No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


AR500, AR510, AR531, AR550, AR1500, and AR2500 Security Hardening And Maintenance Guide

This document provides guidance for strengthening network and device security in terms of network security risks, security architecture, and security hardening policies. It also provides guidance for routine maintenance of device security in terms of the management, control, and forwarding planes.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Unauthorized Access

Unauthorized Access

Unauthorized access enables users to obtain the control right or higher right over a device. Possible causes of unauthorized access are as follows:

  • Inappropriate network configurations: Due to lack of a proper access control policy on the firewall, malicious users forcibly access the system from a public network by other means such as cracking.
  • Unauthorized use of debugging means provided by the system: Routers provide access to information in internal information processing flows for locating faults. Malicious users obtain the information by using these diagnosis and debugging interfaces.
  • Management and control based on roles instead of accounts: The command control mechanism of the device completes management and control based on roles instead of accounts. As a result, users can use the commands beyond their authority to read personal communication data or steal system configurations.
  • Lack of an information isolation mechanism: The Simple Network Management Protocol (SNMP) management information base (MIB) has no information isolation mechanism. Users can traverse all MIB nodes if they can access the MIB.
Updated: 2019-05-06

Document ID: EDOC1000097300

Views: 4795

Downloads: 72

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next