DOCSLIB.ORG

Implementation and Evaluation of Authorized Access LAN Sockets Using Pppoe

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Implementation and Evaluation of Authorized Access LAN Sockets Using Pppoe Implementation and Evaluation of Authorized Access LAN Sockets Using PPPoE Hideo Masuda, Michio Nakanishi, Masahide Nakamura, Mio Suzuki Informedia and Education Division, Cybermedia Center, Osaka University 1-30 Machikaneyama, Toyonaka, Osaka, 560-0043 Japan. Telephone: +81 6 6850 6076, FAX: +81 6 6850 6084, E-mail:[email protected] our network Abstract Server The Internet This paper presents an integrated method to achieve au- thorized access on LAN sockets in a campus network. The LAN sockets PPPoE key issues of our method are user authentication and user server tracking. We adopt PPPoE (Point-to-Point Protocolover SwitchingHUB Ethernet) for the user authentication, and integrate IDENT mechanism on the PPPoE server for the user tracking. We conduct performance evaluation with respect to transfer rate and CPU usage. The evaluation shows that the pro- ClientPC ClientPC ClientPC ClientPC posed system achieves excellent performance for its deploy- client PCs(owned by user) ment cost. As a result, the proposed method could be a good candidate to add network connectivity in campus networks. Figure 1. Experimental environment achieves excellent performance for its deployment cost. 1 Introduction The system is actually working in the educational computer system in Cybermedia Center, Osaka University, also work- Rich network environment is a key to attract prospec- ing in a wireless LAN environment with IEEE802.11b. tive students to universities[1]. Recently, universities tend to provide students with LAN sockets in every classroom, 2 Implementing LAN sockets with PPPoE for fast and easy access to network resources. From the viewpoint of network administrators, however, it would be- Figure 1 shows an experimental environment of our sys- come an insecure hot bed of network crimes, unless users tem. The key issues for implementation of the target LAN are properly authenticated. sockets are (1) how to choose implementation variants of To cope with the problem, there are some experimen- the PPPoE, and (2) how to integrate the IDENT mechanism tal systems, which implement user authentication on LAN on the PPPoE. sockets (e.g. [2] [3]). In [2], PPTP (Point-to-Point Tunnel- ing Protocol [5]) is used for a secure LAN sockets. In [3], 2.1 Choosing implementation variants of PPPoE IP over SSL (Secure Socket Layer [6]) is used. Since both approaches are IP over IP fashion, they would suffer from heavy protocol overhead. There are two alternatives of the PPPoE server. In this paper, we have implemented and evaluated a new 1. implementation with userland (called user mode) system to achieve authorized access in an inexpensive man- ner, specifically, LAN sockets using PPPoE (Point-to-Point 2. implementation with OS kernel (called kernelmode ) Protocol over Ethernet [7]). The key features of the pro- posed system are user authentication with the PPPoE and The user mode is easy to be deployed. However, the user tracking with IDENT[11]. The proposed system can be user mode suffers from frequent context switching between implemented with inexpensive HUBs and a mid-class PC. kernel space and user space. Although the kernel mode We have conducted an experimental evaluation for the requires kernel reconfiguration, good performance is ex- proposed system from viewpoints of transfer rate and CPU pected. In this work, we have chosen both implementation usage. The evaluation shows that the proposed system variants, and conducted their comparative evaluation. Proceedings of the 2002 Symposium on Applications and the Internet (SAINT’02) 0-7695-1447-2/02 $17.00 © 2002 IEEE server Destination 133.1.gg.1:113 IDENT request for PORTs Destination 192.168.0.xx:113 eth0 133.1.gg.1:PORTs eth0 IP Masq IDENTd Destination 192.168.0.xx:PORT (IP Masquerade) NAT dummy0:xx (dummy I/F) NAT with 192.168.128.xx:113 Reply UserID IDENTd 192.168.0.xx:PORTc eth1 by looking up this table 192.168.0.xx:PORT(no change) eth1 (Reply UserID in relation to xx) Figure 3. Masq method Figure 2. NAT method incoming IDENT connection arrives at the TCP #113 port on the client PC, a program (call it program B, 2.2 Implementing newIDENT mechanism denoted by IDENTd in the figure) on PPPoE server re- sponds the IDENT protocol, since the IP masquerade The IDENT protocol [11] provides a means to deter- is used. The program B first identifies which client mine the identity of a user of a particular TCP connection. PC has requested the connection with the pair of port When a client tries to access to a server (e.g., proxy, smtp, numbers, by looking up the IP masquerade informa- etc) with IDENT configuration, the server sends the client tion. Then, the program B responds userID that was IDENT request with a pair of local/remote port numbers. used for PPPoE authentication in the identified client Then, the client responds user’s identity (login name) to the PC. server. However, the original IDENT protocol cannot al- ways guarantee reliable response under the LAN socket en- vironment in campus. Since clients connected to the socket 3 Experimental Evaluation are managed by students themselves, not all clients have the IDENT feature. Moreover, malicious configuration is pos- We choose the following points as metrics of the perfor- sible. mance evaluation. Therefore, we try to implement a more reliable IDENT 1. Data transfer rate of the PPPoE server mechanism, by combining the original IDENT protocol with PPPoE authentication. The IDENT protocol uti- 2. CPU usage of the PPPoE server lizes TCP port #113 as well as the TCP network connec- tion. Our key idea is to let the PPPoE server intercept As shown in Table 1, we have prepared 3 different PCs IDENT requests to the port #113 and respond userID with for the PPPoE server, 4 different PCs for clients. An ftp PPPoE authentication. server is used for measuring network performance. For the To achieve the mechanism, we propose and implement PPPoE server, we have measured the performance of user two new methods. The one is a method using NAT (Net- mode, kernel mode and router mode (without PPPoE). We work Address Translation), called NAT method. The other have also added the proposed IDENT mechanisms to the is with IP Masquerade, called Masq method. kernel mode and evaluated their performance. As for clients, we have measured performance effect 1. NAT method when multiple clients are connected, specifically in the fol- Figure 2 shows the outline of the NAT method. When lowing ways: (a) Client A only, (b) Clients A and B, (c) an incoming connection request arrives at TCP #113 Clients A,B and C, (d) all of Clients A, B, C and D. To port on a client PC, the client performs NAT (Network simulate network load, we have prepared a large file (size Address Translation), and accepts the connection as if of 10MByte) on the ftp server, and performed file transfer it were a connection to a virtual interface (denoted by with ftp from the ftp server to the clients. dummy I/F in the figure) on the PPPoE server prepared for each PC client. In the virtual interface, we bind 3.1 Data Transfer Rate a program (call it program A, denoted by IDENTd in the figure) to respond the IDENT protocol on the TCP First, we have measured the data transfer rate in the fol- #113 port. The program A responds userID with PP- lowing way. PoE authentication for any pair of port numbers. 1. On each client PC, repeat the ftp five times. 2. Masq method Figure 3 describes the Masq method. By applying IP 2. Under the traffic, obtain the followings values on the masquerade technique to the outgoing connection from PPPoE server at time Ò, with sleep 1 interleaving: ac- ad×Ü the client PC, we force the source address of the con- cumulated data size exchanged ( Ò ), accumulated acÔÙ nection to be the IP address of the PPPoE server. If an CPU time ( Ò ). 2 Proceedings of the 2002 Symposium on Applications and the Internet (SAINT’02) 0-7695-1447-2/02 $17.00 © 2002 IEEE Table 1. Specification of PCs ftp server ServerA ServerB ServerC ClientA ClientB ClientC ClientD CPU PentiumII PentiumIII PentiumIII Pentium Celeron Celeron Celeron Pentium 450MHz 1GHz 550MHz 233MHz 633MHz 633MHz 300MHz 266MHz Memory 128MB 256MB 896MB 128MB 256MB 256MB 192MB 128MB NIC Intel i8255x Intel i8255x SiS 900 Intel i8255x 3CCFE575 OS Linux2.4.2ac13 Linux2.4.2ac22+ kernelized pppoed[9] Linux2.4.2ac22 Win2k Pro Win98 Win98 Linux2.4.2ac22+ rp-pppoe[8] (kernel)[9] RASPPPOE 0.95b[10] 20 25000 Transfer rate(y1) 20 Interrupts(y2) Fastest client(DHCP) Fastest client(k-PPPoE) 20000 Faster 2 clients(DHCP) Faster 2 clients(k-PPPoE) 15 Faster 3 clients(DHCP) Faster 3 clients(k-PPPoE) 15 4 clients(DHCP) 4 clients(k-PPPoE) 15000 10 10 10000 5 Fastest client(u-PPPoE) 5000 5 Faster 2 clients(u-PPPoE) y1: Transfer rate [MB/s] y2: Interrupts [times/sec] Transfer rate [MB/s] Faster 3 clients(u-PPPoE) 4 clients(u-PPPoE) 0 0 0 5 10 15 20 25 30 35 40 0 200 400 600 800 1000 Time [sec] CPU speed [MHz] Figure 4. Data transfer rate of Server A Figure 5. Maximum transfer rate 15 Ò DÌ Ê 3. Compute the data transfer rate at time ( Ò )as Server A without IDENT ad×Ü ad×Ü Ò ½ Ò Server A with IDENT using NAT DÌ Ê = follows: Ò 14 acÔÙ acÔÙ Server A with IDENT using Masq Ò ½ Ò Server B without IDENT Server B with IDENT using NAT Figure 4 shows the transfer rate and the number of inter- 13 Server B with IDENT using Masq ruptions w.r.t.
Load more

Recommended publications
  • Abstract Introduction Methodology
    Kajetan Hinner (2000): Statistics of major IRC networks: methods and summary of user count. M/C: A Journal of Media and Culture 3(4). <originally: http://www.api-network.com/mc/0008/count.html> now: http://www.media-culture.org.au/0008/count.html - Actual figures and updates: www.hinner.com/ircstat/ Abstract The article explains a successful approach to monitor the major worldwide Internet Relay Chat (IRC) networks. It introduces a new research tool capable of producing detailed and accurate statistics of IRC network’s user count. Several obsolete methods are discussed before the still ongoing Socip.perl program is explained. Finally some IRC statistics are described, like development of user figures, their maximum count, IRC channel figures, etc. Introduction Internet Relay Chat (IRC) is a text-based service, where people can meet online and chat. All chat is organized in channels which a specific topic, like #usa or #linux. A user can be taking part in several channels when connected to an IRC network. For a long time the only IRC network has been EFnet (Eris-Free Network, named after its server eris.berkeley.edu), founded in 1990. The other three major IRC networks are Undernet (1993), DALnet (1994) and IRCnet, which split off EFnet in June 1996. All persons connecting to an IRC network at one time create that IRC network’s user space. People are constantly signing on and off, the total number of users ever been to a specific IRC network could be called social space of that IRC network. It is obvious, that the IRC network’s social space by far outnumbers its user space.
    [Show full text]
  • Honeydv6 a Low-Interaction Ipv6 Honeypot
    HoneydV6 A low-interaction IPv6 honeypot Sven Schindler Potsdam University Institute for Computer Science Operating Systems and Distributed Systems Reykjavík, July 29, 2013 Outline 1 Introduction 2 An IPv6 darknet experiment 3 HoneydV6 - Development and Performance Measurements 4 Conclusion and Future work Sven Schindler (Potsdam University) HoneydV6 Frame 2 of 26 Introduction Outline 1 Introduction 2 An IPv6 darknet experiment 3 HoneydV6 - Development and Performance Measurements 4 Conclusion and Future work Sven Schindler (Potsdam University) HoneydV6 Frame 3 of 26 Introduction Why do we need IPv6 dark- and honeynets? huge IPv6 address space makes brute-force network scanning impossible new scanning approaches in the wild? attacks aiming at IPv6 design weaknesses how to analyse IPv6 related attacks? Sven Schindler (Potsdam University) HoneydV6 Frame 4 of 26 Introduction THC and si6 - IPv6 Attack Toolkits IPv6 attack tools like THC toolkit [3] and si6 [8] available fragment6 (THC) - duplicate fragments fake_router6 (THC) - become the default router rsmurf6 (THC) - remote smurf attack tool dos-new-ip6 (THC) - block new hosts from joining a network scan6 (si6) - intelligent scan approaches Sven Schindler (Potsdam University) HoneydV6 Frame 5 of 26 An IPv6 darknet experiment Outline 1 Introduction 2 An IPv6 darknet experiment 3 HoneydV6 - Development and Performance Measurements 4 Conclusion and Future work Sven Schindler (Potsdam University) HoneydV6 Frame 6 of 26 An IPv6 darknet experiment Prior darknet experiments Why another IPv6 Darknet
    [Show full text]
  • Ipsec Overhead in Wireline and Wireless Networks for Web and Email Applications
    IPSec Overhead in Wireline and Wireless Networks for Web and Email Applications George C. Hadjichristofi Nathaniel J. Davis, IV Scott F. Midkiff Bradley Department of Electrical and Computer Engineering Virginia Polytechnic Institute and State University Blacksburg, Virginia 2406 1 USA Abstract inserted in a system model to calculate the overall This paper focuses on characterizing the overhead of speedup when compression was used in different types of IP Security (IPSec)for email and web applications using networks. The research did not involve deploying test a set of test bed configurations. The different beds for “live” experimental measurements. confligurations are implemented using both wireline and Chappell, et al. did additional work [2]. The purpose wireless netwrk links. ne testing considers different of their research was to determine the suitability of IPSec combinations of authentication algorithms and for a Multiple Level Security environment. The research authentication protocols. Authentication algorithms used an experimental version of IPSec that was not include Hashed Message Authentication Code-Message optimized for performance. A simple IPSec wireline test Digest 5 (HMAC-MD5) and Hashed Message bed was deployed and various measurements were made. Authentication Code-Secure Hash Algorithm 1 (HMAC- The research did not investigate the overhead of using SHAl). Authentication protocols include Encapsulating authentication and encryption and the IPSec Security Payload (ESP) and Authentication Header (AH) implementation used only DES for confidentiality. protocols. Triple Digital Enclyption Standard (3DEq is The results presented in this paper are derived from used for encryption. Overhead is examined for scenarios actual measurements taken on wired and wireless test using no enclyption and no authentication, authentication beds and provide an expanded testing environment when and no encryption, and authentication and enclyption.
    [Show full text]
  • Delegating Network Security with More Information
    Delegating Network Security with More Information Jad Naous Ryan Stutsman Stanford University Stanford University California, USA California, USA [email protected] David Mazières Nick McKeown Nickolai Zeldovich Stanford University Stanford University MIT CSAIL California, USA California, USA Massachusetts, USA [email protected] [email protected] ABSTRACT network has become more centralized, enabling an admin- Network security is gravitating towards more centralized istrator to configure a consistent security policy at a single control. Strong centralization places a heavy burden on the location and have it enforced across various devices. Recent administrator who has to manage complex security policies proposals take centralization even further, proposing that al- and be able to adapt to users’ requests. To be able to cope, most all network features be pulled out of the datapath into the administrator needs to delegate some control back to a central controller [6, 5, 8, 10, 1], giving the administrator end-hosts and users, a capability that is missing in today’s direct control over routing, mobility, and access control. We networks. Delegation makes administrators less of a bottle- expect this trend to continue. neck when policy needs to be modified and allows network While there are many advantages to centralizing the con- administration to follow organizational lines. To enable del- trol of enterprise networks, such centralization places a heavy egation, we propose ident++—a simple protocol to request burden on the administrator. She needs to manage an in- additional information from end-hosts and networks on the creasingly complex set of rules, respond to user requests, path of a flow.
    [Show full text]
  • List of TCP and UDP Port Numbers from Wikipedia, the Free Encyclopedia
    List of TCP and UDP port numbers From Wikipedia, the free encyclopedia This is a list of Internet socket port numbers used by protocols of the transport layer of the Internet Protocol Suite for the establishment of host-to-host connectivity. Originally, port numbers were used by the Network Control Program (NCP) in the ARPANET for which two ports were required for half- duplex transmission. Later, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) needed only one port for full- duplex, bidirectional traffic. The even-numbered ports were not used, and this resulted in some even numbers in the well-known port number /etc/services, a service name range being unassigned. The Stream Control Transmission Protocol database file on Unix-like operating (SCTP) and the Datagram Congestion Control Protocol (DCCP) also systems.[1][2][3][4] use port numbers. They usually use port numbers that match the services of the corresponding TCP or UDP implementation, if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.[5] However, many unofficial uses of both well-known and registered port numbers occur in practice. Contents 1 Table legend 2 Well-known ports 3 Registered ports 4 Dynamic, private or ephemeral ports 5 See also 6 References 7 External links Table legend Official: Port is registered with IANA for the application.[5] Unofficial: Port is not registered with IANA for the application. Multiple use: Multiple applications are known to use this port. Well-known ports The port numbers in the range from 0 to 1023 are the well-known ports or system ports.[6] They are used by system processes that provide widely used types of network services.
    [Show full text]
  • Technicolor Wireless Gateway - Cgm4231
    TECHNICOLOR WIRELESS GATEWAY - CGM4231 OPERATIONS GUIDE Version - Draft 1.1 Copyright © 2018 Technicolor All Rights Reserved No portions of this material may Be reproduced in any form without the written permission of Technicolor. Revision History Revision Date Description Draft 1.0 1/8/2018 Initial draft 1/8/2018 Proprietary and Confidential - Technicolor 2 Table of Contents 1 Introduction ............................................................................................................................ 7 2 Technicolor Wireless Gateway .............................................................................................. 8 2.1 System Information ....................................................................................................... 17 3 Initial Configuration and Setup ............................................................................................ 19 3.1 Accessing the WeBUI .................................................................................................... 19 4 WeBUI Guide ....................................................................................................................... 20 5 Status Pages ....................................................................................................................... 22 5.1 Overview ....................................................................................................................... 22 5.2 Gateway .......................................................................................................................
    [Show full text]
  • Delegating Network Security with More Information
    Delegating Network Security with More Information The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation Naous, Jad et al. “Delegating network security with more information.” in WREN '09, Proceedings of the 1st ACM workshop on Research on enterprise networking, August 21, 2009, Barcelona, Spain, ACM Press. As Published http://dx.doi.org/10.1145/1592681.1592685 Publisher Association for Computing Machinery Version Author's final manuscript Citable link http://hdl.handle.net/1721.1/67004 Terms of Use Creative Commons Attribution-Noncommercial-Share Alike 3.0 Detailed Terms http://creativecommons.org/licenses/by-nc-sa/3.0/ Delegating Network Security with More Information Jad Naous Ryan Stutsman Stanford University Stanford University California, USA California, USA [email protected] David Mazières Nick McKeown Nickolai Zeldovich Stanford University Stanford University MIT CSAIL California, USA California, USA Massachusetts, USA [email protected] [email protected] ABSTRACT network has become more centralized, enabling an admin- Network security is gravitating towards more centralized istrator to configure a consistent security policy at a single control. Strong centralization places a heavy burden on the location and have it enforced across various devices. Recent administrator who has to manage complex security policies proposals take centralization even further, proposing that al- and be able to adapt to users’ requests. To be able to cope, most all network features be pulled out of the datapath into the administrator needs to delegate some control back to a central controller [6, 5, 8, 10, 1], giving the administrator end-hosts and users, a capability that is missing in today’s direct control over routing, mobility, and access control.
    [Show full text]
  • Irc Protocol Used in Any Connection
    Irc Protocol Used In Any Connection Unstoppable Gilbert kedges excessively. Salaried Myke elevates tactually and protectively, she distributed her wite crumpled unhappily. Sometimes peptic Warde ochred her deflagration confidingly, but instinctual Cass suburbanise swith or reinforce delusively. However irc protocol in connection that place, groups or fatal error for a given server After connecting to an IRC network you can bend a channel you reside to join marked. Irc protocol mediation robots, useful in close conjunction with a fairly harmless hacking techniques for connecting to connected to be known as a server on either. Once you testify to the channel, it describes some not the basic commands that IRC users need or know is join channels, use this command. How do faculty connect to IRC? This is called a channel takeover. Which is arbitrary but interesting. IRC clients by subclassing the ephemeral protocol class, an odd delimiter, I have a lot of good people watching it for me. These differences in exactly, be blocking my client connection in the united states network led to connect to aid in processing. Most IRC clients also triple the ability to share files. APIs to connect directly to IRC servers without needing a proxy. The irc in any useful, used in the same as well as message that connects you want also report. To switch the display to a different server or channel, channel mode settings and the topic. Infact, typically a nick. Other channel modes may light the delivery of the message or time the message to be modified before delivery, delimited by spaces.
    [Show full text]
  • CERIAS Tech Report 2002-41 a RECURSIVE SESSION TOKEN PROTOCOL for USE in COMPTUER FORENSICS and TCP TRACEBACK by Brian Carrier
    CERIAS Tech Report 2002-41 A RECURSIVE SESSION TOKEN PROTOCOL FOR USE IN COMPTUER FORENSICS AND TCP TRACEBACK by Brian Carrier & Clay Shields Center for Education and Research in Information Assurance and Security, Purdue University, West Lafayette, IN 47907 A Recursive Session Token Protocol For Use in Computer Forensics and TCP Traceback Brian Carrier Clay Shields Center for Education and Research in Department of Computer Science Information Assurance and Security (CERIAS) Georgetown University Purdue University Washington, D.C., 20007 West Lafayette, IN 47907 [email protected] [email protected] C C 0 1 C n−1 We present the Session TOken Protocol (STOP) [5], which H H H H H 0 1 2 n−1 n is based on the ident protocol, and helps forensic investiga- tion of stepping-stone chains while protecting the privacy of H H Fig. 1. Connection chain example between 0 and n users. STOP saves application-level data about the process and user that opened the socket, and can also send requests to pre- vious hosts to identify other hosts in the chain. At each stage, Abstract— We introduce a new protocol designed to assist in the forensic a hashed token is returned; at no point in the protocol does the investigation of malicious network-based activity, specifically ad- requester ever directly learn user or process data. Instead, they dressing the stepping-stone scenario in which an attacker uses a must redeem the token to the system administrator who can de- chain of connections through many hosts to hide his or her iden- termine the merit of releasing user information.
    [Show full text]
  • Additional AIX Security Tools on IBM Pseries, IBM RS/6000, and SP/Cluster
    Additional AIX Security Tools on IBM pSeries, IBM RS/6000, and SP/Cluster Customize the security of your pSeries systems Explore IBM, non-IBM, and freeware security tools Learn new approaches to security Abbas Farazdel Marc Genty Bruno Kerouanton Chune Keat Khor ibm.com/redbooks SG24-5971-00 International Technical Support Organization Additional AIX Security Tools on IBM ^ pSeries, IBM RS/6000, and SP/Cluster December 2000 Take Note! Before using this information and the product it supports, be sure to read the general information in Appendix D, “Special notices” on page 211. First Edition (December 2000) This edition applies to AIX 4.3.3. Comments may be addressed to: IBM Corporation, International Technical Support Organization Dept. JN9B Mail Station P099 2455 South Road Poughkeepsie, NY 12601-5400 When you send information to IBM, you grant IBM a non-exclusive right to use or distribute the information in any way it believes appropriate without incurring any obligation to you. © Copyright International Business Machines Corporation 2000. All rights reserved. Note to U.S Government Users – Documentation related to restricted rights – Use, duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp. Contents Preface...................................................vii The team that wrote this redbook. ..................................viii Commentswelcome..............................................ix Chapter 1. Introduction ......................................1 1.1Securityframework-Overview...............................1
    [Show full text]
  • TCP/IP Configuration RFC-1323
    Blue Coat® Systems SG™ Appliance Configuration and Management Guide Volume 6: Advanced Networking Version SGOS 5.1.x Volume 6: Advanced Networking Contact Information Blue Coat Systems Inc. 420 North Mary Ave Sunnyvale, CA 94085-4121 http://www.bluecoat.com/support/contact.html [email protected] http://www.bluecoat.com For concerns or feedback about the documentation: [email protected] Copyright© 1999-2007 Blue Coat Systems, Inc. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of Blue Coat Systems, Inc. All right, title and interest in and to the Software and documentation are and shall remain the exclusive property of Blue Coat Systems, Inc. and its licensors. ProxyAV™, CacheOS™, SGOS™, SG™, Spyware Interceptor™, Scope™, RA Connector™, RA Manager™, Remote Access™ are trademarks of Blue Coat Systems, Inc. and CacheFlow®, Blue Coat®, Accelerating The Internet®, ProxySG®, WinProxy®, AccessNow®, Ositis®, Powering Internet Management®, The Ultimate Internet Sharing Solution®, Permeo®, Permeo Technologies, Inc.®, and the Permeo logo are registered trademarks of Blue Coat Systems, Inc. All other trademarks contained in this document and in the Software are the property of their respective owners. BLUE COAT SYSTEMS, INC. DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL BLUE COAT SYSTEMS, INC., ITS SUPPLIERS OR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY EVEN IF BLUE COAT SYSTEMS, INC.
    [Show full text]
  • CLI User's Guide
    Management Software AT-S95 CLI User’s Guide AT-8000GS Series Stackable Gigabit Ethernet Switches Version 2.0.0.27 613-001982 Rev. A Copyright © 2014 Allied Telesis, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc. Allied Telesis is a trademark of Allied Telesis, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered trademark of Netscape Communications Corporation. All other product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners. Allied Telesis, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc. has been advised of, known, or should have known, the possibility of such damages. Table of Contents Preface ................................................................................................................................. 14 Intended Audience.........................................................................................................................15 Document
    [Show full text]