9 security, Figure 28: custom menu example – Campbell Scientific CR3000 Micrologger User Manual

Section 5. System Overview

70 

displays two values from CR3000 memory. PanelTemps shows the CR3000
wiring-panel temperature at each scan, and the one-minute sample of panel
temperature. TCTemps displays two thermocouple temperatures.

Figure 28: Custom menu example

5.1.9 Security

CR3000 applications may include the collection of sensitive data, operation of
critical systems, or networks accessible by many individuals. The CR3000 is
supplied void of active security measures. By default, RS-232, Telnet, FTP and
HTTP services, all of which give high level access to CR3000 data and programs,
are enabled without password protection.

Campbell Scientific encourages CR3000 users who are concerned about security,
especially those with exposure to IP threats, to send the latest operating system to
the CR3000 (available at www.campbellsci.com) and to disable un-used services
and secure those that are used. Actions to take may include the following:

• Set passcode lockouts
• Set PakBus/TCP password
• Set FTP username and password
• Set AES-128 PakBus encryption key
• Set .csipasswd file for securing HTTP and Web API
• Track signatures
• Encrypt program files if they contain sensitive information
• Hide program files for extra protection
• Secure the CR3000 datalogger and power supply under lock and key.