AC3 web server security

[romanr]

I'm using port forwarding to route to my AC3 from the Internet. I have a password set to access the server but I know it's a clear text password so there is the risk of a password being intercepted in route with a packet sniffer. I also don't think there is a limit on how many login attempts can be attempted so a brute-force hack is a possibility. Does anyone loose any sleep over this? What precautions are you taking?

On mine I have a very strong password (not effective against a clear text intercept) and I use an unusual port. I don't have a DNS name associated with the gateway router so you would have to know or stumble upon the IP and port #. Do I have to upgrade to an APEX to achieve some piece of mind? Of course there is always the option of plugging the hole and not having the server accessible from outside but that is not something I want to give up.

 

[Specialtang]

Change your PORT from 80 to anything you wish within reason

Strong Username and password

According to Neptune Systems The Aqua Controller can only handle three connections at one time before it locks up the webserver part or restarts (not clear on this part it has been a long time) the chances of a brute force attack is less likely

port forwarding is great so long as it is not DMZ or port 80 on the outside.

 

[Deleted member 143833]

The controller supports 3 web requests outstanding at 1 time (not connections); after that they are queued and depending on the speed of the connection they may timeout. The controller should not reset or lock-up.

 

[Specialtang]

Dug through my emails and Curt told me if too many request at one time the AC will cycle or stop replying to future requests and you would have to manually restart the controller.