LabVIEW
Remote access using a web browser
Casey wrote:
> Does anyone know how secure your system is accessing labview remotely.
> Whenever you're accessing Labview(port 80) from a remote location
> through a web browser there is nothing stopping a hacker from gaining
> access to your system.
>
> Is there anyway to prevent outside access to the sytem?
Well, if you prevent outside access you automatically prevent access
altogether so you won't be able to use a browser to connect to it. If a
browser can connect anyone with some TCP/IP knowledge can connect too.
If you want to disable that possibility you also disable access by browsers.
However the WebServer in LabVIEW is fairly secure and it is quite
unlikely that you can abuse it to gain access to your machine. The
biggest risk would be a DOS attack which in older versions of LabVIEW
were possible at some time.
You have some options. If you only need access to the WebServer from
your Intranet, simply don't allow routing from outside traffic to your
LabVIEW computer at all. You configure this in your firewall.
I assume you have a firewall, (not the playtoy included in Windows XP
but a real one) because if you haven't you have a lot more and bigger
problems to worry before you even think about a possible vulnerability
in the LabVIEW WebServer.
If you do need to have outside access to your LabVIEW WebServer you can
configure the firewall to only allow outside access to port 80 on your
LabVIEW computers IP address. And if that seems still scary to you the
better approach is to use a real WebServer such as Apache and do
everything there. Don't forget the firewall though. Eventhough Apache
may have some security problems every now and then, they are usually
discovered fast and fixed even faster. So if you monitor the situation
and react on known vulneribilities you can have a very secure system.
LabVIEW vulneribilities are often not found as fast because a lot less
people use it and even fewer try to actually seek out such systems and
attack them on purpose.
Rolf Kalbermatter
> Does anyone know how secure your system is accessing labview remotely.
> Whenever you're accessing Labview(port 80) from a remote location
> through a web browser there is nothing stopping a hacker from gaining
> access to your system.
>
> Is there anyway to prevent outside access to the sytem?
Well, if you prevent outside access you automatically prevent access
altogether so you won't be able to use a browser to connect to it. If a
browser can connect anyone with some TCP/IP knowledge can connect too.
If you want to disable that possibility you also disable access by browsers.
However the WebServer in LabVIEW is fairly secure and it is quite
unlikely that you can abuse it to gain access to your machine. The
biggest risk would be a DOS attack which in older versions of LabVIEW
were possible at some time.
You have some options. If you only need access to the WebServer from
your Intranet, simply don't allow routing from outside traffic to your
LabVIEW computer at all. You configure this in your firewall.
I assume you have a firewall, (not the playtoy included in Windows XP
but a real one) because if you haven't you have a lot more and bigger
problems to worry before you even think about a possible vulnerability
in the LabVIEW WebServer.
If you do need to have outside access to your LabVIEW WebServer you can
configure the firewall to only allow outside access to port 80 on your
LabVIEW computers IP address. And if that seems still scary to you the
better approach is to use a real WebServer such as Apache and do
everything there. Don't forget the firewall though. Eventhough Apache
may have some security problems every now and then, they are usually
discovered fast and fixed even faster. So if you monitor the situation
and react on known vulneribilities you can have a very secure system.
LabVIEW vulneribilities are often not found as fast because a lot less
people use it and even fewer try to actually seek out such systems and
attack them on purpose.
Rolf Kalbermatter
