Security and pos best Practices Peter Harris


Severity: SevereDescription



Download 2.14 Mb.
View original pdf
Page4/4
Date20.02.2023
Size2.14 Mb.
#60707
1   2   3   4
prod.tos873817
Severity: Severe
Description: Unneeded services and ports available
Vendor/TGCS recommendations Create a standard configuration enabling only appropriate ports, services, etc.,
4.Issue Title Insecure Password Policy
Severity: Severe
Description: No password rules enable.
Vendor/TGCS recommendations
Enable Enhanced Security with appropriate password rules
4690 OS Penetration Test Results


5.Issue Title Account Enumeration
Severity: Medium
Description: There are unique error messages for invalid ID and PW
Vendor/TGCS recommendations:
•SSH does provide single error message for invalid ID or
PW
•Control access to physical console:
•Enable Console ID lockout to limit attempts
4690 OS Penetration Test Results


6.Issue Title Predictable User Names
Severity: Medium
Description: IDs are too simple and easy to guess
Vendor/TGCS recommendations Implement a user procedure to create nontrivial IDs
4690 OS Penetration Test Results


Case Study Conclusion
The findings were addressed in V6R4 or earlier
It is important to keep current with 4690 OS releases as security continues to evolve.
Please share with us feedback from security studies you have initiated.
Toshiba is prepared and ready to help you impalement 4690 Security Best Practices.

Download 2.14 Mb.

Share with your friends:
1   2   3   4




The database is protected by copyright ©ininet.org 2024
send message

    Main page