Ehorus: Documentation: Security on eHorus

De eHorus Wiki
Saltar a: navegación, buscar

Go back to eHorus documentation index

Security on eHorus

eHorus is a tool meant for system administrators. This implies that it’s a very powerful tool that will allow you to access, with administration privileges, on to any of your registered devices. The basic security mechanism is the access to the portal. This means that once the portal is accessed, the user will be able to access all devices under his or her control. Once the password is configured, it’s stored as a hash, which means it’s really complicated to know which one it is, even having physical access to the file.

For additional security, you should consider establishing an individual password for each agent. This password will not be stored in any centralized location, and the communication will be cyphered from your end (customer) to the agent, which means no one can intercept it. It’s the safest way to avoid third parties accessing your systems.

All the traffic between you and your devices, or between you and the portal, is encrypted using standard SSL.

The agent connects to the eHorus server using port 1080/tcp. If you happen to have a very restrictive outgoing connection policy, add this port to the registered outgoing connections. You can also use an HTTP proxy in order to set outgoing connections.

Apart from conventional security measures, such as the portal entry password, and the agent access password, you can use a double authentication protocol (based on Google Auth) which will install an app (Android and iOS) on your mobile device and will request a code every time you wish to access the portal.