Home AMX User Forum AMX General Discussion

MAC Address 'unknown'

Thomas HayesThomas Hayes Posts: 1,164
in AMX General Discussion
I just noticed that the MAC address of a controller is 'known' and displayed on RMS as long as you do not engage the security on the Master. Once engaged the MAC becomes 'unknown' Does anyone know of a fix, as I would like to view the MAC address of the Masters in RMS so I can match them to my UTK info.

Comments

  • annuelloannuello Posts: 294
    Gday Thomas,

    From what I understand, the RMS modules on the master attempts to telnet into itself after a reboot to obtain the MAC address (probably by parsing the result of a SHOW SYSTEM or GET IP 0 command). If your security settings are not the default settings the introspective telnet login fails. I've heard that in future versions of RMS (presumably RMS2020) the modules will be duet, which will allow the module to get such information from the master "natively" without having to telnet into itself. Not being a duet programmer, I don't know how possible this is.

    As for a fix, you would probably have to write your own "introspective telnet" module which somehow knows the correct credentials for your system. (I'll leave that to your imagination!) You should then be able to register an additional parameter with RMS which is used to store the real MAC address.

    Roger McLean
    Swinburne University
  • Thomas HayesThomas Hayes Posts: 1,164
    I did turn the security on and selected 'telnet', as you and I are well aware that these university kids are pretty smart and will try a number of ways to hack into any system they can.
  • annuelloannuello Posts: 294
    Same here, regarding security. No security is asking for trouble. We also use ACLs for our vlans, which restrict access based on your IP. To complete our defensive approach, we try to ensure the physical outlets for AMX gear are not easily accessible (in locked furniture or in the ceiling). I'm trying to think of a way I can scramble the admin password word to be different for each venue, yet still easy to manage for hundreds of masters. If you have any good ideas let me know! I just dread what would happen if such a system goes wrong though. What a disaster that would be...

    If you log into your master when it is booting up and 'msg on' you will see the RMS socket attempt to open a Telnet session to address 127.0.0.1. This is what I was talking about regarding the introspective telent session. I'm not willing to trade off security against such a feature, as useful as MAC address info would be. I guess while the RMS code is non-duet they have no other option for obtaining the MAC.

    Roger McLean
    Swinburne University
  • Thomas HayesThomas Hayes Posts: 1,164
    It would be nice if there was a way to have the AMX password constantly changing and you require an Authenticator to gain access. This would be somewhat of an easy thing to setup with RMS and a master.
  • PhreaKPhreaK Posts: 966
    The next NI-X100 OS is supposedly going to support LDAP authentication - so no need to reinvent the wheel for access control.

    Setting up rolling keys works well is you want to go that route. There's a few crypto libraries around for Java as well so you can implement a pretty solid system when it comes to your comms between whatever is doing you key generation and the AMX box's.

    Sorry to threadjack, but don't suppose anyone has had an luck integrating with any of the RSA gear?
  • Thomas HayesThomas Hayes Posts: 1,164
    Sorry, no luck with RSA gear.
Sign In or Register to comment.