DOCSLIB.ORG

Linux Routers and Community Networks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Linux Routers and Community Networks Summer Course at Mekelle Institute of Technology. July, 2015. Linux Routers and Community Networks Llorenç Cerdà-Alabern http://personals.ac.upc.edu/llorenc [email protected] Universitat Politènica de Catalunya, Barcelona, Spain Revision: 0e36644 (2015-07-09) Llorenç Cerdà-Alabern Linux Routers and Community Networks 1 / 191 Summer Course at Mekelle Institute of Technology. Linux Routers and Community Networks Introduction Where I come from Linux Routers Parts I Introduction II Lab 1: Basic Network Configuration III Lab 2: RIP and OSPF IV Lab 3: Firewall configuration V Lab 4: Community Networks VI Lab 5: Network Management Llorenç Cerdà-Alabern Linux Routers and Community Networks 2 / 191 Summer Course at Mekelle Institute of Technology. Linux Routers and Community Networks Introduction Where I come from Part I Linux Routers Introduction Outline Where I come from Linux Routers Llorenç Cerdà-Alabern Linux Routers and Community Networks 3 / 191 Introduction Where I come from Introduction Mekelle vs. Barcelona Where I come from Linux Routers • Barcelona - Mekelle: 7,660 km Ethiopia Spain Tigray Catalonia Mekelle Barcelona Area [km2] 1.1 M 0.5 M 41 k 32 k 24.4 803 Population 90 M 47 M 4.3 M¤ 7.5 M 219 k 4.7 M ¤ 2007 Census. Source: Wikipedia. Llorenç Cerdà-Alabern Linux Routers and Community Networks 4 / 191 Introduction Where I come from Introduction A bit of history: Barcino Where I come from Linux Routers • Iberian, Carthaginian and Roman Town, called Barcino 15 BC. Llorenç Cerdà-Alabern Linux Routers and Community Networks 5 / 191 Introduction Where I come from Introduction Barcelona Where I come from Linux Routers Eixample Sagrada Familia Barça Llorenç Cerdà-Alabern Linux Routers and Community Networks 6 / 191 Introduction Where I come from Introduction Universitat Politècnica de Catalunya (UPC) Where I come from Linux Routers Campus Nord • UPC: Public University of Catalonia, focussed on tech. studies. • UPC has 22 Schools in 7 towns. • Facultat d’Informàtica de Barcelona (Computer Science) is in Campus Nord and has around 2,000 students. Llorenç Cerdà-Alabern Linux Routers and Community Networks 7 / 191 Summer Course at Mekelle Institute of Technology. Linux Routers and Community Networks Introduction Where I come from Part I Linux Routers Introduction Outline Where I come from Linux Routers Llorenç Cerdà-Alabern Linux Routers and Community Networks 8 / 191 Introduction Linux Routers Introduction Where I come from Linux Routers What is a Router? • Devices that use a common protocol: The Internet Protocol, IP. • Exchange Datagramans using any kind of physical network (LAN or WAN). • Interconnect IP Networks: Networks of devices having interfaces with unique addresses, sharing a common netid, or IP prefix (most significant bits of the IP address). Llorenç Cerdà-Alabern Linux Routers and Community Networks 9 / 191 Introduction Linux Routers Introduction IPv4 address Where I come from 0 bits 31 ++++++++++++++++ Linux Routers |netid| hostid| ++++++++++++++++ • 4 bytes (32 bits) • Dotted notation: 10.0.1.1, Mask: 255.255.255.0 or /24. • Host loopback network: 127.0.0.0/8. • Private add.: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. netid hostid Class (bytes) (bytes) Codification range A 1 3 0xxxx x 0.0.0.0 127.255.255.255 ¢¢¢ » B 2 2 10xxx x 128.0.0.0 191.255.255.255 ¢¢¢ » C 3 1 110xx x 192.0.0.0 223.255.255.255 ¢¢¢ » D-- 1110x x 224.0.0.0 239.255.255.255 ¢¢¢ » E-- 1111x x 240.0.0.0 255.255.255.255 ¢¢¢ » Llorenç Cerdà-Alabern Linux Routers and Community Networks 10 / 191 Introduction Linux Routers Introduction IPv6 address Where I come 0 bits 127 from ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ | netid| hostid| Linux Routers ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ • 16 bytes (128 bits) • Notation: ff02:0000:0000:0000:0000:0000:0000:0001/64 (8 quads of 4 nibbles). Simplification: supress leading and group zeroes: ff02::1/64 • Loopback: ::1/128 • Link local unicast: fe80::/10. Interface notation: fe80::4e5e:cff:fee9:fc89%eth0 • Unique local unicast (ULA): fc00::/7 (equivalent to private IPv4) • Global unicast: 2000::/3 • Multicast: ff00::/8 • Link local all nodes: ff02::1 Example: IPv6ll of all nodes in eth0: ping6 ff02::1%eth0 • Link local all routers: ff02::2 Llorenç Cerdà-Alabern Linux Routers and Community Networks 11 / 191 Introduction Linux Routers Introduction How a router works Where I come from Linux Routers ~# route -n Kernel IP routing table Destination Gateway Genmask Metric Iface 0.0.0.0 10.1.24.97 0.0.0.0 30 eth1.3 10.1.24.96 0.0.0.0 255.255.255.224 30 eth1.3 ~# ip r l default via 10.1.24.97 dev eth1.3 proto static metric 30 10.1.24.96/27 dev eth1.3 proto static scope link metric 30 Llorenç Cerdà-Alabern Linux Routers and Community Networks 12 / 191 Introduction Linux Routers Introduction Commertial routers Where I come from Linux Routers CISCO Juniper Llorenç Cerdà-Alabern Linux Routers and Community Networks 13 / 191 Introduction Linux Routers Introduction SOHO routers Where I come from Linux Routers CISCO Buffalo TP-link Mikrotik Huawei Ubiquiti Zyxel D-link ¢¢¢ Llorenç Cerdà-Alabern Linux Routers and Community Networks 14 / 191 Introduction Linux Routers Introduction Router Operating Systems Where I come from • CISCO: Internetwork Operating System, IOS. Linux Routers • Juniper: Junos OS. • Mikrotic: RouterOS. • Ubiquiti: AirOS. • Zyxel: ZyNOS. • Device specific: TP-Link, ¢¢¢ • Unix/Linuxa: Alpine, NetBSD, DD-WRT, EdgeOS, FREESCO, FreeWRT, OpenWrt, Tomato, . ¢¢¢ aSee Wikipedia: https://en.wikipedia.org/wiki/List_of_router_ and_firewall_distributions Llorenç Cerdà-Alabern Linux Routers and Community Networks 15 / 191 Introduction Linux Routers Introduction Where I come from Linux Routers Why OpenWrt? • GNU/Linux distribution originally designed for embedded devices. • Free, open source. • Active web page with a lot of documentationa. • Continuously improved by a wide and very active community. • Supported by a large number of devicesb. ahttps://openwrt.org/ bhttp://wiki.openwrt.org/toh/start Llorenç Cerdà-Alabern Linux Routers and Community Networks 16 / 191 Summer Course at Mekelle Institute of Technology. Linux Routers and Community Networks Lab 1: Basic Network Configuration Description Parts Unix basic commands I Introduction Lab set up II Lab 1: Basic Network Configuration Building a patch cord III Lab 2: RIP and OSPF Flashing OpenWrt IV Lab 3: Firewall configuration Accessing OpenWrt V Lab 4: Community Networks Installing VI Lab 5: Network Management packages OpenWrt Net. Interfaces Configure VLANs Configure WiFi StaticLlorenç Routing Cerdà-Alabern Linux Routers and Community Networks 17 / 191 Summer Course at Mekelle Institute of Technology. Linux Routers and Community Networks Lab 1: Basic Network Part II Configuration Description Lab 1: Basic Network Configuration Unix basic commands Lab set up Building a Outline patch cord Flashing Description Installing packages OpenWrt Accessing Unix basic commands OpenWrt Net. Interfaces OpenWrt Installing Lab set up Configure VLANs packages OpenWrt Net. Building a patch cord Configure WiFi Interfaces Configure Flashing OpenWrt VLANs Static Routing Configure Accessing OpenWrt WiFi StaticLlorenç Routing Cerdà-Alabern Linux Routers and Community Networks 18 / 191 Lab 1: Basic Network Configuration Description Lab 1: Basic Network Configuration Description Unix basic commands Objectives Lab set up • Basic Linux administration commands. Building a patch cord • Build a straight-through patch cord. Flashing OpenWrt • Install OpenWrt. Accessing • Configuring networking interfaces and static routing. OpenWrt Installing packages OpenWrt Net. Interfaces Configure VLANs Configure WiFi StaticLlorenç Routing Cerdà-Alabern Linux Routers and Community Networks 19 / 191 Summer Course at Mekelle Institute of Technology. Linux Routers and Community Networks Lab 1: Basic Network Part II Configuration Description Lab 1: Basic Network Configuration Unix basic commands Lab set up Building a Outline patch cord Flashing Description Installing packages OpenWrt Accessing Unix basic commands OpenWrt Net. Interfaces OpenWrt Installing Lab set up Configure VLANs packages OpenWrt Net. Building a patch cord Configure WiFi Interfaces Configure Flashing OpenWrt VLANs Static Routing Configure Accessing OpenWrt WiFi StaticLlorenç Routing Cerdà-Alabern Linux Routers and Community Networks 20 / 191 Lab 1: Basic Network Configuration Unix basic commands Lab 1: Basic Network Configuration Directories Description • cd: Change directory. Unix basic commands • mkdir: make directory, rmdir: remove directory. Lab set up • ls: list directory. Building a • patch cord rm: remove file, rm -r directory: remove directory and its Flashing contents. OpenWrt • chown: change owner file/directory. Accessing OpenWrt • chmod: change permissions. Installing Examples: chmod 700 file, chmod ugo+rwx file. packages • cat, more, less: dump file content. OpenWrt Net. Interfaces • df -h: list disk partitions. Configure VLANs Configure WiFi StaticLlorenç Routing Cerdà-Alabern Linux Routers and Community Networks 21 / 191 Lab 1: Basic Network Configuration Unix basic commands Lab 1: Basic Network Files Configuration • grep: globally search regular expression (regex) and print, Description filter file content using regex. Unix basic ~# cat network | grep eth. commands option ifname ’eth0’ option ifname ’eth1’ Lab set up • find: find file. Examples: Building a patch cord ~# find . -name network ./config/network Flashing ./init.d/network OpenWrt ~# find /etc -name \*.conf -exec grep nameserver {} \; -print nameserver 127.0.0.1
Load more

Recommended publications
  • Curso De Microinformatica.Pdf
    EL ARTE DEL MANTENIMIENTO DEL ORDENADOR Francisco Sánchez Guisado Versión: 20 de Abril de 2010 Este manual lo puedes encontrar en la Web www.humantica.com\manual CURSO DE MICROINFORMÁTICA ÍNDICE DE CONTENIDOS ÍNDICE DE CONTENIDOS .............................................................................. 2 DEDICATORIA ................................................................................................. 5 PRÓLOGO ........................................................................................................ 6 INTRODUCCIÓN .............................................................................................. 7 I. HISTORIA DE LA INFORMÁTICA ........................................................ 10 1.1 – Los antecedentes de la informática ............................................................ 11 1.1.1 – Calculadores electrónicos .............................................................................. 13 1.1.2 – Almacenamiento de programas...................................................................... 13 1.2 – Generaciones de ordenadores ................................................................... 15 1.2.1 – Primera generación de ordenadores .............................................................. 15 1.2.2 – Segunda generación de ordenadores. ........................................................... 16 1.2.3 – Tercera generación de ordenadores .............................................................. 17 1.2.4 – Cuarta generación de ordenadores ...............................................................
    [Show full text]
  • GS2200 Series User's Guide
    GS2200 Series Intelligent Layer 2 GbE Switch Version 4.00 Edition 2, 08/2012 Quick Start Guide User’s Guide Default Login Details IP Address https://192.168.1.1 User Name admin Passwordwww.zyxel.com 1234 Copyright © 2012 ZyXEL Communications Corporation IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. This is a User’s Guide for a series of products. Not all products support all firmware features. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate. Related Documentation • CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the Switch. Note: It is recommended you use the Web Configurator to configure the Switch. 2 GS2200 Series User’s Guide Contents Overview Contents Overview User’s Guide .......................................................................................................................................15 Getting to Know Your Switch ...................................................................................................................17 Hardware Installation and Connection ....................................................................................................21 Hardware Panels .....................................................................................................................................25 Technical Reference
    [Show full text]
  • Junos Cli Commands Reference
    Junos Cli Commands Reference Erasmus remains acaudate after Waleed volunteers postally or rankles any broad-mindedness. Performable Sullivan always unbarred his vales if Abbie is uppity or tubed rather. Undulant Stewart incommodes unmistakably. Executes the CLI commands and reuturns the text output. Thank you junos cli is a reference guide and preferred way you ready for? Juniper Commands Cheat Sheet ftikusmacid. Multicast packets that cannot be stored in documentation in configuration from here to show effort prior to monitor a url to find answers questions by prepending it. Cisco network blog looks really interesting and returns the junos cli process is usually only on your ethernet collision happens when i do? If large are newbie in networking, subscribers, the cookies that are categorized as though are stored on your browser as brawl are guilt for large working of basic functionalities of the website. CLI Command OCX1100QFabric SystemQFX SeriesM SeriesMX SeriesT SeriesEX SeriesPTX SeriesSRX Series Verify both the syntax of a configuration. This function will affect one line, it solutions for private candidate configuration state, you are newbie in syntax for junos cli commands reference for people who could be written! Your Scribd membership was canceled. Junipernetworksjunosjunoscommand Run arbitrary. The port that is used to connect into the Juniper host using SSH. Very Good Explanation With Diagrams! Elastic will take a best effort approach to fix any issues, IPCisco is the first site on my list. If this option is specified, or ssh key passphrase. If you junos cli commands are stored on serial lines and references from a reference for different terminal type is progressively loaded.
    [Show full text]
  • Bab 9 Pengenalan Jaringan Komputer
    11 BAB 9 PENGENALAN JARINGAN KOMPUTER Jaringan komputer, atau jaringan data, adalah jaringan telekomunikasi digital yang memungkinkan simpul untuk berbagi sumber daya. Dalam jaringan komputer, perangkat komputasi jaringan bertukar data satu sama lain menggunakan data link. Sambungan antar simpul dibuat menggunakan media kabel atau media nirkabel. Perangkat komputer jaringan yang berasal, rute dan penghentian data disebut node jaringan. Node dapat mencakup host seperti komputer pribadi, telepon, server serta perangkat keras jaringan. Dua perangkat seperti itu dapat dikatakan jaringan bersama bila satu perangkat dapat bertukar informasi dengan perangkat lain, apakah mereka memiliki hubungan langsung atau tidak langsung satu sama lain. Dalam kebanyakan kasus, protokol komunikasi khusus aplikasi berlapis (yaitu dibawa sebagai muatan) melalui protokol komunikasi umum lainnya. Koleksi teknologi informasi yang tangguh ini membutuhkan pengelolaan jaringan yang terampil agar tetap berjalan dengan andal. Jaringan komputer mendukung sejumlah besar aplikasi dan layanan seperti akses ke World Wide Web, video digital, audio digital, penggunaan bersama dari server aplikasi dan penyimpanan, printer, dan mesin faks, dan penggunaan aplikasi email dan pesan instan serta banyak lainnya Jaringan komputer berbeda dalam media transmisi yang digunakan untuk membawa sinyal mereka, protokol komunikasi untuk mengatur lalu lintas jaringan, ukuran jaringan, topologi dan maksud organisasi. Jaringan komputer yang paling terkenal adalah Internet. 9.1 Sejarah Kronologi perkembangan jaringan komputer yang signifikan meliputi: l Pada akhir 1950-an, jaringan komputer awal mencakup sistem radar militer A.S. Semi-Automatic Ground Environment (SAGE). l Pada tahun 1959, Anatolii Ivanovich Kitov mengusulkan kepada Komite Sentral Partai Komunis Uni Soviet sebuah rencana terperinci untuk pengorganisasian kembali kendali angkatan bersenjata Soviet dan ekonomi Soviet berdasarkan jaringan pusat komputasi , OGAS.
    [Show full text]
  • P-660R-Tx V2 Series
    P-660R-Tx v2 Series ADSL2+ Router Support Notes Version3.40 Dec. 2006 P-660R-Tx v2 Series Support Notes FAQ .................................................................................................................3 ZyNOS FAQ .................................................................................................3 1. What is ZyNOS? ...................................................................................3 2. What’s Multilingual Embedded Web Configurator?...............................3 3. How do I access the P-660R-Tx v2 Command Line Interface (CLI)? ...3 4. How do I update the firmware and configuration file? ...........................3 5. How do I upgrade/backup the ZyNOS firmware by using TFTP client program via LAN?.....................................................................................3 6. How do I restore P-660R-Tx v2 configurations by using TFTP client program via LAN?.....................................................................................4 7. What should I do if I forget the system password? ...............................4 8. How to use the Reset button?...............................................................4 9. What is SUA? When should I use SUA? ..............................................5 10. What is the difference between SUA and Full Feature NAT? .............5 11. Is it possible to access a server running behind SUA from the outside Internet? How can I do it?.........................................................................6 12. When do I need select
    [Show full text]
  • XGS-4728F Intelligent Layer 3+ Switch
    XGS-4728F Intelligent Layer 3+ Switch Default Login Details IP Address http://192.168.0.1 (Out-of-band MGMT port) http://192.168.1.1 (In-band ports) User Name admin Password 1234 www.zyxel.com Firmware Version 3.90 Edition 2, 04/2010 www.zyxel.com Copyright © 2010 ZyXEL Communications Corporation About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the Switch using the web configurator. Related Documentation • Web Configurator Online Help The embedded Web Help contains descriptions of individual screens and supplementary information. • Command Reference Guide The Command Reference Guide explains how to use the Command-Line Interface (CLI) and CLI commands to configure the Switch. Note: It is recommended you use the web configurator to configure the Switch. • Support Disc Refer to the included CD for support documents. Documentation Feedback Send your comments, questions or suggestions to: [email protected] Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan. Need More Help? More help is available at www.zyxel.com. XGS-4728F User’s Guide 3 About This User's Guide • Download Library Search for the latest product updates and documentation from this link. Read the Tech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in order to better understand how to use your product. • Knowledge Base If you have a specific question about your product, the answer may be here.
    [Show full text]
  • Prestige 792H G.SHDSL Router with Four-Port Switch
    Prestige 792H G.SHDSL Router with four-port switch User's Guide Version 3.40 June 2004 Prestige 792H G.SHDSL Router Copyright Copyright © 2003 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice. Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners. ii Copyright Prestige 792H G.SHDSL Router Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations. This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules.
    [Show full text]
  • Logins Y Passwords ADSLNET
    Logins y Passwords ADSLNET Fabricante Modelo Version OS Login Password 3Com - 1.25 root letmein 3Com Super Stack 2 Switch Any manager manager 3Com AccessBuilder® 7000 BRI Any - - 3Com CoreBuilder 2500 - - - 3Com Switch 3000/3300 - manager manager 3Com Switch 3000/3300 - admin admin 3Com Switch 3000/3300 - security security Cable Managment System 3com SQL Database (DOSCIC Win2000 & MS DOCSIS_APP 3com DHCP) NAC (Network Access 3Com - adm none Card) 3Com HiPer ARC Card v4.1.x of HA adm none 3Com CoreBuilder 6000 - debug tech 3Com CoreBuilder 7000 - tech tech SuperStack II Switch 3Com - debug synnet 2200 SuperStack II Switch 3Com - tech tech 2700 3Com SuperStack / CoreBuilder - admin - 3Com SuperStack / CoreBuilder - read - 3Com SuperStack / CoreBuilder - write - 3Com LinkSwitch and CellPlex - tech tech 3Com LinkSwitch and CellPlex - debug synnet 3com Superstack II 3300FX - admin - 3com Switch 3000/3300 - Admin 3com 3com 3comCellPlex7000 - tech tech 3Com Switch 3000/3300 - monitor monitor 3Com AirConnect Access Point n/a - comcomcom Superstack II Dual Speed 3com - security security 500 3Com OfficeConnect 5x1 at least 5.x - PASSWORD SuperStack 3 Switch 3Com - admin - 3300XM 3com Super Stack 2 Switch Any manager manager SuperStack II Switch 3Com - manager manager 1100 SuperStack II Switch 3Com - security security 1100 3com super stack 2 switch any manager manager Office Connect Remote 3Com - root !root 812 3Com Switch 3000/3300 - admin admin 3COM OCR-812 - - - Logins y Passwords 3com - - - - 3com NBX100 2.8 administrator 0000 3com Home Connect
    [Show full text]
  • Prestige 645R-A Series ADSL Router
    Prestige 645R-A series ADSL Router User's Guide Version 3.40 July 2003 Prestige 645R-A Series User’s Guide Copyright Copyright © 2003 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice. Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners. ii Copyright Prestige 645R-A Series User’s Guide Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations. This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules.
    [Show full text]
  • P-660HW-Dx V2 Series Support Notes
    P-660HW-Dx v2 Series Support Notes P-660HW-Dx v2 Series 802.11g Wireless ADSL2+ 4-port Gateway Support Notes Version3.40 Jan. 2007 P-660HW-Dx v2 Series Support Notes FAQ ................................................................................................................. 5 ZyNOS FAQ ................................................................................................. 5 1. What is ZyNOS? ................................................................................... 5 2. What‟s Multilingual Embedded Web Configurator? ............................... 5 3. How do I access the P-660HW-Dx v2 Command Line Interface (CLI)? 5 4. How do I update the firmware and configuration file? ........................... 5 5. How do I upgrade/backup the ZyNOS firmware by using TFTP client program via LAN? ..................................................................................... 5 6. How do I restore P-660HW-Dx v2 configurations by using TFTP client program via LAN? ..................................................................................... 6 7. What should I do if I forget the system password? ............................... 6 8. How to use the Reset button? ............................................................... 6 9. What is SUA? When should I use SUA? .............................................. 6 10. What is the difference between SUA and Full Feature NAT? ............. 7 11. Is it possible to access a server running behind SUA from the outside Internet? How can I do it? ........................................................................
    [Show full text]
  • Internet Scanner® 7.0 SP2 Asset & Operating System Identification
    An ISS White Paper Internet Scanner® 7.0 SP2 Asset & Operating System Identification Technical Whitepaper 6303 Barfield Road • Atlanta, GA 30328 Tel: 404.236.2600 • Fax: 404.236.2626 Internet Scanner 7.0 Overview The following document contains information on the system identification used by Internet Scanner 7.0 SP2. Background SP2 updates the NMAP database that is used for system fingerprinting to the 3.75 version. This update includes 20% more fingerprints than the previous version and numerous updates to existing fingerprints. With this update we can now identify 1,353 different systems with an extremely high degree of accuracy. This is accomplished by the combination of data from the NMAP database along with IS specific scan results such as banner’s, open port grouping, available services, NetBIOS probes, etc. More information can be found in the “Discovery Engine” section of the Internet Scanner 7.0 Technical Overview whitepaper. More information on classical OS Fingerprinting can be found in “Remote OS detection via TCP/IP Stack FingerPrinting” at http://www.insecure.org/nmap/nmap-fingerprinting-article.html. User Defined OS Fingerprint Extensions Service Pack 2 adds the ability for users to add their own custom fingerprints for Internet Scanner to use. Information on how to add these can be found in the issSensors\scanner_1\discovery\user-os-fingerprints file. More information on much of the fingerprint format can also be found on the Nmap website (www.insecure.org/nmap). Operating Systems Identified – Summary Internet Scanner 7.0 SP2 is able to identify nearly 700 different Operating Systems down to the update level.
    [Show full text]
  • Towards Automated Dynamic Analysis for Linux-Based Embedded Firmware
    Towards Automated Dynamic Analysis for Linux-based Embedded Firmware Daming D. Chen∗, Manuel Egeley, Maverick Woo∗, and David Brumley∗ ∗ Carnegie Mellon University {ddchen, pooh, dbrumley}@cmu.edu y Boston University {megele}@bu.edu Abstract—Commercial-off-the-shelf (COTS) network-enabled I. INTRODUCTION embedded devices are usually controlled by vendor firmware to perform integral functions in our daily lives. For example, With the proliferation of the so-called “Internet of Things”, wireless home routers are often the first and only line of defense an increasing number of embedded devices are being connected that separates a home user’s personal computing and information to the Internet at an alarming rate. Commodity networking devices from the Internet. Such a vital and privileged position in equipment such as routers and network-attached storage boxes the user’s network requires that these devices operate securely. are joined by IP cameras, thermostats, or even remotely- Unfortunately, recent research and anecdotal evidence suggest controllable power outlets. These devices frequently share that such security assumptions are not at all upheld by the devices certain technical characteristics, such as embedded system deployed around the world. on a chip (SOC) designs based on ARM or MIPS CPUs, network connectivity via Ethernet or WiFi, and a wide variety A first step to assess the security of such embedded device firmware is the accurate identification of vulnerabilities. However, of communication interfaces such as GPIO, I2C, or SPI. the market offers a large variety of these embedded devices, Nevertheless, many of these devices are controlled by vendor which severely impacts the scalability of existing approaches in and chipset-specific firmware that is rarely, if ever, updated to this area.
    [Show full text]