Jump to content

HTTPS Authentication for Adminstration of Netduma R1 necessary


Recommended Posts

Netduma R1 should not allow insecure protocols, such as, but not limited to HTTP (TCP Port 80) or Telnet (TCP Port 23).  These protocols are insecure for passing user name and passwords.

 

Recommendation:

Add HTTPS support to the Web daemon being used on the Netduma R1 appliance.

Remove HTTP support, or give the option to override the default HTTPS option (with a warning banner)

Enable HTTPS support by default.

 

I would be happy to assist, or provide explicit documentation on this risk if necessary.  

 

Thank you for creating this great product, now let's make it secure!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...