Security and pos best Practices Peter Harris


Severity: SevereDescription



Download 2.14 Mb.
View original pdf
Page4/4
Date20.02.2023
Size2.14 Mb.
#60707
1   2   3   4
prod.tos873817
Severity: Severe
Description: Unneeded services and ports available
Vendor/TGCS recommendations Create a standard configuration enabling only appropriate ports, services, etc.,
4.Issue Title Insecure Password Policy
Severity: Severe
Description: No password rules enable.
Vendor/TGCS recommendations
Enable Enhanced Security with appropriate password rules
4690 OS Penetration Test Results

5.Issue Title Account Enumeration
Severity: Medium
Description: There are unique error messages for invalid ID and PW
Vendor/TGCS recommendations:
•SSH does provide single error message for invalid ID or
PW
•Control access to physical console:
•Enable Console ID lockout to limit attempts
4690 OS Penetration Test Results

6.Issue Title Predictable User Names
Severity: Medium
Description: IDs are too simple and easy to guess
Vendor/TGCS recommendations Implement a user procedure to create nontrivial IDs
4690 OS Penetration Test Results

Case Study Conclusion
The findings were addressed in V6R4 or earlier
It is important to keep current with 4690 OS releases as security continues to evolve.
Please share with us feedback from security studies you have initiated.
Toshiba is prepared and ready to help you impalement 4690 Security Best Practices.

Download 2.14 Mb.

Share with your friends:
1   2   3   4



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy