build free website

Tank Gauge Vulnerability Testing

Tank Gauges that are vulnerable to Cyber Attacks endanger the owner or operator as well as the public in general.
If your Tank Gauge fails either test below, please take action to remove the vulnerability

Tank Gauge accessible to anyone on the Internet

Jack Chadowitz, creator of Kachoolie, in January 2015 discovered over 5,000 sites where the Tank Gauges could be easily accessed to read data AND make configuration changes. Anyone knowing the IP address can gain access. As of March 2018 there are 7,000 + such sites. Test your site. If you fail the test, look at our video to understand how to protect your Tank Gauge and here to understand the problems of an unprotected Tank Gauge. If you pass, you may want to look at this page to understand possible unintended consequences of the protection. To protect your gauge and get a free Web App for inventory, consider adding the Kachoolie Firewall.
Note: To prevent misuse of this tool, you MUST be at the site when you do the test. If you cannot test from the site, we can test for you. Contact us to provide the IP address or addresses you want tested.

TLS450 causes PCI test to fail because of OpenSSH

We recently discovered that having a TLS450 connected to the store LAN (Local Area Network) can cause a PCI compliance test to fail. This is because the TLS450 uses OpenSSH on port 22 to provide remote access to the Linux processor that drives the TLS450. The OpenSSH version used is 7.0. A test by a leading PCI compliance testing company, Trustwave and maybe others, will fail PCI compliance if  the version is less than 7.3. You can easily test for this vulnerability by using a utility called telnet. Open a command window and type:

telnet [your site IP address] 22

if the site is unreachable, or you get something like

Trying xxx.xxx.xxx.xxx...

Connected to c-xxx.xxx.xxx.xxx.hsd1.nh.comcast.net.

Escape character is '^]'.

SSH-2.0-OpenSSH_7.0

where xxx.xxx.xxx.xxx is the IP address. If the OpenSSH version is  7.3 or later then your  PCI testing should be unaffected.
If your version is less than 7.3 you can easily disable the remote access by removing the port forwarding for port 22 in the site router. This will NOT affect your access via the Veeder Root App or via port 10001 but will avoid failing PCI compliance because of an old OpenSSH version.
You should also use the Tank Gauge accessible to anyone test  because even if you disable port 22 your Tank Gauge could still be vulnerable to attack.