GE GFK-2489 user manual Cyber Security Suite

1

Security Risk

The TranSphere TS Wireless Solution

Unauthorized access to the backbone

▪

Approved Remotes List

network through a foreign remote

Only radios on the Approved Remotes list connect

radio

▪

“Rogue” AP, where a foreign AP

Approved AP List

takes control of some or all Remote

A Remote connects only to APs on its Approved AP

radios and thus remote devices

▪

List

“Dictionary attacks”, where an intruder

Failed log-in lockdown

runs a program that sequentially tries

After three tries, a transceiver ignores log-in

to break a password

requests for five minutes. Critical event reports

▪

(traps) are generated as well.

Denial of service, where Remote

Remote log-in

radios could be reconfigured with bad

▪

Local console log-in

parameters, bringing the network

▪ HTTP (Hypertext Transfer Protocol) and Telnet

down

disabled, enabling only local management

Airsnort and other war-driving

▪

Frequency-hopping spread spectrum (FHSS) does

intruders in parking lots, near

not talk over the air with standard 802.11b cards

buildings, etc.

▪

The transceiver cannot be put in a “promiscuous”

mode

Eavesdropping, intercepting

▪ 128-bitencryption

messages

Key cracking

▪ Automatic Key Rotation algorithm. In addition, a

Force Key Rotation command is available to

immediately rotate the keys of the AP and

synchronize all Remotes with it.

Replaying messages

▪ 128-bit encryption with rotating keys

Unprotected access to configuration

▪ Non-secure SNMP versions can be SNMP enabled

via SNMP

or disabled at will.

Potential, ongoing attacks

▪ Provides early warning via SNMP through critical

event reports of unauthorized log-in attempts and

suspicious activities

GFK-2489

Chapter 1 Introduction

1-9