DOCSLIB.ORG

CWGE24MS2 COMMERCIAL GRADE MANAGED LAYER 2+ ETHERNET SWITCH with 20 × 100/1000BASE-FX + 4 × GIGABIT COMBO PORTS V1.0 November 29, 2016

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
CWGE24MS2 COMMERCIAL GRADE MANAGED LAYER 2+ ETHERNET SWITCH with 20 × 100/1000BASE-FX + 4 × GIGABIT COMBO PORTS V1.0 November 29, 2016 INSTALLATION AND OPERATION MANUAL CWGE24MS2 COMMERCIAL GRADE MANAGED LAYER 2+ ETHERNET SWITCH WITH 20 × 100/1000BASE-FX + 4 × GIGABIT COMBO PORTS v1.0 November 29, 2016 The ComNet CWGE24MS2 has twenty 100/1000Base-FX SFP ports and four Gigabit combo ports that allow for TX or FX transmission. All SFP ports utilize ComNet SFP modules for fiber, connector type and distance. The IEEE802.3-compliant unit offers multiple Ethernet redundancy protocols (ERPS G.8032 and MSTP/RSTP/STP) which protect your applications from network interruptions or temporary malfunctions by redirecting transmission within the network. The CWGE24MS2 implements complete Layer 2 to Layer 4 ACLs to restrict access to your sensitive network resources by filtering specific packets based on TCP/UDP ports, source and destination IP addresses or particular network devices. Furthermore, DHCP snooping, TACACS+, ARP, IEEE 802.1X and Port Security provide additional tools to manage access and levels of use of the network. These defence mechanisms of the CWGE24MS2 along with advanced DoS auto prevention deliver robust network security and enables network administrators to offer more stable services on a more secure network. INSTALLATION AND OPERATION MANUAL CWGE24MS2 Contents Regulatory Compliance Statement 5 Warranty 5 Disclaimer 5 Safety Indications 5 Copyright 5 FCC Warning 6 CE 6 Overview 7 Introduction 7 Software Features 8 Hardware Features 10 Hardware Overview 11 Front Panel 11 Installation 13 Desktop Installation 13 Mounting on a Rack 13 Getting Connected 13 Powering On the Unit 13 Installing the SFP modules and Fiber Cable 14 Connecting a Copper Cable 14 Connecting to the Console 15 Connecting to Computer or a LAN 15 LED Indicators 16 GUI Login 22 System Information 23 Basic Settings 25 General Settings 25 MAC Management 38 CLI Configuration 45 INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 2 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Advanced Settings 53 Bandwidth Control 53 DHCPv6 70 IGMP Snooping 72 VLAN 94 DHCP Option 122 Dual Homing 133 ERPS 136 Link Aggregation 143 Link Layer Discovery Protocol (LLDP) 151 Loop Detection 155 PPPoE IA 159 Static Route 168 STP 173 UDLD 195 Security 200 IP Source Guard 200 ACL 218 802.1x 224 Port Security 233 TACACS+ 236 Monitor 241 Alarm 241 Hardware Information 242 Port Statistics 243 Port Utilization 244 RMON Statistics 245 SFP Information 247 Traffic Monitor 249 INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 3 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Management 252 SNMP 252 Auto Provision 263 Mail Alarm 266 Maintenance 270 System log 276 User Account 278 INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 4 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Regulatory Compliance Statement Product(s) associated with this publication complies/comply with all applicable regulations. Please refer to the Technical Specifications section for more details. Warranty ComNet warrants that all ComNet products are free from defects in material and workmanship for a specified warranty period from the invoice date. ComNet will repair or replace products found by ComNet to be defective within this warranty period. This warranty does not cover product modifications or repairs done by persons other than ComNet-approved personnel, and this warranty does not apply to ComNet products that are misused, abused, improperly installed, or damaged by accidents. Please refer to the Technical Specifications section for the actual warranty period(s) of the product(s) associated with this publication. Disclaimer Information in this publication is intended to be accurate. ComNet shall not be responsible for its use or infringements on third-parties as a result of its use. There may occasionally be unintentional errors on this publication. ComNet reserves the right to revise the contents of this publication without notice. Safety Indications » The equipment can only be accessed by trained ComNet service personnel. » This equipment should be installed in secured location. Copyright All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, whether electronic, mechanical, photo copying, recording or otherwise, without the prior written permission of the publisher. INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 5 INSTALLATION AND OPERATION MANUAL CWGE24MS2 FCC Warning This equipment has been tested and found to comply with the limits for a class A device, pursuant to part 15 of FCC rules. These limits are designed to provide reasonable protection against harmful interference in a commercial installation. This equipment generates uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communication. Operation of this equipment in a residential area is likely to cause harmful interference, in which case, the user will be required to correct the interference at the user’s own expense. CE This is a Class A product. In a domestic environment, this product may cause radio interference in which case the user may be required to take adequate measures. INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 6 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Overview Introduction The ComNet CWGE24MS2 has twenty 100/1000Base-FX SFP ports and four Gigabit combo ports that allow for TX or FX transmission. All SFP ports utilize ComNet SFP modules for fiber, connector type and distance. The IEEE802.3-compliant unit offers multiple Ethernet redundancy protocols (ERPS G.8032 and MSTP/RSTP/STP) which protect your applications from network interruptions or temporary malfunctions by redirecting transmission within the network. The CWGE24MS2 implements complete Layer 2 to Layer 4 ACLs to restrict access to your sensitive network resources by filtering specific packets based on TCP/UDP ports, source and destination IP addresses or particular network devices. Furthermore, DHCP snooping, TACACS+, ARP, IEEE 802.1X and Port Security provide additional tools to manage access and levels of use of the network. These defence mechanisms of the CWGE24MS2 along with advanced DoS auto prevention deliver robust network security and enables network administrators to offer more stable services on a more secure network. In this guide, the term “Switch” (first letter upper case) refers to the CWGE24MS2 Switch, and “switch” (first letter lower case) refers to other switches. INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 7 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Software Features Network Functions » Port-based Mirroring » GARP/GVRP Support » 4K Active VLAN » IGMP Snooping v1/v2/v3 » IGMP Querier » MVR » DHCP Relay/Option 82 » Dual Homing » Link Aggregation » Link Layer Discovery Protocol » Loop Detection, Auto Recovery Timer » STP/RSTP/MSTP » ERPS (G8032v2) » SFP DDMI Support » RMON Statistics » Static Route » Network Security » Access Control List (L2/L3/L4) » MAC Limitation » Port Security » 802.1x Port Authentication » TACACS+ » Traffic management & QoS » Port Priority » Rate Limitation » Storm Control » Port Isolation » 802.1Q Tag-based VLAN » Auto MDI/MDI-X INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 8 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Network Management » Command Line Interface, Telnet » Web GUI » SNMP v1/v2c/v3 » Management VLAN » Auto Provisioning » System log » Firmware Upgradable » Configuration Upload/Download » LED, SNMP trap, and email alarm Specifications » IEEE 802.3 10Base-T » IEEE 802.3u 100Base-TX/FX » IEEE 802.3ab 1000Base-T » IEEE 802.3z 1000Base-SX/LX » IEEE 802.3x Flow Control » IEEE 802.1d Spanning Tree Protocol » IEEE 802.1w Rapid Spanning Tree Protocol » IEEE 802.1s Multiple Spanning Tree Protocol » IEEE 802.1q VLAN Tagging » IEEE 802.1p Class of Service » IEEE 802.1x Port Authentication » IEEE 802.1ab Link Layer Discovery Protocol » IEEE 802.3ad Port Trunk with LACP » ITU-T G8032v2 Ethernet Ring Protection Switching INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 9 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Hardware Features Performance » Switching fabric 48 Gbps » L2 forwarding 35.7 Mpps » MAC Entries 16 K » Jumbo frame 10 K Ports » 20-slot 100FX/Gigabit SFP » 4 × Gigabit Combo (10/100/1000 RJ-45 or 100FX/GbE SFP) » 1 × DB-9 console Maximum Distances » RJ-45 up to 100 m » SC/SFP up to 120 km » Console 15 m Mechanical & Environmental » Operating temperature 0°C to 50°C » Storage temperature -20°C to 70°C » Operating humidity 10% to 90% RH » Storage humidity 5% to 95% RH Power » Front access AC power 100-240 V, 50~60Hz » 12V DC battery back-up » Power consumption Max. 25 W (System) Dimensions & Weight » Dimensions (WxHxD) 440 × 44 × 284mm, 19” rack-mountable » Weight 3.7 kg INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 10 INSTALLATION AND OPERATION MANUAL CWGE24MS2 Hardware Overview Front Panel The following table describes the labels that are affixed to the CWGE24MS. Port Description SFP ports 20 × 100BaseX Giga Ethernet Port 4 × Gigabit Combo (10/100/1000 RJ-45 or 100FX/GbE SFP) Console Use RS-232 with DB9 connecter to manage switch. 1 2 3 4 5 6 2 CWGE24MS Front Panel 1. Power Connector 2. LEDs for Post, Power, Alarm; Speed/Link/Activity for 24 SFP ports 3. 100/1000Base-X Fiber port on SFP 4. LED for Ethernet ports 1000Mbps Speed/Link/Activity status 5. 10/100/1000Base-T(X) Ethernet port and 100/1000Base-X SFP (combo port) 6. Console port (DB9) Connectors The Switch utilizes ports with copper and SFP fiber port connectors functioning under Fast Ethernet/Gigabit Ethernet standards. 100FX/1000Base-SX/LX SFP Ports INS_CWGE24MS2_REV– TECH SUPPORT: 1.888.678.9427 10/05/16 PAGE 11 INSTALLATION AND OPERATION MANUAL CWGE24MS2 The 100/1000Base-SX/LX (SFP) ports support network speeds of 100Mbps or 1000Mbps, and is designed to house 100Mbps/Gigabit SFP modules. Gigabit Combo There are four Gigabit Combo ports on the CWGE24MS2.
Load more

Recommended publications
  • Networking Packet Broadcast Storms
    Lesson Learned Networking Packet Broadcast Storms Primary Interest Groups Balancing Authorities (BAs) Generator Operators (GOPs) Reliability Coordinators (RCs) Transmission Operators (TOPs) Transmission Owners (TOs) that own and operate an Energy Management System (EMS) Problem Statement When a second network cable was connected from a voice over internet protocol (VOIP) phone to a network switch lacking proper settings, a packet broadcast storm prevented network communications from functioning, and supervisory control and data acquisition (SCADA) was lost for several hours. Broadcast storm events have also arisen from substation local area network (LAN) issues. Details A conference room was set up for a training class that needed to accommodate multiple PCs. The bridge protocol data unit (BPDU) packet propagation prevention setting was disabled on a port in the conference room in order to place a network switch off of that port. Upon completion of the training, the network switch was removed; however, the BPDU packet propagation setting was inadvertently not restored. As part of a telephone upgrade project, the traditional phone in this conference room was recently replaced by a VOIP phone. Later, an additional network cable was connected to the output port of this VOIP phone into a secondary network jack within the conference room. When the second network cable was connected from a VOIP phone to a network switch lacking proper settings, a switching loop resulted. Spanning tree protocol is normally used to prevent switching loops from propagating broadcast packets continuously until the network capacity is overwhelmed. A broadcast packet storm from the switching loop prevented network communications from functioning and SCADA was lost for several hours.
    [Show full text]
  • Computer Communication Networks (Tcit / Se / Ee)
    Practical Workbook CS-351/CS-418 COMPUTER COMMUNICATION NETWORKS (TCIT / SE / EE) Name : Year : Batch : Roll No : Department: Department of Computer & Information Systems Engineering NED University of Engineering & Technology INTRODUCTION The days of mainframe computing using dumb terminals are long gone. The present time is the era of very powerful personal computers, interconnecting with each other and even better equipped servers, sometimes connecting across continental boundaries. Computer Communication Networks is a senior level undergraduate course in Computer and Information Systems Engineering, which covers various aspects of computer networks. It covers various classifications of computer networks and gives the students a good grasp on the various topics in computer networks. This laboratory manual aims to augment the classroom teaching of the course and to provide the students essential practical knowledge in the subject. The first and second labs deal with learning IPv4 Addressing, Sub-netting & Variable Length Subnet Masking (VLSM). The third lab deals with making crossover and straight-through UTP cables. This skill will come in very handy in various trades when the students go into practical life. It introduces some related standards and equipment used in this regard. The fourth lab jumps into Cisco routers. It is a hands-on exercise using some commonly used Cisco IOS commands. In this lab, the students will learn how to connect to and interact with Cisco routers. The fifth lab is about connecting different IP networks by defining static routes all around. Sixth lab introduces dynamic routing using a simple routing protocol, namely RIP (Routing Information Protocol) and its later version called RIP version 2.
    [Show full text]
  • Show Crypto Ace Redundancy Through Show Cts Sxp
    show crypto ace redundancy through show cts sxp • show crypto ace redundancy, on page 4 • show crypto ca certificates, on page 6 • show crypto ca crls, on page 9 • show crypto ca roots, on page 10 • show crypto ca timers, on page 11 • show crypto ca trustpoints, on page 12 • show crypto call admission statistics, on page 13 • show crypto ctcp, on page 15 • show crypto datapath, on page 17 • show crypto debug-condition, on page 20 • show crypto dynamic-map, on page 23 • show crypto eli, on page 24 • show crypto eng qos, on page 26 • show crypto engine, on page 27 • show crypto engine accelerator sa-database, on page 31 • show crypto engine accelerator ring, on page 32 • show crypto engine accelerator logs, on page 34 • show crypto engine accelerator statistic, on page 36 • show crypto gdoi, on page 52 • show crypto ha, on page 81 • show crypto identity, on page 82 • show crypto ikev2 cluster, on page 83 • show crypto ikev2 diagnose error, on page 85 • show crypto ikev2 policy, on page 86 • show crypto ikev2 profile, on page 88 • show crypto ikev2 proposal, on page 90 • show crypto ikev2 sa, on page 92 • show crypto ikev2 session, on page 95 • show crypto ikev2 stats, on page 98 • show crypto ipsec client ezvpn, on page 105 • show crypto ipsec transform-set default, on page 108 show crypto ace redundancy through show cts sxp 1 show crypto ace redundancy through show cts sxp • show crypto ipsec sa, on page 110 • show crypto ipsec security-association idle-time, on page 120 • show crypto ipsec security-association lifetime, on page 121 • show
    [Show full text]
  • Where to Download Quake 1 Full Version Pc Quake Windows 10
    where to download quake 1 full version pc Quake windows 10. Quake II is the next major follow up after Quake I. Shortly after landing on an alien surface . Similar choice. Programs for query ″quake windows 10″ XenArmor All-In-One Key Finder Pro. All-In-One Key Finder Pro is the enterprise software to recover license keys of Windows, Office & 1300+ popular softwares/games. of Windows from XP to 10 . NFS, AOE, Quake , Star Wars . starting from Windows XP to Windows 10. Windows Product Key Finder. Windows Product Key Finder is the all-in-one software to recover license keys of Windows & 500+ popular softwares/games. of Empires, Quake , The . or periodically Windows Product . from Windows XP to Windows 10. Quake Live Mozilla Plugin. QUAKE LIVE delivers the excitement and energy of first-person multiplayer action to a broader audience than ever before. QUAKE LIVE delivers . "web game," QUAKE LIVE offers . QUAKE 2007. Quake Virtual DJ is ground breaking in concept (hence the name “Quake”). Quake Virtual DJ . the name “ Quake ”). It is . environment. With Quake , the days . Quake Mate Seeker. QMS is a simple utility that allows you to find players on Quake 3 servers. players on Quake 3 servers. Unlike . and customizable Quake 3 server list . Quake Video Maker. Here is Quake Video Maker. A simple tool to create AVI files with both video and audio. Here is Quake Video Maker. A . Quake2xp. Quake 2 is a based engine with glsl per pixel lighting effects and more. Quake 2 is a based . QuakeMap. QuakeMap is a powerful GPS/mapping program for your Windows computer.
    [Show full text]
  • Guidelines on Firewalls and Firewall Policy
    Special Publication 800-41 Revision 1 Guidelines on Firewalls and Firewall Policy Recommendations of the National Institute of Standards and Technology Karen Scarfone Paul Hoffman NIST Special Publication 800-41 Guidelines on Firewalls and Firewall Revision 1 Policy Recommendations of the National Institute of Standards and Technology Karen Scarfone Paul Hoffman C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 September 2009 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Deputy Director GUIDELINES ON FIREWALLS AND FIREWALL POLICY Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-41 Revision 1 Natl. Inst. Stand. Technol. Spec. Publ. 800-41 rev1, 48 pages (Sep. 2009) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]
  • Automated Malware Analysis Report for ORDER 5211009876.Exe
    ID: 386799 Sample Name: ORDER 5211009876.exe Cookbook: default.jbs Time: 20:09:05 Date: 14/04/2021 Version: 31.0.0 Emerald Table of Contents Table of Contents 2 Analysis Report ORDER 5211009876.exe 4 Overview 4 General Information 4 Detection 4 Signatures 4 Classification 4 Startup 4 Malware Configuration 4 Threatname: Agenttesla 4 Yara Overview 4 Memory Dumps 4 Unpacked PEs 5 Sigma Overview 5 System Summary: 5 Signature Overview 5 AV Detection: 5 System Summary: 5 Boot Survival: 5 Malware Analysis System Evasion: 6 HIPS / PFW / Operating System Protection Evasion: 6 Stealing of Sensitive Information: 6 Remote Access Functionality: 6 Mitre Att&ck Matrix 6 Behavior Graph 7 Screenshots 7 Thumbnails 7 Antivirus, Machine Learning and Genetic Malware Detection 8 Initial Sample 8 Dropped Files 8 Unpacked PE Files 8 Domains 8 URLs 9 Domains and IPs 10 Contacted Domains 10 URLs from Memory and Binaries 10 Contacted IPs 13 Public 14 General Information 14 Simulations 15 Behavior and APIs 15 Joe Sandbox View / Context 15 IPs 15 Domains 16 ASN 16 JA3 Fingerprints 16 Dropped Files 17 Created / dropped Files 17 Static File Info 18 General 18 File Icon 18 Static PE Info 18 General 19 Entrypoint Preview 19 Data Directories 20 Sections 21 Copyright Joe Security LLC 2021 Page 2 of 30 Resources 21 Imports 21 Version Infos 21 Network Behavior 21 Network Port Distribution 22 TCP Packets 22 UDP Packets 23 DNS Queries 23 DNS Answers 23 SMTP Packets 23 Code Manipulations 24 Statistics 24 Behavior 24 System Behavior 24 Analysis Process: ORDER 5211009876.exe PID:
    [Show full text]
  • Multiplayer Game Programming: Architecting Networked Games
    ptg16606381 Multiplayer Game Programming ptg16606381 The Addison-Wesley Game Design and Development Series Visit informit.com/series/gamedesign for a complete list of available publications. ptg16606381 Essential References for Game Designers and Developers hese practical guides, written by distinguished professors and industry gurus, Tcover basic tenets of game design and development using a straightforward, common-sense approach. The books encourage readers to try things on their own and think for themselves, making it easier for anyone to learn how to design and develop digital games for both computers and mobile devices. Make sure to connect with us! informit.com/socialconnect Multiplayer Game Programming Architecting Networked Games ptg16606381 Joshua Glazer Sanjay Madhav New York • Boston • Indianapolis • San Francisco Toronto • Montreal • London • Munich • Paris • Madrid Cape Town • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products Editor-in-Chief are claimed as trademarks. Where those designations appear in this book, and the Mark Taub publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals Acquisitions Editor Laura Lewin The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or Development Editor omissions. No liability is assumed for incidental or consequential damages in connection Michael Thurston with or arising out of the use of the information or programs contained herein. Managing Editor For information about buying this title in bulk quantities, or for special sales opportunities Kristy Hart (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our Project Editor corporate sales department at [email protected] or (800) 382-3419.
    [Show full text]
  • Quake 2 Xp Mod Download Quake II - Quakeiixp V.1.26.9.1 - Game Mod - Download
    quake 2 xp mod download Quake II - QuakeIIxp v.1.26.9.1 - Game mod - Download. The file QuakeIIxp v.1.26.9.1 is a modification for Quake II , a(n) action game. Download for free. file type Game mod. file size 2241.4 MB. last update Sunday, July 5, 2020. Report problems with download to [email protected] QuakeIIxp is a mod for Quake II , created by Quake2xp Team.. Description: QuakeIIxp is a multi-platform (windows, linux and freeBSD (experemental)) graphics port of the game Quake II developed by Id Software. Completely updated rendering takes full advantage of the latest graphics cards to get the perfect picture, preserving the original style of the game. Real time per-pixel lighting and shadowing (like DooM3) with hi quality parallax mapping (relief mapping technology) Oren-Nayar Diffuse with GGX Specular BRDF, Phong, Lambert and Sub-Surface Scattering lighting models. Cubemaps and caustic light filters. Editable GLSL shaders. 2d lighting for hud digits and menu tags. In-game light editor. Advanced decal and particle system (infinity decals and soft particles) Reflection (screen space local reflection) and refraction surfaces. Radiosity normal mapping with high resolution lightmaps. Postrocessing effects - FXAA 3.11, Bloom, Depth of Field, Radial Blur, Thermal Vision, Film Grain, Brightness/Contrast/Saturation, Motion Blur, SSAO, Scanline and mediam cinematic filters. Raw mouse input (windows only) OpenAL 3d audio engine with EFX (high-quality environmental audio sound effects both win and linux) Playing OGG and WAV music tracks from the hdd. Native support for the Reckoning mp and 3zb2 bot. All other addons and mods supported in compatibility mode.
    [Show full text]
  • Application: Unity 3D Web Player
    unity3d_1-adv.txt 1 of 2 Application: Unity 3D web player http://unity3d.com/webplayer/ Versions: <= 3.2.0.61061 Platforms: Windows Bug: heap corruption Exploitation: remote Date: 21 Feb 2012 Unity 3d is a game engine used in various games and it’s web player allows to play these games (unity3d extension) also directly from the web browser. # Vulnerabilities # Heap corruption caused by a negative 32bit size value which allows to execute malicious code. The problem is caused by the modification of the 64bit uncompressed size (handled as 32bit by the plugin) of the lzma header which is just composed by the following fields (from lzma86.h): Offset Size Description 0 1 = 0 - no filter, pure LZMA = 1 - x86 filter + LZMA 1 1 lc, lp and pb in encoded form 2 4 dictSize (little endian) 6 8 uncompressed size (little endian) Reading of the 64bit field as 32bit one (CMP EAX,4) and some of the subsequent operations: 070BEDA3 33C0 XOR EAX,EAX 070BEDA5 895D 08 MOV DWORD PTR SS:[EBP+8],EBX 070BEDA8 83F8 04 CMP EAX,4 070BEDAB 73 10 JNB SHORT webplaye.070BEDBD 070BEDAD 0FB65438 05 MOVZX EDX,BYTE PTR DS:[EAX+EDI+5] 070BEDB2 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8] 070BEDB5 D3E2 SHL EDX,CL 070BEDB7 0196 A4000000 ADD DWORD PTR DS:[ESI+A4],EDX 070BEDBD 8345 08 08 ADD DWORD PTR SS:[EBP+8],8 070BEDC1 40 INC EAX 070BEDC2 837D 08 40 CMP DWORD PTR SS:[EBP+8],40 070BEDC6 ^72 E0 JB SHORT webplaye.070BEDA8 070BEDC8 6A 4A PUSH 4A 070BEDCA 68 280A4B07 PUSH webplaye.074B0A28 ; ASCII "C:/BuildAgen t/work/b0bcff80449a48aa/PlatformDependent/CommonWebPlugin/CompressedFileStream.cp p" 070BEDCF 53 PUSH EBX 070BEDD0 FF35 84635407 PUSH DWORD PTR DS:[7546384] 070BEDD6 6A 04 PUSH 4 070BEDD8 68 00000400 PUSH 40000 070BEDDD E8 BA29E4FF CALL webplaye.06F0179C ..
    [Show full text]
  • Winroute Lite 4.2
    User's Guide WinRoute Lite 4.2 Kerio Technologies Inc. Contents Contents Before Installing WinRoute 3 System Requirements.............................................................................................. 4 Choosing the right computer for sharing................................................................. 5 Configure TCP/IP.................................................................................................... 6 Multi-operating systems environment (Linux, AS400, Apple)............................... 7 Connecting the network to the Internet 9 WinRoute Lite installation and maintenance ........................................................ 10 Basic Configuration .............................................................................................. 11 Dial-up or ISDN connection ................................................................................. 12 About DHCP server .............................................................................................. 15 About DNS proxy ................................................................................................. 17 About Port Mapping.............................................................................................. 19 Inside WinRoute Lite 23 The Architecture.................................................................................................... 24 How NAT works................................................................................................... 25 Logs and packet analysis......................................................................................
    [Show full text]
  • List of TCP and UDP Port Numbers
    List of TCP and UDP port numbers From Wikipedia, the free encyclopedia Jump to: navigation, search In computer networking, the protocols of the Transport Layer of the Internet Protocol Suite, most notably the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP), but also other protocols, use a numerical identifier for the data structures of the endpoints for host-to- host communications. Such an endpoint is known as a port and the identifier is the port number. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.[1] Contents [hide] y 1 Table legend y 2 Well-known ports: 0±1023 y 3 Registered ports: 1024±49151 y 4 Dynamic, private or ephemeral ports: 49152±65535 y 5 See also y 6 References y 7 External links [edit] Table legend Color coding of table entries Official Port/application combination is registered with IANA Unofficial Port/application combination is not registered with IANA Conflict Port is in use for multiple applications [edit] Well-known ports: 0±1023 According to IANA "The Well Known Ports are assigned by the IANA and on most systems can only be used by system (or root) processes or by programs executed by privileged users. Ports are used in the TCP [RFC793] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port. The contact port is sometimes called the well-known port."[1] Port TCP UDP Description Status 0 UDP Reserved Official When running a server on port 0, the system will run it on a random 0 TCP UDP port from 1-65535 or 1024-65535 depending on the privileges of Official the user.
    [Show full text]
  • Edgeswitch User Guide Table of Contents
    Configuration Interface Release Version: 1.8 EdgeSwitch User Guide Table of Contents Table of Contents Chapter 1: Overview . 1 Introduction . 1 Configuration . 1 Configuration Interface System Requirements . 1 Chapter 2: Navigation . 3 Accessing the Configuration Interface . 3 Common Interface Options . 4 Interface Screens . 5 Chapter 3: Dashboard . 7 Device Status . 8 Port Status . 8 Port Summary . 8 Chapter 4: VLANs . 13 VLANs . .. 13 Chapter 5: System Settings . 15 Device Name . 15 Management IP . 15 Spanning Tree Protocol . 17 Services . 17 System Actions . 18 Chapter 6: Tools . 21 MAC Table . 21 Ping . .. 21 Appendix A: Contact Information . 23 Ubiquiti Networks Support . 23 Ubiquiti Networks, Inc. i Table of Contents EdgeSwitch User Guide ii Ubiquiti Networks, Inc. EdgeSwitch User Guide Chapter 1: Overview Chapter 1: Overview Introduction This User Guide is designed to provide details about how to set up and use the EdgeSwitch® Configuration Interface, version 1.8 or above. This interface manages the EdgeSwitch and EdgeSwitch X models, which this User Guide will collectively refer to as EdgeSwitch. The EdgeSwitch XP models use a different user interface. This is described in the EdgeSwitch XP User Guide, which is available at: downloads.ubnt.com/edgemax Configuration This intuitive interface allows you to conveniently manage your EdgeSwitch using your web browser. There are two versions available; however, this User Guide describes the default, which is the new UI with a more graphical interface. The legacy UI is still available as an option and is described in the EdgeSwitch Administration Guide, which is available at: downloads.ubnt.com/edgemax You can also manage your device using the Ubiquiti® Network Management System, UNMS™, which lets you configure, monitor, upgrade, and back up your devices using a single software application.
    [Show full text]