This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm that you accept these cookies being set.

security question
#1
Hi
Can I secure the connection to LM somehow? Now everybody who get access to my network can use his own ETS and modify my KNX devices.
I set "encryption key" in "KNX connection" dialogue and "Enable only secure connection" but I'm still able to connect to KNX bus throw LM from ETS 5.5 via unsecured channel only.
Maybe the problem is I use LM in TP-UART mode?


What is the best practice?

FYI when I unchecked "KNX IP features" my LM got completely frozen. No led lighted. Reset button didn't work. I had to disconnect power supply for turning it on.
LM5Lp, firmware: 2018.08.22 and 2021.12.15, FlashSYS v2, ARMv7 Processor rev 5 (v7l), kernel 4.4.151 and 4.4.259
Reply
#2
There's an issue in your FW where tunneling is not disable once "Enable only secure connection" is enabled. This will be fixed in the next version.
Reply
#3
(20.03.2017, 07:52)admin Wrote: There's an issue in your FW where tunneling is not disable once "Enable only secure connection" is enabled. This will be fixed in the next version.

Hi admin,
Please, the KNX connection mode is a bit confusing taking in account security issues. We have 01 TP-UART connection mode and 03 IP connection modes.
What is be best choice and for which specific application. The security problem is a real burden for KNX based systems.

B.R,
Chouaibou.

Attached Files Thumbnail(s)
   
Reply
#4
IP features enable telegram exchanged via Routing (multicast) and Tunneling connections to LM. When "Enable only secure connection" is set Routing will still work, but only with encrypted telegrams, but Tunneling will be disabled.
Reply
#5
(21.03.2017, 07:13)admin Wrote: IP features enable telegram exchanged via Routing (multicast) and Tunneling connections to LM. When "Enable only secure connection" is set Routing will still work, but only with encrypted telegrams, but Tunneling will be disabled.

Hi admin,
Thank you for your reply. 

B.R,
Chouaibou.
Reply


Forum Jump: