Secure System Management Portal

From CacheWiki
Jump to: navigation, search

Cache is often deployed with unsecured access (UnknownUser) to the System Management Portal (SMP), this is a major security hole, especially if your Cache server is internet connected.

This is a list of steps that I currently believe need to occur to secure the system. They are currently untested, so please don't do this in a production system (Yet).

If you have experience with this please share.

  • Turn on Auditing
  • Turn on Pasword Authentication on the SYS namespace.
  • Change the _SYSTEM password.
  • Disable the UnknownUser account.

References

<http://docs.intersystems.com/cache20101/csp/docbook/DocBook.UI.Page.cls?KEY=GCAS_tighten>

<http://karataev.nm.ru/cache/backdoors.html>

Retrieved from "http://www.cachewiki.org/index.php?title=Secure_System_Management_Portal&oldid=2176"
Personal tools