and others. When selecting a terminal switch for your out of band management application, make certain to chose a terminal switch that anticipates all types of possible hacker attacks, including attacks that are initiated by randomly pinging devices on your network.

Western Telematic, Inc. (WTI) designs and manufactures remote device management products for IT applications. WTI’s Serial Console Server products, Terminal Switch Products, Remote Reboot products, Switched PDU products and A/B Fallback products are engineered to allow you to securely manage and troubleshoot rack equipment in remote locations.

Link to Original Content

Tags: , , , ,

Comments are closed.