Secure configuration for Kiwi CatTools
This document describes best practices for securing Kiwi CatTools (KCT).
Best practices
Create an encryption password
Enable a database encryption password when KCT is run to limit unauthorized access. Once the password is enabled, the system will prompt you to enter your password every time you open KCT. See Change encryption password for details.
Review your file transfer protocol
SolarWinds does not recommend usage of Trivial File Transfer Protocol (TFTP) in KCT due to potential security vulnerabilities. If TFTP must be used, it is highly recommended to take precautions and limit its exposure to your local network. See TFTP server security options for details.
Manage sensitive data in exported devices files
Delete or securely store the data contained in the device list .txt
file after exporting devices to a tab delimited file. Data contained in the exported devices .txt
file may contain information that is subject to security vulnerabilities.