Security faqs – Raritan Computer Home Security System User Manual
Page 365
Appendix I: FAQs
347
Question
Answer
security tools such as LDAP,
AD, RADIUS, and so on?
TACACS+, RADIUS, and LDAP.
Why does the error message
"Incorrect username and/or
password" appear after I
correctly enter a valid
username and password to
log into CC-SG?
Check the user account in AD. If AD is set to "Logon
To" specific computers on the domain, it disallows you
to log into CC-SG. In this case, remove the "Logon
To" restriction in AD.
Security FAQs
Question
Answer
Security
Sometimes when I try to log
in, I receive a message that
states my “login is incorrect”
even though I am sure I am
entering the correct
username and password.
Why is this?
There is a session-specific ID that is sent out each
time you begin to log into CC-SG. This ID has a time-
out feature, so if you do not log into the unit before the
time-out occurs, the session ID becomes invalid.
Performing a Shift-Reload refreshes the page from
CC-SG, or you may close the current browser, open a
new browser, and log in again. This provides an
additional security feature so that no one can recall
information stored in the web cache to access the unit.
How is a password secure?
Passwords are encrypted using MD5 encryption,
which is a one-way hash. This provides additional
security to prevent unauthorized users from accessing
the password list.
Sometimes I receive a “No
longer logged in” message
when I click any menu in
CC-SG, after leaving my
workstation idle for a period
of time. Why?
CC-SG times each user session. If no activity
happens for a pre-defined period of time, CC-SG logs
the user out. The length of the time period is pre-set to
60 minutes, but it can be reconfigured. It is
recommended that users exit CC-SG when they finish
a session.
As Raritan has root access
to server, this may
potentially cause issue with
government bodies. Can
customers also have root
access or can Raritan
provide a method of
auditability/accountability?
No party will have root access to server once the unit
is shipped out of Raritan, Inc.
Is SSL encryption internal as
well as external (not just
Both. The session is encrypted regardless of source,
LAN or WAN.