[Elecraft] K4 Ethernet interface

Magnus Danielson magnus at rubidium.se
Wed Feb 9 04:55:34 EST 2022 

If you run locally, fine for now. However, if you aim to run remote it 
will not suffice. Also, today we have to think more about security in 
depth, so one have to consider if one machine is breached, then the 
others will be wide open if you overly consider the local net as safe. 
Therefore to a higher degree will real security be needed even for only 
operating on the local net. To put it bluntly, it's bad enough that they 
take one of your machines, but all of them?

This realization means that NAT does not provide much protection these 
days, and VPNs between NAT regions is not really helping.

Trouble is that I aim to also operate my K4 for remote operation over 
the network. I want to make sure that we do it on a sufficiently 
future-proof path, and SSH/TLS/DTLS is the low hanging fruit to get 
pretty much directly up to speed on some of the basic stuff. It's of the 
shelf and well established.

I did a port-scan, and there where quite a bit of open ports there. What 
they do remains undocumented. Being able to turn them off to reduce 
attack surface would be appreciated.

Seems my little side-comment blew up as a separate topic.

Cheers,
Magnus

On 2022-02-09 09:29, Victor Rosenthal 4X6GP wrote:
> Most home routers have NAT (network address translation). Does this 
> provide adequate security for this application?
> If not, why not? Serious question, not a challenge!
>
> 73,
> Victor, 4X6GP
> Rehovot, Israel
> CWops #5
> Formerly K2VCO
> https://www.qsl.net/k2vco/
> .
> On 09/02/2022 10:00, Henk Remijn PA5KT via Elecraft wrote:
>> The K4 is accessible through telnet on port 9200.
>>
>> No security.
>>
>> It is always a good idea to have security but I would prefer to have
>> the telnet without security and put the security in the network.
>>
>> Make sure you have a good firewall between the internet and your
>> radio equipment. Dont trust your internet provider. Always put a
>> firewall between your internetprovider firewall/router en your home
>> network.
>>
>> 73 Henk PA5KT
>>
> ______________________________________________________________
> Elecraft mailing list
> Home: http://mailman.qth.net/mailman/listinfo/elecraft
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:Elecraft at mailman.qth.net
>
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html
> Message delivered to magnus at rubidium.se

More information about the Elecraft mailing list