Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Don Y Newsgroups: sci.electronics.design Subject: More silly security Date: Fri, 12 Apr 2024 10:40:20 -0700 Organization: A noiseless patient Spider Lines: 47 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Fri, 12 Apr 2024 19:40:21 +0200 (CEST) Injection-Info: dont-email.me; posting-host="383f47e25ca18ff0b6928d6e570fd3bc"; logging-data="2612305"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX192tpKi+LKBUIugImV1UGaP" User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Cancel-Lock: sha1:SoamclwReOlVdF1uIFo7Ryg29MU= Content-Language: en-US Bytes: 3001 APC UPSs have (or can have) a network management option. Most usually, an add-in card with (at least) a NIC and some services hosted by the UPS (web interface, sshd, ftpd, etc.). Most UPSs don't have a traditional UI. Often, a serial console is available -- via a (trivial to make) special cable. To get the interface card to a known state, there is a RESET pinhole available. One would think holding the RESET for some abnormal amount of time would force the card to resume it's default settings -- IP, password, etc. APC, however, have implemented a more bizarre scheme: Press RESET. Wait a few seconds for indicator on the card to rapidly flash Press RESET, again. Repeatedly strike ENTER on serial console until prompt appears. Use default credentials to log in. This must be accomplished in the first 30 seconds else the existing settings (ALL of them, including username and password) remain as is. [Keep in mind that for a racked UPS, you've got your head inside the rack on the BACK side of the UPS to access the RESET pinhole. And, the UPS is likely *low* in the rack making access challenging. Presumably, a laptop sitting nearby to act as the serial console] I do not see the rationale for this. The person has physical access to the UPS *and* the power cords for the devices that it protects (and powers, even when mains power is available THROUGH the UPS!). The person is free to alter the persistent settings for any of these parameters after this ritual is performed. So, what is the silly 30 second timeout achieving? Is it there to protect against someone ACCIDENTALLY pressing RESET? Is it there to ensure the existing password can remain intact even if the user successfully accesses the console and opts not to change the existing password? This seems unduly complicated vs. simply "Press RESET for 10 seconds to reset credentials (and IP?)" I'm looking at other (UPS) manufacturers' products to see if they are similarly convoluted for some reason...