Black Box Secure Device Servers manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Black Box Secure Device Servers, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Black Box Secure Device Servers one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Black Box Secure Device Servers. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Black Box Secure Device Servers should contain:
- informations concerning technical data of Black Box Secure Device Servers
- name of the manufacturer and a year of construction of the Black Box Secure Device Servers item
- rules of operation, control and maintenance of the Black Box Secure Device Servers item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Black Box Secure Device Servers alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Black Box Secure Device Servers, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Black Box service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Black Box Secure Device Servers.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Black Box Secure Device Servers item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    M a y 2010 LE S 1101 A LE S 1102 A 110 1 a nd 1102 Sec ure Device Ser vers Sec ure ly mon i tor , a cc e ss , and cont ro l th e co mpu ter s, networking dev ices , tel e communica t ions equipment, an d power suppli es in your dat a room or com munica tion s center s . Manag e yo ur servers : • L o ca l l y across yo ur manage ment LAN or throu [...]

  • Page 2

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 2 Feder a l Comm unicatio ns Com m ission and Ind ustr y Ca nad a R adio Frequenc y Interfe rence Stat e ments This e quipm ent g enerates , uses, a nd can radiate radio-fre qu ency ener gy, and if no t i nstalled a nd used p roperly , th at is, in st r i ct a cco rd an ce w [...]

  • Page 3

    FC C a n d IC RFI Sta tem ent s 724-746-5 5 00 | blackbox.co m 3 No r mas Ofi ciales Mexi canas ( NO M ) Elect ri cal S af ety Stat ement INSTRUC C IONES D E SE GURIDAD 1. T odas l as i n str u cci on es de se gu ri d ad y op eraci ón deberán ser leídas a nt es de que el a par at o eléct rico sea operado. 2. La s i nst r ucc i on es de se g ur [...]

  • Page 4

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 4 Trade mar ks Used in thi s Manu a l Black Box and the Doub le Diamond logo are re g istered trademarks of BB Technologies, Inc. Mac is a registered trade mar k o f Apple Co mputers, Inc. Linux is a regi ster e d trade mark o f Linus T orvalds. Internet Explorer, Window s, W[...]

  • Page 5

    Ta bl e of C o nte n ts 724-746-5 5 00 | blackbox.co m 5 5 T able of C ontents 1. Sp eci fi c atio n s .............................................................................................................. ............................................................................................ 9 2. Ov e rvi ew ..........................[...]

  • Page 6

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 6 6 6.7 SD T Con n ecto r Pu bl ic K e y Au th en ti c atio n ................................................................................... ................................................................. 52 6 .8 S ett in g Up SD T fo r R emo t e D es k top A cc e ss .[...]

  • Page 7

    Ta bl e of C o nte n ts 724-746-5 5 00 | blackbox.co m 7 7 11 . S yst e m M an ag em ent .......................................................................................................... .................................................................................... 106 1 1 .1 S y st e m A d m in ist r at io n an d R es et ...........[...]

  • Page 8

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 8 8 15 .6 .4 In st al lin g S SH Pu b lic K eys A u th ent i ca t ion ( Linu x ) ..................................................................... ....................................................... 148 15.6. 5 G enerating Public/Pri vate Keys for SSH (Windows) ......[...]

  • Page 9

    C h a pt er 1 : S p e cif icat i o ns 724-746-5 5 00 | blackbox.co m 9 1 . S pecificat ions CPU: MIcrel KS8695P controller Memo r y: 16 MB SDRAM, 8 MB Flas h Seri a l Baud Ra tes: 2400 to 115 ,200 bps Connectors: LES 1101 A: (1) DB9 R S-232 serial, ( 1 ) RJ -45 10/100BASE-T Ethernet; LES1102A: (2) DB9 R S-232 serial, (1) RJ-45 10/100BASE-T Ethern e[...]

  • Page 10

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 10 2. Ov er vi e w 2 . 1 I nt roduct ion This U ser’s M anual w alks you through insta lling and c on fi gu ring your B lack Bo x Sec u re D evice Se rver s (L ES1101A or LES 1102A ). Ea ch o f th es e products is referre d to ge n erically in this manual a s a “ console [...]

  • Page 11

    C h a pt er 2 : Ov ervi e w 724-746-5 5 00 | blackbox.co m 11 devices ; and c on trol these devices u sing t h e speci fied serv ices (f o r example, Te lnet, HH TPS, RD P, IP M I, Se rial over L AN, Po w er Control). An au th o r i zed User a ls o ha s a li mit e d v ie w of t he Ma na ge me nt C ons ole a nd c a n onl y acc e ss a ut hor iz e d c[...]

  • Page 12

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 12 Table 2 -1. LES 1101A front-pan el c ompon ents. Number Component Description ` 1 Barrel connect o r Power 2 RJ- 45 c onn ect o r Li n ks to 10/100 Mbps Ether n et 3 J1 jum p er Select s R S-232, RS-485, R S- 422 4 RJ- 45 LED Et hernet Connectivity LED 5 R J-4 5 Eth e rn e[...]

  • Page 13

    C h a pt er 2 : Ov ervi e w 724-746-5 5 00 | blackbox.co m 13 2.5. 3 LES 1102A F r o nt Pane l Fi gu re 2 -4 shows t h e front p anel o f t h e LES 1102A . Ta b le 2 -3 d escribes i ts components. Fi gu re 2-4. LES1102A front panel. Table 2 -3. LES 1102A front-pan el c ompon ents. Number Component Description 1 Barrel connect o r Power 2 8-posit io[...]

  • Page 14

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 14 2 . 6 W hat ’s Inclu d ed Your package should include the following items. If anyt h ing is missing o r damaged, contact Black Box Technica l Support at 724- 746-5500 or info @ b l a ckb o x . co m . 2.6. 1 LES 1101A • 1101 Secure D evice Server • Universal input 12-[...]

  • Page 15

    Ch a p t er 3: Ins tallation 724-746-5 5 00 | blackbox.co m 15 3 . Ins ta lla t ion Make s ure you h ave every thing l isted in Cha pter 2, Section 2.6 for your 1101 o r 1102 Secure Device Server. 3.1 P o we r C on ne c ti o n The LES 1101A or LES1102A m od els are ea ch supplied w i th a n exter n al DC wall m oun t pow er s upp l y. T his power s[...]

  • Page 16

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 16 Table 3-1. RS-232 DB9 connector pinouts. Signal Pi n Definition CD 1 Receive d Line Signal D etect o r RXD 2 Receive d Data TXD 3 Tran s mi tt ed D at a D T R 4 D ata Te r mi na l Re ady GND 5 Si gn al Ground DSR 6 Data Set Ready RTS 7 Request T o Send CTS 8 Cl ear T o Sen[...]

  • Page 17

    Ch a p t er 3: Ins tallation 724-746-5 5 00 | blackbox.co m 17 We b m anagement cons o le. Two short cable loops ar e als o required b etwee n the RX+/T X + pin s and RX -/T X - pin s. This is b eca u se the LES1102A uses universa l di fferentia l transceiver s that support 4-wire (RS- 422 ) and 2-wire (RS-485) op eration. In R S-485 mode, P ort 2 [...]

  • Page 18

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 18 4 . System Co nfigurati on Th i s chapter provi d es ste p -by-ste p i n struct ions for t h e console server’s i n itial c onfigurati on , and f or connecting it to t h e Ma na ge me nt or Ope ra t i ona l LAN . Th e Administrator must: • A cti va te t he Ma na ge me [...]

  • Page 19

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 19 Fi gu re 4-1. Run screen. No w add a s ta t ic en tr y to the AR P tab l e an d ping th e console server to ass ign the IP a dd ress t o th e c on sole server . I n t h e example b el o w, a con sol e se rver has a MAC Address 00:13:C6:00:02:0F (designate d on the label[...]

  • Page 20

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 20 You will be prompted to log in. Enter t h e d efa u lt administ r ation user na me a nd adminis tra ti on passw ord: Username: r oot Passw ord: default F i gur e 4- 2. Lo gin sc re e n. NOTE: C onsole ser ver s are fac tory c onfigured w ith HTTPS acce ss enable d and HTTP[...]

  • Page 21

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 21 F igure 4-4. System : Ad mi n istra tion scree n . 1. Sel ect Syste m: Administra tion. 2. E nter a new System Pass word t h en re-e nter it in Confirm Sys t em Pass wo rd. T h is is t h e new pa ssword f o r r oo t, t h e ma in adminis trative user account, so choose a[...]

  • Page 22

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 22 F i gur e 4- 5. IP Se t ti ngs sc r ee n. I f y ou s e lec te d DHCP , t he co n sol e s e r v er wi ll lo ok f or c onf ig ura ti on d et ai ls fr om a D HCP se rv e r on y our ma na ge me nt L AN. T hi s sel e ct ion au to m ati c al ly di s ab l es an y s t at i c ad d [...]

  • Page 23

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 23 Fi gure 4-6. Sys t em: Se rvices scree n. Sel e c t th e S y s t em: S e rv i c es op tio n , th en s e l ec t /d es e l ec t fo r the se r vi c e to b e en ab l ed /d i s ab led . Th e fo l lo w i ng a c c es s pro to co l options are availa b le: • H T TP S : Th i s[...]

  • Page 24

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 24 • Base: The cons o le ser ver us e s spe c if i c d e f aul t r an g e s fo r th e TC P/ I P po r t s fo r th e v a rio u s a c c e ss ser v ic e s tha t Users and A d m in ist ra to r s can u se t o access d evices attac hed t o seria l po rts (as covere d in Cha pte r [...]

  • Page 25

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 25 4.5. 2 P uTTY You ca n also use c om municati on s p ackages l i ke Pu TTY to co nn e c t to th e c ons ol e s e rve r command l ine (and to c onnect seria lly attac h ed device s as co v er ed in Chapter 5 ). Pu T TY is a f reew are i mpleme n tation of Te lnet a nd SS[...]

  • Page 26

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 26 5 . Se ria l Port, Host, Devi ce, and User Co nfig urat io n The Black Box LES1101A and LES1102A co n so l e s e r v er en abl e s a c c e ss an d con t rol of s er i al ly a tt a ch ed d ev i c es an d n etw o rk a t t ach ed d e vi c e s ( ho sts ). Th e Adm inis trator [...]

  • Page 27

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 27 F igure 5-2. Serial port scree n . Select Serial & Netw o rk: Seria l Port and y ou wil l see the c u rre n t la b els, modes, logging levels , and R S-232 protocol options th at are curre n tly s et up fo r each se rial port. By d e[...]

  • Page 28

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 28 Be fo r e pro ce ed ing w i th fu rth e r s e ri a l p o r t co n figu rat io n , con n ect t h e po r t s to th e s e ri a l d e v ic e s th e y w ill b e co n t ro l lin g , an d make sure they have matchi ng sett ings. NOTE: The serial ports are all set at th e factory [...]

  • Page 29

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 29 F i gur e 5- 5. Wi nd ows fe a tur es sc ree n. If th e re mo te co m mu ni c a tio n s a r e tu n n e le d wi th SDT Conn ect o r , the n y ou can us e Tel net to sec urel y acce ss these a ttached d evices (refer to the No t e b e low [...]

  • Page 30

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 30 F i gur e 5- 6. P uTT Y Co nfi gur a ti on sc re e n. Pu T TY can b e downloaded at http://www.tucows.c o m/preview/ 19 5286.html SSH: We recomme nd that you u se SSH as t he protocol wh ere t h e Use r or Adm inistrato r co n n ect s to the cons o le server ( o r connect [...]

  • Page 31

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 31 TCP: RAW TC P allo w s connect ion s directly to a TCP socket. Comm unicat ions prog rams like Pu T TY also support RAW TCP. You would usually access t hi s pr otoc ol v ia a c us tom a ppl ic at io n. For RAW TCP, the d efault port addr[...]

  • Page 32

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 32 F i gur e 5- 9. S DT se tt i ngs . F or conf igurati on details , refer to Chapte r 6. 4—U si ng SDT C on nec to r to Te l ne t or SS H co nne ct t o de v ice s t ha t a re se ri a lly at tac he d t o th e c ons ole se rver . 5.1. 4 De vi ce (R PC , UP S, E M D ) M o de [...]

  • Page 33

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 33 Fi gu re 5-12. Serial bri d ge setti ng s. Se le ct Se ri al Br id gi ng Mo de a nd s pec ify t he IP a ddr es s of t he Server c onsol e server and th e TCP port address o f th e remote seria l por t (for R FC2217 bri dg ing this w ill [...]

  • Page 34

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 34 5.2 A d d/ Ed it Us er s Th e Adm inis trator u s es thi s m enu s el e ctio n to s e t up , ed it , an d d e le t e us er s , an d to d e fin e th e ac ce s s perm i ss ion s fo r e a ch of th e s e use rs . Fi gu re 5 -15. Users and Groups sc reen. Users ca n be a ut hor[...]

  • Page 35

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 35 Fi gu re 5-16. Add a n ew user screen. Click Add User to add a n ew user . Add a U sern ame a nd a c on firm ed Pass word for eac h new user. You may also incl ud e informati on related t o t h e user (f o r exa mp le, c on ta ct de ta i[...]

  • Page 36

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 36 5.3 A ut h en ti c at io n Re fe r to Ch apt er 9. 1 —Au thenticati on Configuration for authenticat ion configurat ion details. 5 . 4 N e tw or k Ho st s To acces s a locally networked com pu ter or device (refe rred to as a Host ), you must identi fy the Ho st and spec[...]

  • Page 37

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 37 5 .5 T rusted Ne tw orks Th e T ru st ed N etw o r ks fac i l it y gi v e s yo u an op t io n to no min a t e sp ec if i c IP add r es s e s wh er e us e r s ( Administra tors and Us e rs ) mus t be lo c ated to acce ss c ons ole se rve [...]

  • Page 38

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 38 Fi gu re 5 -19. Serial Por t re dir ecti on. This s erial port redirector s oftwar e is loaded i n your d esktop PC, a nd it al lows you to use a serial device t h at’s c onn ecte d t o the re mote c ons ole se rver as if it were co nn ected to y our l o cal s eria l por[...]

  • Page 39

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 39 • Select t h e connecti on type for the new connecti on (Serial, Netw o rk Host, UPS, or R PC) and th en select the specific connecti on from the pr esented list of confi gu red un all ocated hosts/ports/ ou tlets. T o a dd a n ew net [...]

  • Page 40

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 40 6 . S ecur e S SH Tu nn e l in g a nd S D T Conn ecto r Each B l ack Bo x c on sole se rver h as a n embedded SSH serve r and u ses SS H tunnel ing so rem o te users ca n sec ur ely connect t h rough th e c ons ole server to Managed D evice s—usi ng text-base d cons o le[...]

  • Page 41

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 41 • Usi ng SDT t o IP connect t o hosts t hat are se rially attac h ed t o the c on sole server (Section 6. 1 0). 6 .1 Co nfig uring for SS H Tunnelin g to H osts To set up the c on sole server to SS H tunnel to access a network at tached ho st: Add the [...]

  • Page 42

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 42 O nc e the i nst a ll er c om pl et es yo u wi l l hav e a wor k in g SD T Co nne cto r c l ie nt i ns ta ll e d o n y our ma c hi ne a nd a n ic on on y ou r des k t op : Fi gu re 6 -3. S D T connector ic on. Cli c k th e SD T Co nn e c tor ico n on you r d es k to p to s[...]

  • Page 43

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 43 F i gur e 6- 5. N ew S DT Gat e way sc re e n. O r, e nte r a De sc r i pti ve Na me t o dis pl ay i nst ea d of t he I P o r DN S add re ss , a nd a ny Not es or a Des c ri pti on o f t his gat e way (s uc h as it s firmwa re versi on, site location, or[...]

  • Page 44

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 44 F i gur e 6- 7. Ho sts . NOTE: The Retrieve Hosts function will auto-confi gu re all us er class es (th at is, th ey can be members of user or admin or som e o th er group or no group. S D T Connect o r will not auto-confi gu re the r oo t (a nd we recommend t h at y ou on[...]

  • Page 45

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 45 F i gur e 6- 9. Ne w S DT Hos t sc ree n. E n t er t he IP or DNS Hos t Ad dre s s of the hos t (i f t his is a D NS a ddr es s , it mus t be a ble t o be re s ol ve d by t he gat e way ). Select which Services to use to access t h e n ew host. A range o[...]

  • Page 46

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 46 Select which Client a ppli cati on is associa ted wit h the n ew service. A range of c l ient a pp licati on options are p re-c on figured i n the d efau lt SDT Connector ( R D P client, VNC cl ient , HTTP browser, HTTPS browser, Telnet clie n t, etc.) . I f you w ant to a[...]

  • Page 47

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 47 Fi gu re 6-13. Edit port r edire ction. NOTES: SDT Connect o r ca n als o tunnel UDP services. SDT Connector tunnels t h e UDP traf fi c t h rough t h e T C P SSH re d irect ion, so i t is a “t u nnel with in a tu nn el .” Enter t h e UD P port wh er[...]

  • Page 48

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 48 Enter a Comm and Li n e ass ociated w i th la un chi ng the c lient a pplic ati on . S DT Connector ty p i cal ly la un ches a c li ent using com m and li n e ar gu ments t o point it at t h e l o cal e ndpo int o f the re direction. T h ere are three special key words for[...]

  • Page 49

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 49 6 . 3 SD T Conn ecto r t o Ma n a g e m e nt Con so l e You ca n also configure S D T Connect o r f o r b rowser acce ss t o the cons ol e serve r’s Management Con sole —and f o r Tel n et or SS H acces s to th e command l ine. F o r these connection[...]

  • Page 50

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 50 Fi gu re 6-18. Add po rt redirection. Assumi ng you have a lready se t up t h e tar g et c on sole se rver as a gateway i n your S D T Connector c lient (with u sername/pass wo rd et c) , select this gat eway a nd cl ick t h e H o st i co n to crea te a host. O r, se lec t[...]

  • Page 51

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 51 F i gur e 6- 19. Ou t- of - ba nd a c ce ss . To co n fi g ur e SD T Co n n ec to r for O o B a cc e s s: When a dd ing a n ew Gateway o r e d iti ng an existi ng Gateway se lect t h e Out O f Band ta b. Enter t he secondary , OoB IP address o f the g at[...]

  • Page 52

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 52 Fi gu re 6 -20. OoB connecti on using SDT c onnector. When y ou c onn ect t o a se rvice on a host be h ind the c onso le se rver, o r to t h e cons o le serve r itself , SDT Connect o r will initiate t h e OoB connection usi ng the p rovided Star t Comm and. T h e OoB c o[...]

  • Page 53

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 53 SDT Connector will now u se public key aut h enticati on wh en connecting through the SSH gateway (con sole serve r) . You m ay have to restar t SDT Connector t o shut dow n any exi sting tunnels that were esta b lished using password a uth enticat ion. [...]

  • Page 54

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 54 Fi gu re 6-23. Remote D eskt op Us ers dial og bo x. To set the user(s) who can remotely access t he system with RDP, click A dd on the R emote Desktop Users di al og bo x. NOTE: If you need to set up n ew users for Remote Desktop access, o pen User Accounts in the Control[...]

  • Page 55

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 55 In Co m pu t e r , en t er t h e ap p rop r i at e I P A d d r es s and Po rt N u m b er : Where there is a direct l o cal o r e n terprise V PN connect ion, enter the IP Address of t h e cons o le server, and t h e Port Numb er of the SDT Sec ure Tunnel[...]

  • Page 56

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 56 You ca n use GUI front end tools l ike the GNOME Ter m inal Services Cl i ent t sclient t o c on figure and launc h the r d eskt op clie n t. (U sin g t s cl ien t al so ena bles you to store multiple configurati ons o f rdesktop for connecti on to m any servers. ) F i gur[...]

  • Page 57

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 57 RealVNC ht tp:/ /www .realvnc.c om is fully cr o ss-platf o rm, so a desktop running on a Linux mac h ine may b e displayed on a Windows PC, on a Solar is machine, or on any numb er of other a rchitectu res. There is a Windows ser ver, all owing y ou to [...]

  • Page 58

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 58 • E d i t / home/username/.v n c/xsta rtup if y ou want a mo re a d vanced se ssion than j u st t wm and a n xterm. F or M aci nt os h s erv er s (a nd cl ie nts ): OSX vn c h ttp : / /w w w . r ed s ton e so ftw ar e .co m/ vn c .ht m l i s a ro bu st , fu l l-f e atu r[...]

  • Page 59

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 59 F i gur e 6- 29. IP a ddr es s of co nso le s er ve r uni t. To establish t h e V NC connecti on , s i mply acti vate t h e VNC Viewer software on the Vie w er PC a nd enter the pass word. Fi gu re 6-30. V NC authenticati on . NOTE: F o r ge n eral backg[...]

  • Page 60

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 60 6.10. 1 Es tab l is h a PPP Conn ect ion b e t w e e n t h e Hos t C OM P o r t a nd Con so l e S e r v e r (T his ste p is on ly n ece ssary f or seria lly c onnecte d co mputers. ) Firs t, physical ly connect the CO M port on th e ho st computer you w ant to access to th[...]

  • Page 61

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 61 Fi gu re 6-32. User permi ssi on s. Specify which Users will be al lowed to u se t h is connecti on. This s ho uld b e t h e same Users who w ere give n Remote Deskt op access p riv il eg es in th e ea rlier ste p . Click Next. On the Network Conn ecti o[...]

  • Page 62

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 62 NOTES (continued): T h e c onsole server default Username is port XX where X X is t h e se rial po rt numb er o n the c on sole server . Th e d e f au l t Pa s swo rd i s p o r t XX To use the d efa u lts for a RDP connection to the serial port 2 on the console server, you[...]

  • Page 63

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 63 F igure 6 -35. S D T sett ings scree n. N OT E: Wh en y ou e na ble S DT, i t wi l l ov er r i de al l ot he r C onf ig ura t i on p rot oc ol s o n t hat por t. NOTE: If you leave the Username and U ser Passwor d fiel d s blank, they default t o po rt X[...]

  • Page 64

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 64 Fi gu re 6-36. PuTTY Con figuration screen. In th e S e s sio n men u , en ter th e I P ad d res s of th e co n s ol e se r v er in t h e Ho s t N am e or IP ad d res s fi eld . For dial-in connect ions, t h is I P address will b e t h e L o cal Add ress t h at y ou assi g[...]

  • Page 65

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 65 F i gur e 6- 37. Se t de st i nat io n. If y our destinati on computer is serially c onnected to t h e c on sole se rver, set the Desti n ati on as <port la bel>:3389. F o r example , if the Labe l you specif ied on th e serial port on the console [...]

  • Page 66

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 66 NOTE: How secure is VNC? VNC access general ly allows access to your whole com pu ter, s o securi ty is very import ant. VNC uses a ra ndo m challe ng e-res ponse system to provide t h e basic authentica tion that a llows y ou to c onn ect t o a VNC server . This is reason[...]

  • Page 67

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 67 7 . Alerts and L og gin g This c h apter describes t h e alert g enerat ion and loggi ng feat u res of t h e con sol e se r v er . Th e Al ert fa ci li t y m o ni to rs th e se ri al po rts , all lo g ins , an d th e power status, and sends e m ails, SMS, Nagi o s, o r SNMP al e[...]

  • Page 68

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 68 You may als o e n ter a Use rname an d Pa ssword if the SMTP ser ver re quires aut h enticat ion. You ca n spec ify t he s pecif ic Subject L ine tha t w ill b e sen t wi th th e em ai l. Click Apply to a c ti v a te SM T P . 7.1. 2 S MS A l er ts Th e co ns ol e s e rve r[...]

  • Page 69

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 69 To con fi g ur e fo r SN M P v3 , yo u wil l ne ed to en t er an ID and au th en ti c a tio n p as sw o rd an d co n t ac t in fo r m at io n for th e lo c al Admin istrator (in th e Securit y Name ). Click Apply to a c ti v a te SN M P. F igure 7-3. S N MP ale rts. NOTE: All co[...]

  • Page 70

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 70 Select Aler ts & Logging: A lerts, which will display all the alerts c u rre n tly confi gured. C lick Add Aler t. 7.2. 1 A d d a Ne w Al er t Th e f ir s t s t ep is to sp e ci f y th e al er t se r vi c e th a t th is e v en t wil l us e fo r s end in g n o tifi ca t[...]

  • Page 71

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 71 F igure 7-6. Gen eral a lert ty pes. Seri a l Port Signal A lert —This ale rt will b e tr iggered when t h e s p ecifie d si gn al c h anges state a nd applies to serial port s only. You must s p ecify t h e partic ul ar S ignal Type (D SR, DCD o r CTS) trigger cond ition and [...]

  • Page 72

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 72 F i gur e 7- 8. Se ri al port pat te r n mat ch a ler t . UPS Power S tat u s A lert — T his al er t wi ll be tr ig ger e d w he n t he UP S p owe r s ta tus c ha nge s be t wee n o n l ine , o n ba t te ry , a nd l ow ba tt er y. T his stat u s will only b e monitore d [...]

  • Page 73

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 73 7 .3 Re mote Log S torage Bef ore acti vating Serial or Network Port Logging on any port or U PS logging, you must specify where those l og s are to b e saved: Select the A lerts & Loggin g : Port Log me nu option and s p ecify the Server Type to u s e , an d th e d e t ai l[...]

  • Page 74

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 74 Level 2 L og s al l da ta tra n sferre d t o and f rom the port. Click Add th en c li c k App ly.[...]

  • Page 75

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 75 8 . Power Ma nage m ent Black Box co n sol e se r v er s ma na ge em be dde d s of twa re t hat y ou c an u se to ma na ge c onne ct e d P owe r Di str i but io n Sy s te ms (P DU s), IP MI de vic e s, a nd Uninterrupti ble Power S upp lies ( U PSs) s uppl ied b y a nu mber of ve n[...]

  • Page 76

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 76 Click Add RPC . Connected Via pre se nts a l i st o f se ria l p or ts a nd ne tw or k H ost c onn ec ti ons t ha t y ou h av e se t u p wi t h de vi ce t y pe RP C ( but have y et t o c on nec t to a s p ec ific RP C device ): When you select Connect Via f o r a N etwork [...]

  • Page 77

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 77 F i gur e 8- 3. RP C des c ri pti ons . En te r th e User na me and Pa ssword u s ed to log in i nto th e R PC (N o t e th at th es e log in c r ed en t i al s ar e no t r el a t ed to th e Users a nd a c ce s s pr iv ile ges y ou co nf i gur e d i n Serial & N etworks: Users &[...]

  • Page 78

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 78 The ou tl et s tatus is displayed a nd you can init iat e t h e Ac ti on y ou want t o take by selec ting the appr op riate ic on: Turn ON Turn OFF Cycle Status You will only be pr esente d with ic on s for tho se operati on s that are supporte d by the Target y ou hav e s[...]

  • Page 79

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 79 Fi gu re 8 -5. Connecti ng to re mo te UPS. 8 .2 .1 Ma n aged U PS Co nnec tions A Managed UPS is a UP S th at is di r e ct ly co nn e ct ed as a M an ag ed De vi c e to th e con so l e s e r v er . You can connect i t via serial or USB cabl e o r by th e ne tw o rk. Th e co n sol [...]

  • Page 80

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 80 Seria l and net wo rk c onn ected UPSes must firs t be c onn ecte d to, a n d c onf igure d t o communicat e with the console se rver: Fo r seria l U PSes attac h the U PS to the selec ted serial port on the console s erv er . Fr om the Serial and Ne twork: Serial Po rt me[...]

  • Page 81

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 81 F i gur e 8- 8. A dd ma na ge d UPS sc ree n. Select if the UPS w ill be Connected Via USB, over a pre-c on figured ser ial po rt, or via SNMP/HTTP/HTTPS over the preconfi gured n etwork Host connecti on. When y ou sele ct a netw o rk UPS connecti on, then the c o rres ponding Host[...]

  • Page 82

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 82 Click New Op tion s in Dr i ver Op ti ons if yo u ne e d t o s et dr ive r -s pec if ic op ti ons f or yo ur s e le cte d N UT dr ive r a nd ha r dwa re c om bi na tio n (mo re detai ls at h tt p ://www.networkupstools .org/do c ). Fi gu re 8-9. New op tion scree n . Check[...]

  • Page 83

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 83 En te r th e I P Add re ss or DNS name of t he re m ot e console serv er * th at i s ma na gi ng t he re mot e UP S . ( *T his ma y be a not her Bla ck Box co n sol e s e r v er or i t may be a g eneric Li nu x server r unning Network U PS Tools. ) NOTE: An exam ple where ce n tral[...]

  • Page 84

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 84 Fi gu re 8-11. UPS g raph. Cl i c k o n an y p ar t i cu l a r All Data for any U PS Sys tem in t h e ta ble for more stat us a nd confi gu rati on informati on about t h e sele cted UPS Syste m. Select UPS Logs a nd y ou wi l l be pr es e nt e d wi th t he l og ta ble of [...]

  • Page 85

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 85 Fi gu re 8-13 . NU T. N UT is b ui l t o n a ne tw ork e d m ode l w it h a l ay ere d sc he me o f dr ive rs , se rve r a nd c li e nts : Th e dr iver p ro g ram s t al k d i r e ct l y to th e U PS eq u ipm en t an d run o n th e sa m e ho st a s th e N U T n et wo r k s e r ver [...]

  • Page 86

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 86 C e ntr al ma na ge me nt of mu lt ipl e NUT se rv er s : A c e ntra l NUT c l ie nt c a n m on it or m ult i ple NU T s e rv er s t ha t may be di str i bute d t hr ou gho ut the d a ta center, across a campus, or around t h e w o rld. NUT supports the more c omp lex pow [...]

  • Page 87

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 87 9 . Aut henticati on Th e co ns ol e s e rve r is a dedica ted Linux computer with a myria d of popular a nd proven Li nux software modules for net wor king, secure acces s (OpenSSH), and communicati on s ( Op enSSL), and s ophisticated u ser aut h enticati on (P A M , RAD IUS, T [...]

  • Page 88

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 88 F i gur e 9- 2. T ACA CS sc re e n. En te r th e Se rver Addre ss (IP or ho st nam e) of the remote Auth enticat ion /Authorizati on server. M ultip le rem o te serve rs may be specif ie d in a c om ma-se parate d l ist. Ea ch server is t ried in s u cces sion. In a dditio[...]

  • Page 89

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 89 RADIUS: T h e Rem o te Au thenticati on Di al-I n User Service (RADIUS) prot o col was developed by L ivingston En te rprise s as a n access s erver authenti cation and acc oun ti ng protocol. T h e RA DIUS server ca n support a variety o f methods t o authenticate a user. W h en [...]

  • Page 90

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 90 Example 2: Use r Be n is onl y def i ne d on t he T AC ACS s er ve r, w hic h sa ys he has ac ce ss to p or ts 5 a nd 6 . Wh en he a tte m pts t o l og i n, a ne w us e r will be cr ea te d f or h im , a nd h e wi ll be a bl e t o acc e ss po rt s 5 a nd 6. If th e T AC AC[...]

  • Page 91

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 91 9 .3 SSL Certifi cat e Th e co ns ol e s e rve r u ses t h e Sec ur e S o cket Laye r (SSL) protocol f o r enc rypted n etwork tra ffic betwee n itself a nd a connecte d user. When esta bli shi ng the c onn ecti on , the c onsole server has t o ex po se its iden tity to the use r?[...]

  • Page 92

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 92 Select System: SS L Certific ate and fi ll o u t th e f i eld s a s exp l ain ed b elo w: Common name T his is the netwo rk n ame of the co n sol e s e r v er o n ce it is in s t al l ed in th e n et w or k (u su a ll y th e fu ll y q u al if i ed d o m ain n am e). I t i [...]

  • Page 93

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 93 F i gur e 9- 6. Up l oa d bu tt on. Aft e r co m pl e tin g th es e st ep s , th e console se rver h as i ts o w n c er ti f ic a te th at i s u s ed fo r id en ti f yin g th e console s erver t o its users. NOTE: You can find inf o rmati o n on issuing certif icates and co n figu[...]

  • Page 94

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 94 1 0 . N agios Integra tio n Nagios is a pow erful, hi gh ly exte n sible open source t o ol for monitori ng n etwork hosts and servic es. The core N agi o s soft w are packag e w ill typically be insta ll ed on a server or virtual serve r, th e central Nagios server. Console se rver s operate in conjunc[...]

  • Page 95

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 95 1 0 .2 Centra l Mana ge ment and S etting Up S D T for Na gios T he Bla ck Box Na gi os s olu ti on ha s th re e pa rts : t he Ce nt ra l Na gi os ser ve r, Dis tr i but e d Bla ck Box cons o le ser ver s, and th e SD T fo r N ag io s so f tw a re . F i gur e 10 - 2. [...]

  • Page 96

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 96 2. Run the SDT for N agi o s Configuration Wizard on the centra l N agios server (Section 10.2. 1 — Set up SDT N agios on central N agi o s server) an d pe rf or m a ny a ddi ti ona l c on fi gu rat i on ta sk s. 3. Install SDT Connector on eac h client. . 1 0 .2 .1 Se t[...]

  • Page 97

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 97 Click Apply. Next, y ou must c on figure the attached Wi ndo w n etwork host a nd specify t h e ser vic es y ou will b e c h ecking w ith Na gi os (HTTP a nd H TTPS): Select N etwork Hosts f rom the Seria l & N etwork menu and click Add Ho st. Enter t he I P Addr [...]

  • Page 98

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 98 F i nal ly, y ou ne e d t o a dd a User for t h e clie n t r unn ing S D T Connector: Select Us ers & Gr ou ps from th e Se r i al & N e two r k me nu. Click Add U s er. In U sername , ente r: sd tn ag io su s er , then enter and confirm a Password. In A c c ess ib[...]

  • Page 99

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 99 10.3. 2 En ab le N R PE M o ni to r in g Figu r e 1 0 -5 . N R PE m on i to ri ng s tru c tu re. Enabli ng NR PE a llows y ou to exec ute pl ug -ins (s u ch as c h eck_tc p and c h eck_ping ) on the remote C o n so l e s e r v er to mo n i to r s er i al o r n e tw o [...]

  • Page 100

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 100 Re f er t o t he sa m ple Na gi os c onf ig ura ti on s ec t i on be low fo r s ome ex a mpl e s of c onf ig ur i ng s pec if ic NS CA che cks . 1 0 .3 . 4 Co nfig ure S elected Ser ia l Ports for Nagios Mo nito ring Th e i nd i v i du al S er i al Po r t s co n n ec ted [...]

  • Page 101

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 101 ho st_ n ame Bla ck Box a lias C onsole server address 192. 168 .254.147 } ; Ma nag ed Host defi n e host{ use g eneric -host ho st_ n ame se rver a lias se rver address 192. 168 .254.227 } ; NRPE d aemon on g ateway de fi ne c omma nd { c om ma nd _ name c hec k_ nr[...]

  • Page 102

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 102 check_c omm and check_ po rt_l og } de fin e s e r vic e { se rv i ce_ des c ri pti on p or t- l og- se rve r hos t_name server use generic -service check_c omm and check_ po rt_l og active_ checks_enable d 0 passive_ checks_enable d 1 } de fin e s e r vi c ed ep en d en [...]

  • Page 103

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 103 use generic -service check_c o mmand check_c onn _via_ B lack Box !t cp !2 2 active_ checks_enable d 0 passive_ checks_enable d 1 } de fin e s e r vi c ed ep en d en cy{ n a m e Black Box _n rp e_d a emo n _d ep host_ n am e Black Box depe nd ent_ ho st_name se rver [...]

  • Page 104

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 104 1 0 .4 . 4 Distrib uted Mo nito ring U sage Scenarios Bel o w ar e a number of distribute d mon itoring Nagios scenarios: Lo ca l o f fi ce In th i s scen ario , th e c ons ole se rv er is set up t o m on itor ea ch managed devic e’s c on sole. Configure it t o make a n[...]

  • Page 105

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 105 Remote sit e with restric tive f irewa ll In th i s s cen a rio , th e ro l e o f th e co nsol e se r ver will va r y. On e aspect may b e t o upload c h eck resu l ts t h rough NSCA. Another m ay be t o provi d e a n SSH tunnel to allow the N agios server t o run NR[...]

  • Page 106

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 106 1 1 . Syste m Manage m ent Thi s ch ap t e r d e s cr ib e s h o w th e Administrat or can p erform a ra ng e of g eneral c onsol e ser ver sy s t em ad mi n i str at ion an d con fig u r at io n t a s ks su ch a s: • Applying So ft an d Ha r d R ese t s to th e g at e [...]

  • Page 107

    Chap te r 1 1: S y s te m M anage men t 724-746-5 5 00 | blackbox.co m 107 Th e har d e rase wil l clear al l c u stom sett ings and re turn t h e unit back to factory de fault sett ings ( i. e. the IP a ddress wil l be re set to 1 9 2 .1 6 8 .0 .1 ). You wil l be pr o mpted to log i n and must e n ter the d efault ad m inistrat ion username a nd a[...]

  • Page 108

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 108 Cli ck A p p l y an d th e console server applia n ce w ill perf o rm a soft re b oot a nd star t upgradi ng t h e fir mw are. T his process will take severa l mi n utes. Af ter the firmware upgrade complete s, click here to ret u rn to th e Mana g ement Cons ole. Your co[...]

  • Page 109

    Chap te r 1 1: S y s te m M anage men t 724-746-5 5 00 | blackbox.co m 109 Fi gu re 11-6. Conf igurat ion b ackup screen. With a ll cons o le server s , you ca n save the backup f i le re mo tely on your P C and y ou can res tore confi gu rati on s from re mote locations: C li ck Sa ve Ba ck up i n t he Re mot e C onf i gur a ti on Bac k up m e nu.[...]

  • Page 110

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 110 1 2 . St atus Reports Thi s ch ap t e r de s cr i b e s th e da sh b o ard f e atu r e an d th e s t atu s rep o r ts th at ar e a v a il ab le : • P o rt Access and Active U sers • Statist ics • Support Reports • Sysl o g • Dashboard Ot h er s tatus re po rts t[...]

  • Page 111

    Chap te r 1 2: S ta tu s R e po rt s 724-746-5 5 00 | blackbox.co m 111 Figu r e 1 2-2 . S t ati st i cs st a tu s. You ca n find detai led statist i cs re po rts by selec ting t he various s ub menus. 1 2 . 3 Suppo r t R e po r t s The S uppo r t R eport p rovi d es u seful stat u s inf o rmati on that w ill ass ist the B lack Bo x Tec hnical Supp[...]

  • Page 112

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 112 12.4 S ys l o g The Li nu x Sys tem Logger i n the c ons ole se rv er m ain t ain s a r eco rd o f a ll sy s t em me ss ag es an d e rro r s: Select St at us : Sys l og You c an re direct the sysl og recor d to a remote Sysl og Serve r: En te r th e re m o te Sy slog Serv[...]

  • Page 113

    Chap te r 1 2: S ta tu s R e po rt s 724-746-5 5 00 | blackbox.co m 113 1 2 . 5 . 1 Con f i gu r ing th e D a s hbo a rd O nly use rs wh o a re mem be rs of t he ad m in g roup (and the root us er ) ca n c onf i gure a nd a c ce ss t he da s hb oar d. T o c onf i gu re a cus t om d as hb oa r d: Select System: Con figure Da shboard a nd select t h [...]

  • Page 114

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 114 To configure what is to be displaye d b y each widget: Go to the Conf igure widgets pa ne l a nd c onf ig ure ea c h s el ec te d wi dge t ( for e xa mp le , spe c if y wh ic h UP S s ta t us is t o be di s pla ye d o n t he up s widget or t he max i mum num be r of Ma na[...]

  • Page 115

    Chap te r 1 3: Man agemen t 724-746-5 5 00 | blackbox.co m 115 1 3 . Manage ment Th e co ns ol e s e rve r ha s a s mal l n um ber of Manage r e por ts a nd t ool s t hat a re a va il a ble to bot h Administrat o r s a nd Users : • Access and contr ol authorized devices. • V ie w se ri a l po rt l ogs a nd h os t lo gs f or t hose dev ic e s. ?[...]

  • Page 116

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 116 Fi gu re 1 3-3. P o rt logs. To d i sp l a y Ho st log s , sel e c t Manage : Host L og s a nd t he H ost to be d is pl aye d. 1 3 . 3 Se r i a l P o r t T e rm in a l Conn ect i on Adm inistra tor and Use rs can communicate direct ly with the cons o le server c om ma nd [...]

  • Page 117

    Chap te r 1 3: Man agemen t 724-746-5 5 00 | blackbox.co m 117 NOTE: You must insta ll SDT Conn ector on t h e com pu ter you are browsing fr om and a dd and t h e c ons ole ser ve r as a gateway as d etai led in Cha pter 6. The al ternate to u s ing S D T Connect o r and y ou r l o cal t elnet c li ent is to run t h e open s ource jcter m java te [...]

  • Page 118

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 118 1 4 . Co nfiguration fr om the Comma nd Line Fo r those who p refer to configure t h eir co n so l e s e r v er at t he Li nu x c omm a nd l ine l ev e l (ra t he r th a n us e a br ows er a nd t he Ma nage me nt C ons ole ), t hi s c ha pte r de sc ri bes h ow t o us e c[...]

  • Page 119

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 119 The config to ol Syntax c onfig [ -ahv ] [ -d id ] [ - g id ] [ -p pa th ] [ -r c onfi gurat o r ] [ -s i d=va lue ] [ -P i d ] De s crip tio n Th e co n fig tool is designed to p erf orm multiple acti on s from on e command if needed, so options can be cha[...]

  • Page 120

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 120 Th e r eg is t er ed co n f ig u rato r s a r e: al e r ts auth c as cad e c ons ole dhcp dialin even tlo g hosts ipaccess ipco n fig na gi os power serialc onfig services slave systemse tti ng s time ups users T h ere ar e three w ays t o delete a confi g eleme nt val u [...]

  • Page 121

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 121 NOTE: Supporte d serial port baud-rates are ‘50’, ‘75’, ‘ 110 ’, ‘134 ’, ‘ 150’ , ‘200’ , ‘ 300 ’, ‘600’, ‘1200’, ‘1800’, ‘ 2400 ’, ‘4800 ’ , ‘ 9600 ’, ' 19200 ', '38400', '57600 &[...]

  • Page 122

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 122 # co nfi g - s c onf i g. po rt s. por t 5. s dt. ss h= on T o c onf ig ur e a use r na me a nd pas sw or d w h e n ac ce ss in g th is p ort wi t h Us e r nam e = us er 1 a nd P a ss wor d = se cre t : # co nfi g - s c onf i g. po rt s. por t #. s dt. use r na me= us er [...]

  • Page 123

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 123 Yo ur new User wi l l be t he ex i st ing t ot al plus 1. If t he pre v i ous c omm a nd ga ve y ou 0 , t he n y ou sta rt w it h us er nu mbe r 1. If y ou a lr e a dy hav e 1 user y ou r ne w use r wi ll be n um ber 2, e tc . To add a user (wi th Us ername[...]

  • Page 124

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 124 1 4 . 4 Add i ng a nd R e m ov i ng U s e r G rou ps Th e co ns ol e s e rve r is configured with a few default user groups (even though onl y two of these groups are visible in th e Management Con sole GUI). T o find out ho w ma n y groups are a lready present: # c onf i[...]

  • Page 125

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 125 To con fi g ur e TA C AC S au th en ti c a tio n : # config -s co n fi g .aut h.tacacs .auth_se rver='c omma separate d list' (li st of remote a uthe n ticti on an d aut horizat ion server s.) # config -s config.aut h .tacacs .acct _serve r='[...]

  • Page 126

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 126 Add othe r network ho st T o ad d any ot her ty pe of net wor k h os t w it h the f ol low in g de tai ls: IP address/ D NS n ame 192.168.3.10 Host name OfficePC Descripti on MyPC All o wed sevice s ssh port 22,https port 443 log l ev el fo r s e rvi c es 1 Iss u e the co[...]

  • Page 127

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 127 Th e fo llo w in g co mm an d w ill s ynch ron ize th e li v e s yst e m wi th th e n ew con f ig u ra t ion : # con f ig -r s er i al co n fig 1 4 .8 Casc aded Ports To ad d a n e w s l av e d e vi c e wi th th e fo llo win g se t tin g s : IP a dd ress/ D[...]

  • Page 128

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 128 # c onf ig -s c onfig.ups.monitors.monit o r1.options. op tion1.opt=option # c onf ig -s c onfig.ups.monitors.monit o r1.options. op tion1.ar g = argument # c onf ig -s config.ups.monitors.m on itor1.options.t otal=1 # co nfi g - s c onf i g. ups .m on it ors . mo ni t or[...]

  • Page 129

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 129 # c onf ig -s config.ports. po rt2.power.ty p e=A PC 7900 # co nfi g - s c onf i g. po rt s. por t 2. powe r. na me= My RPC # c onf ig -s "config.ports. po rt2. po wer.descri p tion=RPC in room 5" # co nfi g - s c onf i g. po rt s. por t 2. powe r[...]

  • Page 130

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 130 N o t i c e Warning A ss um e t he re mo te l og se rve r nee ds a us e r name ' na me 1' a nd pa ssw or d 'se c re t ': # co nfi g - s c onf i g.e ve ntl og .s er ver . use r na me= nam e 1 # co nfi g - s c onf i g.e ve ntl og .s er ver . pas s wor d=[...]

  • Page 131

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 131 # c on f ig -s "config.aler ts.alert 2 .pattern=. *0.0% i d " # con fig - s co n fig . al e rt s. al e rt2 .po rt1 0 =o n # config -s c onfi g .aler ts.a lert 2 .sen sor=tem p # con f ig - s con fig . al ert s . al ert2 . sign al=D SR # con fig - [...]

  • Page 132

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 132 # c on fig -s config.syste m .smt p .subject =SM TP ale rts T o set -up an SMTP SMS server with t h e same details as above: # config -s confi g .syste m .sm tp.server 2=mail . Black Box .c o m # co nfi g - s c onf i g.s yst e m. sm tp. e nc ry pti on 2=S SL (c a n a ls o[...]

  • Page 133

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 133 # co nfi g - s c onf i g. i nte rfa ce s .w a n.m ode =s ta t ic # config -s config.i n terfaces. w an.media=[ Auto | 100b aseTx-F D | 1 00baseTx-HD | 10b aseT- H D ] 10baseT-FD To en ab l e b ri d gi n g b et w e en al l in t er f a c es : # co nfi g - s c[...]

  • Page 134

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 134 Th e fo llo w in g co mm an d w ill s ynch ron ize th e li v e s yst e m wi th th e n ew con f ig u ra t ion : # con fig -r ti m e 14.19 DHCP Server To en ab l e th e DH C P se r v er on th e con so le m an ag e m ent LA N , wi th s et tin g s : Default l ease t ime 20000[...]

  • Page 135

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 135 Th e fo llo w in g co mm an d w ill s ynch ron ize th e li v e s yst e m wi th th e n ew con f ig u ra t ion : # config –a 14.21 NAGIOS To con fi gu r e NA G IO S w i th th e fo llo w in g s et ting s: NAGIOS ho st name console at R3 (Name o f this system[...]

  • Page 136

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 136           Black Box co n sol e se r v er s r un the embe d de d Linux ope rating system . So A d mini strat o r cl as s use rs ca n c on fi gur e t he console server an d mo n i to r an d ma [...]

  • Page 137

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 137 Fo r power and al arm sensor a lerts (pow er load, a nd battery c harge a l erts): /etc/ scri p ts/e n vir on mental -alert F or an i n te rface fa ilover a lert: /etc/scri pts/i nterface -failove r-alert All of these s cripts do a c h eck t o see w hether y ou have c r[...]

  • Page 138

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 138 e m ail to m o re t h an on e ema il a dd ress, fi nd the l ines in the scr ipt res ponsible f or inv o king t he ale rt-email script, t hen a dd th e foll owi ng lines be low th e e xi s tin g li n e s: exp o r t TO A D DR = " em ail add r es s@ do m ain .co m "[...]

  • Page 139

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 139 NE WT OT AL = $[ $ TOT AL -1 ] # Make backup copy of config file cp /et c/ confi g /config.xml /et c/ confi g /config.bak echo "backup of /etc/confi g /config.xml save d in / etc/c on fig/config.bak" if [ -z $NUMB ER ] # test whether a singular node is b ei ng[...]

  • Page 140

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 140 echo Done exit 0 el s e echo "er ror: i tem being d eleted has a n index g r eater than total items. I n crease the t o tal count va riable." exit 0 fi                   ?[...]

  • Page 141

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 141 slee p 30s fi if [ " $C OU NTE R" - e q 5 ] th en COUNTER=0 " $ @ " s l e e p 2 s fi done   !        ?[...]

  • Page 142

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 142 To save the configurati on : # / et c /s cr i pt s/ back up - us b sa ve c onfi g- 20Ma y To c h eck if the backup was saved correctly: # /etc/sc rip ts/ b ackup- u sb list If t h is command does not disp lay "* co n fi g -2 0 M ay " th en the r e wa s an erro r[...]

  • Page 143

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 143           Black Box’s portma ng er pr ogr a m ma na ges the console se rver serial ports . It routes networ k connecti on to serial ports, checks permiss ions, and monitors and logs a l l t [...]

  • Page 144

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 144 portm anage r daemon Th er e i s n o rm al l y n o n e ed to s top an d r es t a rt th e d aem o n . To r es t a rt th e d a em o n n o rm al l y, ju s t ru n th e co m m an d : # portmanager Supporte d comma nd lin e options are: Force portma n ager to run in the foregro[...]

  • Page 145

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 145 fi </ e t c/ con fig /pm sh el l -s t a rt .s h >                           ?[...]

  • Page 146

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 146 If the sta nd ard system firewall confi guration is no t a d equate f o r your n eeds y ou can b ypass it s afe ly b y crea ting a fil e at /etc /config /filt e r-cust om contai ning comm ands t o build a s p ecial i zed fi rewall. This fi rewall scr ipt will run whenever[...]

  • Page 147

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 147 T o s et t he Us er na me fi e l d (S N MP v ers i on 3 o nl y) : co n f ig - -s e t con fi g. sys t em . snm p .u se rn am e2 = yo u ru s e rn am e . . r e plac i ng your u sername wi th th e use rn am e conf ig . sy st e m. sn mp .u sern am e2 (3 on l y) To set the En[...]

  • Page 148

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 148 Th e k e y f in g erp ri n t i s : 28:aa: 29 :38:ba:40:f 4 :11:5e:3f:d4:fa:e 5:36:14:d6 u ser@serve r $ C rea te a new di re ct ory t o s t ore yo ur ge ne ra te d ke ys . Yo u ca n a ls o na me t he fi le s a fte r t he dev ic e t he y wi ll be us e d f or . For e xa mpl[...]

  • Page 149

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 149 Figu r e 1 5 -1 . If th e Bl a c k B ox d evi c e s e l ect ed to b e th e s er v er w il l on ly h a ve o n e c li en t d e vi c e, th en th e aut ho rized_keys f ile is s imply a c op y of t he publ ic key f o r t ha t de v ic e . If one or mor e de v ice s wi l l be [...]

  • Page 150

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 150 htt p ://www.openbs d .org/cgi-bin/man.cgi?query=ss h& sektion=1 htt p ://www op enbs d .org/cgi-bin/man.cgi?query=ss hd .  !                       [...]

  • Page 151

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 151 U se Wi nSC P to co py t hi s "a uth or iz e d_ ke ys " fi le int o t he u se rs home dir e ct ory : e . g. /etc/confi g /users /test u ser/. ssh/authorize d_keys of the Black Box ga te w a y wh i ch w i ll be th e S SH s er v er. Yo u w i ll n eed to ma k e s[...]

  • Page 152

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 152 I f t he h os t key has bee n le git i mat e ly c ha nge d, i t ca n be re mov e d fr om t he ~/.ss h/k nown_hosts f ile a nd t he ne w fi nge r pr i nt a dde d. I f it ha s n ot chan g ed, this indicates a seri ou s problem that should be investi g ated imm ediately. [...]

  • Page 153

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 153 Figu r e 1 6 -6 . K ey s . To ge n erate the keys using OpenBSD's OpenSSH suite, we us e the ssh-key gen pr ogra m: $ ssh-ke ygen -t [rsa |dsa] Generati ng pub lic/private [rsa |dsa] key pair. En te r fil e in wh i ch to sa v e th e ke y ( / ho me/ use r/ .s s h/i [...]

  • Page 154

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 154 Each clie n t will then n eed its own set of keys upl o aded through the sam e page. Take care to ensure that the correct type of key s (DSA or R SA) go in th e co rr e ct sp o ts , and th at th e pu b li c an d p ri v a t e ke y s a r e in th e co rr e c t spo t. (* &quo[...]

  • Page 155

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 155 To crea te a 10 24 bit R SA key a nd a self - signe d certific ate, iss u e t h e followi n g openssl c omm a nd fr om t he hos t y ou ha ve op enssl installe d on: openssl re q -x509 -nodes -d ays 1000 -newkey rsa:1024 -key ou t ss l_key.pem - ou t ss l_cert.pem You [...]

  • Page 156

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 156 Opti on s -1, - -o n Pow er O N t a rg et s . -0, - -o ff Pow e r OF F ta rg ets . -c , --cycle Pow e r c y cl e ta rg e ts . -r, --reset Asse rt ha rdware rese t for t argets ( if i mplemente d by RP C). -f, --flas h Tu rn b ea co n ON fo r t a rg et s ( if i mp l e m en[...]

  • Page 157

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 157 status Th i s acti on re t rie ve s t he cu rr e nt st at us of t he de v ice or ou t let Exa mp les: To turn outlet 4 of the pow er device connecte d to serial port 2 on : # pmpower -l port02 -o 4 on To turn an IPM I device off loca ted at IP a dd ress 192.168.1. 100 ([...]

  • Page 158

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 158           Th e co ns ol e s e rve r i n cl ud es t h e ipmitool uti li ty f or managing a nd configuri ng devices that support the Inte llig en t Pl a tfo rm Man ag em en t Int e r f ace (IP M I) ver sion 1.5 and ver sion[...]

  • Page 159

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 159 -p < port > Rem o te ser ver UDP port to connect t o . D efault is 623. -P < pa ss w or d > Rem o te server p assw ord i s specified on the command line. If supported, it will be ob scure d in the process list. Note! S p ecifying t h e p assword as a command[...]

  • Page 160

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 160 exec Run lis t of co m m and s fro m file set Set runti m e va r i ab l e fo r sh e ll and exec ipm i too l ch a ss i s h el p Chassis Commands: stat u s, power, id entif y, pol icy, restart_ca u se, poh, bootd ev ipm i too l ch a ss i s p o w er h elp chassi s power Com [...]

  • Page 161

    Appendi x A : Linu x Com ma nd s and Sou rc e Code 724-746-5 5 00 | blackbox.co m 161 App end i x A . L inux Com m a n d s a nd S ou rc e Cod e Th e co ns ol e s e rve r platf o rm is a dedicated Linux computer, optimized to provid e monitori ng and secure access to serial and network consoles of crit ical server systems a nd their s uppo rti ng po[...]

  • Page 162

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 162 ip6 ta ble s Admini strati on to ol for IPv 6 packet fi lteri ng ipta ble s -re s to re Rest o re IP Tables ipt a bles-save Save IP Ta bl es kill * Se nd a signal t o a process to end g racefully ln * Make link s b etween files logi n Begi n sessi on on the sy stem loopba[...]

  • Page 163

    Appendi x A : Linu x Com ma nd s and Sou rc e Code 724-746-5 5 00 | blackbox.co m 163 sl ee p * Delay f or a specif ied a mount of time s m bmnt Help er utility f or mounting SM B file sys tems sm b moun t Mount an SM B FS f il e sy stem sm bu moun t SMB F S u mo u n t fo r no rm a l u s er s snm p d SN M P d a emo n snm p tra p S en d s an SN M P [...]

  • Page 164

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 164 T h e re ar e a ls o a num ber of ot he r CL I c omm a nd s re la te d to othe r ope n s our ce to ol s e mbe dde d i n t he console serv er in cludi ng : PowerMan pr o vides po w er manageme n t fo r m any prec on fi gured rem o te p ow er co n trolle r (R PC) d evices .[...]