- Community Home
- >
- Servers and Operating Systems
- >
- Servers - General
- >
- Webconsole & Lan Console port
-
- Forums
-
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
- HPE Blog, Austria, Germany & Switzerland
- Blog HPE, France
- HPE Blog, Italy
- HPE Blog, Japan
- HPE Blog, Middle East
- HPE Blog, Russia
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
-
Blogs
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Blog, Latin America
- HPE Blog, Middle East
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
-
Information
- Community
- Welcome
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Tips and Tricks
- Resources
- Announcements
- Email us
- Feedback
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Aruba Airheads Community
- Enterprise.nxt
- HPE Dev Community
- Cloud28+ Community
- Marketplace
-
Forums
-
Blogs
-
Information
-
English
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-16-2004 06:06 AM
04-16-2004 06:06 AM
With many thanks
-sinhass
Solved! Go to Solution.
- Tags:
- SWC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-16-2004 06:26 AM
04-16-2004 06:26 AM
SolutionThe lanconsole ( old lanconsole, new servers hav GSP or MP ) do not support encrypted connections. The Secure Webconsole does ( https protocol) The problem with non encrypted connections is that if s.o. sniffs the packages it is relativly easy to capture a username/passwd string. This is harder when the traffic ( ip ) is crypted.
GSP's and MP's support the ssh and https ( crypted )protocol, as well as the telnet protocol ( non crypted ).
HTH,
Gideon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-16-2004 06:30 AM
04-16-2004 06:30 AM
Re: Webconsole & Lan Console port
We use web console, because it was the first one I anaged to to get working. I was having terminal key errors with lanconsole.
The Web console has a good java/security package with it and an extra layer of password security before you can get to a normal console prompt.
The advantage here is that all you need to make it work is a supported browser. If there are security flaws, your exposure is the same as any other web document.
Behind a firewall, the real issue is employees.
lanconsole gives you an additional advantage, along with the disadvantage of needing to find and install a proper client, putty works fine btw. You can add a layer of /var/adm/inetd.sec security and control what ip addresses and hosts are allowed to connect. This should be done regardless of whether you use lanconsole or not but you can fine tune the security in a little more granular fashion.
I see these as two equally good products, one of which is slightly easier for a fool like me to set up.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-16-2004 07:27 AM
04-16-2004 07:27 AM
Re: Webconsole & Lan Console port
1) Serial consoles, which I assume we are not talking about.
2) Lanconsole which is substantially a telnet/ssh connection and network configuration.
3) Secure Web Console.
Even though I did a recent install on this, the first thread response writer is way more up to date than me an the technical aspects.
Take that into account when making your decision.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-16-2004 08:17 AM
04-16-2004 08:17 AM
Re: Webconsole & Lan Console port
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-16-2004 11:41 AM
04-16-2004 11:41 AM
Re: Webconsole & Lan Console port
-sinhass
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-16-2004 12:51 PM
04-16-2004 12:51 PM
Re: Webconsole & Lan Console port
http://www.security-express.com/archives/bugtraq/1999-q4/0157.html
So the answer is that neither should be used a security device. Console connections, regardless of the platform or appliance, are critical entry points into the system. And as such, they should be treated as highly vulnerable and to be protected. So I would remove lanconsole connections and web consoles (don't forget your network appliances), and replace them with serial connections into a secure terminal server. Cyclades makes an embedded Linux box that supports from 1 to as many as 48 consoles in a 1U rack space. There are a couple of other manufacturers that offer console servers with SSH access.
The reason that this is important is that you don't want any of the consoles directly connected to a network. You will use SSH to terminal server and then select the port you need. Another advantage of modern terminal servers is that they remember text that was sent to the console even though no one was connected to the port.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
04-17-2004 12:38 AM
04-17-2004 12:38 AM
Re: Webconsole & Lan Console port
to add to what Bill wrote:
use something like "nmap" to do a so-called "portscan" on one of those "consoles" - and they usually are hung up (and you'll need to unplug the power-cable from it to get it back to work. That's especially nasty with the GSPs, i.e. built-in lan-/web-consoles).
FWIW,
Wodisch
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2021 Hewlett Packard Enterprise Development LP