50 © 2007 VBrick Systems, Inc.
is related to user accounts and passwords. After a successful installation, you should
immediately change the default passwords. Many attacks come from within an organization
and this helps to minimize the risk. The IWS login is generally secure since it utilizes
encryption techniques to hide usernames and passwords from network spyware.
Malicious software covertly attaches itself to unsuspecting devices. These programs are
generally designed to compromise personal information or to create system havoc. Since the
VBrick appliance uses an industrial-grade operating system, it is less susceptible to malicious
software and unlikely to be a target of programs designed to attack PC-based systems like
Microsoft, Linux, and others. However, you can still take additional steps to minimize risk.
VBrick tries to make installation as simple and quick installation and many features are
automatically enabled by default even though you may not need them. You can selectively
disable unneeded features to reduce vulnerability. Another common problem is Denial of
Service (DoS) attacks. A DoS sends floods of packets to an unsuspecting remote system in an
attempt to disrupt or stop normal operation. These unsuspecting remote systems are typically
discovered using ICMP or ping. It is standard industry practice to block all ICMP and ping
requests from off-net foreign hosts. This is typically done in a centralized location using
router/firewall technology which is more successful and cost effective than resolving the
issue at each host.
Configuration: System > Logging
Certain log events are captured and can be viewed locally. This local log is saved in volatile
memory and hold the most recent 20 entries. See Status: System Log
on page 73 for examples
of log information. To save log information indefinitely, it is recommended that remote
logging be utilized. Remote servers generally offer ample storage and offer the additional
benefit of collecting log information from several VBricks simultaneously. When logging
externally, specify either the IP address or hostname a server that is configured to receive
SNMP traps on port 162 into the Remote Event Log IP Address or Remove Event Log DNS
Host Name fields.