cc/td/doc/product/aggr/bbsm
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Requires Immediate Attention: Cisco BBSM 5.2 Server
 Changing the Default Security Passwords
 FTP Publishing Service Security Warning
 Accessing BBSM and BBSD Documentation

Requires Immediate Attention: Cisco BBSM 5.2 Server

Changing the Default Security Passwords

If you purchased a BBSM appliance (rather than BBSM software on CD), use this document to change the default security passwords and the Windows Administrator username.

Caution   For security reasons, we strongly recommend that you change all of the default passwords immediately. Blank passwords are not recommended. After you make these changes, verify that the latest service packs and security fixes are installed on the server.

Do not change any other account information, including system generated accounts, such as TsInternetUser, and accounts prefaced with IWAM_ and IUSR_. This adversely affects the functionality of the BBSM server. In addition, restoring these accounts to their previous states is difficult.

Changing the Windows User Passwords

Follow this procedure to change the Windows user passwords and the Administrator username. Table 1 describes the Windows user accounts and the default passwords for the BBSM appliance.

Table 1   Windows User Accounts

Account  Username  Default Password 

Windows 2000 Administrator—The Administrator has full system permissions and rights, can alter any BBSM configuration setting, and has access to any option on the BBSM Dashboard.

Administrator

(blank)

BBSD Windows Client—The BBSD server can be used to access and manage BBSM servers. We recommend that you change the BBSD Windows client account passwords located on each BBSM server.

bbsd-client

cisco

WebAPI Client—WebAPI provides an interface for remote applications to post room charges to the PMS.

webapi-client

cisco

Step 1   From the BBSM desktop, choose Start > Programs > Administrative Tools > Computer Management. The Computer Management window appears.

Step 2   Click Local Users and Groups.

Step 3   Double-click Users.

Step 4   Change the Administrator username and password:

    a. In the right pane, right-click Administrator.

    b. Click Set Password.

    c. In the New password field, enter the new password.

    d. In the Confirm password field, enter the new password again.

    e. Click OK. The Local Users and Groups dialog box appears.

    f. Click OK.

    g. Right-click Administrator again.

    h. Click Rename, and then change the username to the desired name.

Step 5   Change the bbsd-client and webapi-client passwords:

    a. In the right-pane, click the password to be changed.

    b. Click Set Password.

    c. In the New password field, enter the new password.

    d. In the Confirm password field, enter the new password again.

    e. Click OK. The Local Users and Groups dialog box appears.

    f. Click OK.

    g. Close the Computer Management window.


Changing the MSDE Database User Passwords

Follow this procedure to change the MSDE database user passwords. Table 2 describes the MSDE database user accounts and default passwords for the BBSM appliance.

Table 2   MSDE Database User Accounts

Account  Username  Default Password 

MSDE System Administrator—This login is a default system administrator login.

sa

cisco

MSDE BBSD Client—This login allows BBSD to access MSDE.

bbsd-client

cisco

Step 1   From the BBSM Dashboard, click WEBconfig. The BBSM Server Settings web page appears.

Step 2   In the NavBar, click Security/SSL. The Security/SSL web page appears.

Step 3   Change the MSDE `sa' password, as follows:

    a. Next to Change MSDE `sa' Password, click Change. The MSDE `sa' Password Form appears.

Note    You cannot change this password without knowing the current password. Be sure to save this password in a secure location.

    b. In the Enter current password field, enter the default sa password.

    c. In the Enter new password field, enter the new password.

    d. In the Confirm new password field, reenter the new password again.

    e. Click Submit. A confirmation window appears.

    f. Click Close.

Step 4   Change the MSDE BBSD password, as follows:

    a. Next to Change MSDE BBSD Password, click Change. The MSDE BBSD Login Password Form appears.

Note    You cannot change this password without knowing the current password. Be sure to save this password in a secure location.

    b. Enter the BBSD username (bbsd-client).

    c. In the Enter current password field, enter the default MSDE BBSD password.

    d. In the Enter new password field, enter the new password.

    e. In the Confirm new password field, reenter the new password again.

    f. Click Submit. A confirmation window appears.

    g. Click Close.


FTP Publishing Service Security Warning

To secure BBSM from any malicious use of the FTP port, the FTP Publishing Service is stopped and the default service startup type is set to Manual mode. If you use WEBpatch or BBSD, you need to start this service. For WEBpatch, manually start the FTP Publishing Service only when you use WEBpatch - Transfer. For BBSD, this service must run all the time. You must set the startup type of the FTP Publishing Service to Automatic, which automatically starts the service every time your BBSM server reboots.

Caution   Because of known exploits of FTP service, avoid automatic startup whenever possible. We recommend that you manually start and stop the service as needed for updates, etc. If you set the startup type to Automatic mode, use the access lists on the router to make sure that only known networks can access this service.

For additional information about BBSM server security, refer to this website:

http://www.cisco.com/application/pdf/en/us/guest/products/ps533/c1244/cdccont_0900aecd80093fe0
.pdf

Starting FTP Publishing Service Locally

Follow these steps to start the FTP Publishing Service:

Step 1   Choose Start > Programs > Administrator Tools > Services. The Services window appears.

Step 2   Right-click FTP Publishing Service, and choose Start.

Step 3   If you are using BBSD and you need to modify the FTP Publishing Service startup type, follow these steps:

    a. Right-click FTP Publishing Service, and choose Properties.

    b. Click the Startup type drop-down menu, and choose Automatic (or Manual).

    c. Click OK.

Step 4   Close the Services window.


Starting FTP Publishing Service Remotely

Follow these steps to start the FTP Publishing Service:

Step 1   Log on to the BBSM server using a secure protocol, such as SSH.

Step 2   Open the Command Prompt, and type this command: net start "FTP Publishing Service"


Accessing BBSM and BBSD Documentation

You can access and print these documents by double-clicking the Documentation icon on the BBSM desktop or by going to the D:\Documentation directory on the Cisco BBSM v5.2 CD and double-clicking the appropriate file name.

To determine which file to use, refer to Table 3. These documents are also available online at the following Cisco website:

http://www.cisco.com/univercd/cc/td/doc/product/aggr/bbsm/index.htm

Table 3   BBSM v5.2 CD Filenames

File Name  Title/Description 

user_52.pdf

Cisco BBSM 5.2 User Guide

Provides detailed instructions for configuring both BBSM and BBSD servers.

instl_52.pdf

Cisco BBSM 5.2 and BBSD Software Installation Guide

Provides detailed instructions for installing Cisco BBSM or BBSD software.

rnotes52.pdf

Release Notes for Cisco BBSM 5.2

Refer to this document for the latest BBSM and BBSD updates and changes.


Copyright © 2003, Cisco Systems, Inc.
All rights reserved.


hometocprevnextglossaryfeedbacksearchhelp
Posted: Mon Jul 28 08:00:28 PDT 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.