RFC 3871           Operational Security Requirements      September 2004

   Warnings.

      It is common practice is to connect RS232 ports to terminal

      servers that permit networked access for convenience.  This

      increases the potential security exposure of mechanisms available

      only via RS232 ports.  For example, a password recovery mechanism

      that is available only via RS232 might give a remote hacker to

      completely reconfigure a router.  While operational procedures are

      beyond the scope of this document, it is important to note here

      that strong attention should be given to policies, procedures,

      access mechanisms and physical security governing access to

      console ports.

2.3.2.  'Console' Communication Profile Must Support Reset

   Requirement.

      There MUST be a method defined and published for returning the

      console communication parameters to their default settings.  This

      method must not require the current settings to be known.

   Justification.

      Having to guess at communications settings can waste time.  In a

      crisis situation, the operator may need to get on the console of a

      device quickly.

   Examples.

      One method might be to send a break on a serial line.

   Warnings.

      None.

2.3.3.  'Console' Requires Minimal Functionality of Attached Devices

   Requirement.

      The use of the 'console' interface MUST NOT require proprietary

      devices, protocol extensions or specific client software.

Jones                        Informational                     [Page 19]