Black Box Secure Device Servers manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164

Ir para a página of

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Black Box Secure Device Servers. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoBlack Box Secure Device Servers vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Black Box Secure Device Servers você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual Black Box Secure Device Servers, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual Black Box Secure Device Servers deve conte:
- dados técnicos do dispositivo Black Box Secure Device Servers
- nome do fabricante e ano de fabricação do dispositivo Black Box Secure Device Servers
- instruções de utilização, regulação e manutenção do dispositivo Black Box Secure Device Servers
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Black Box Secure Device Servers não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Black Box Secure Device Servers e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Black Box na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Black Box Secure Device Servers, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Black Box Secure Device Servers, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Black Box Secure Device Servers. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    M a y 2010 LE S 1101 A LE S 1102 A 110 1 a nd 1102 Sec ure Device Ser vers Sec ure ly mon i tor , a cc e ss , and cont ro l th e co mpu ter s, networking dev ices , tel e communica t ions equipment, an d power suppli es in your dat a room or com munica tion s center s . Manag e yo ur servers : • L o ca l l y across yo ur manage ment LAN or throu [...]

  • Página 2

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 2 Feder a l Comm unicatio ns Com m ission and Ind ustr y Ca nad a R adio Frequenc y Interfe rence Stat e ments This e quipm ent g enerates , uses, a nd can radiate radio-fre qu ency ener gy, and if no t i nstalled a nd used p roperly , th at is, in st r i ct a cco rd an ce w [...]

  • Página 3

    FC C a n d IC RFI Sta tem ent s 724-746-5 5 00 | blackbox.co m 3 No r mas Ofi ciales Mexi canas ( NO M ) Elect ri cal S af ety Stat ement INSTRUC C IONES D E SE GURIDAD 1. T odas l as i n str u cci on es de se gu ri d ad y op eraci ón deberán ser leídas a nt es de que el a par at o eléct rico sea operado. 2. La s i nst r ucc i on es de se g ur [...]

  • Página 4

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 4 Trade mar ks Used in thi s Manu a l Black Box and the Doub le Diamond logo are re g istered trademarks of BB Technologies, Inc. Mac is a registered trade mar k o f Apple Co mputers, Inc. Linux is a regi ster e d trade mark o f Linus T orvalds. Internet Explorer, Window s, W[...]

  • Página 5

    Ta bl e of C o nte n ts 724-746-5 5 00 | blackbox.co m 5 5 T able of C ontents 1. Sp eci fi c atio n s .............................................................................................................. ............................................................................................ 9 2. Ov e rvi ew ..........................[...]

  • Página 6

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 6 6 6.7 SD T Con n ecto r Pu bl ic K e y Au th en ti c atio n ................................................................................... ................................................................. 52 6 .8 S ett in g Up SD T fo r R emo t e D es k top A cc e ss .[...]

  • Página 7

    Ta bl e of C o nte n ts 724-746-5 5 00 | blackbox.co m 7 7 11 . S yst e m M an ag em ent .......................................................................................................... .................................................................................... 106 1 1 .1 S y st e m A d m in ist r at io n an d R es et ...........[...]

  • Página 8

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 8 8 15 .6 .4 In st al lin g S SH Pu b lic K eys A u th ent i ca t ion ( Linu x ) ..................................................................... ....................................................... 148 15.6. 5 G enerating Public/Pri vate Keys for SSH (Windows) ......[...]

  • Página 9

    C h a pt er 1 : S p e cif icat i o ns 724-746-5 5 00 | blackbox.co m 9 1 . S pecificat ions CPU: MIcrel KS8695P controller Memo r y: 16 MB SDRAM, 8 MB Flas h Seri a l Baud Ra tes: 2400 to 115 ,200 bps Connectors: LES 1101 A: (1) DB9 R S-232 serial, ( 1 ) RJ -45 10/100BASE-T Ethernet; LES1102A: (2) DB9 R S-232 serial, (1) RJ-45 10/100BASE-T Ethern e[...]

  • Página 10

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 10 2. Ov er vi e w 2 . 1 I nt roduct ion This U ser’s M anual w alks you through insta lling and c on fi gu ring your B lack Bo x Sec u re D evice Se rver s (L ES1101A or LES 1102A ). Ea ch o f th es e products is referre d to ge n erically in this manual a s a “ console [...]

  • Página 11

    C h a pt er 2 : Ov ervi e w 724-746-5 5 00 | blackbox.co m 11 devices ; and c on trol these devices u sing t h e speci fied serv ices (f o r example, Te lnet, HH TPS, RD P, IP M I, Se rial over L AN, Po w er Control). An au th o r i zed User a ls o ha s a li mit e d v ie w of t he Ma na ge me nt C ons ole a nd c a n onl y acc e ss a ut hor iz e d c[...]

  • Página 12

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 12 Table 2 -1. LES 1101A front-pan el c ompon ents. Number Component Description ` 1 Barrel connect o r Power 2 RJ- 45 c onn ect o r Li n ks to 10/100 Mbps Ether n et 3 J1 jum p er Select s R S-232, RS-485, R S- 422 4 RJ- 45 LED Et hernet Connectivity LED 5 R J-4 5 Eth e rn e[...]

  • Página 13

    C h a pt er 2 : Ov ervi e w 724-746-5 5 00 | blackbox.co m 13 2.5. 3 LES 1102A F r o nt Pane l Fi gu re 2 -4 shows t h e front p anel o f t h e LES 1102A . Ta b le 2 -3 d escribes i ts components. Fi gu re 2-4. LES1102A front panel. Table 2 -3. LES 1102A front-pan el c ompon ents. Number Component Description 1 Barrel connect o r Power 2 8-posit io[...]

  • Página 14

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 14 2 . 6 W hat ’s Inclu d ed Your package should include the following items. If anyt h ing is missing o r damaged, contact Black Box Technica l Support at 724- 746-5500 or info @ b l a ckb o x . co m . 2.6. 1 LES 1101A • 1101 Secure D evice Server • Universal input 12-[...]

  • Página 15

    Ch a p t er 3: Ins tallation 724-746-5 5 00 | blackbox.co m 15 3 . Ins ta lla t ion Make s ure you h ave every thing l isted in Cha pter 2, Section 2.6 for your 1101 o r 1102 Secure Device Server. 3.1 P o we r C on ne c ti o n The LES 1101A or LES1102A m od els are ea ch supplied w i th a n exter n al DC wall m oun t pow er s upp l y. T his power s[...]

  • Página 16

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 16 Table 3-1. RS-232 DB9 connector pinouts. Signal Pi n Definition CD 1 Receive d Line Signal D etect o r RXD 2 Receive d Data TXD 3 Tran s mi tt ed D at a D T R 4 D ata Te r mi na l Re ady GND 5 Si gn al Ground DSR 6 Data Set Ready RTS 7 Request T o Send CTS 8 Cl ear T o Sen[...]

  • Página 17

    Ch a p t er 3: Ins tallation 724-746-5 5 00 | blackbox.co m 17 We b m anagement cons o le. Two short cable loops ar e als o required b etwee n the RX+/T X + pin s and RX -/T X - pin s. This is b eca u se the LES1102A uses universa l di fferentia l transceiver s that support 4-wire (RS- 422 ) and 2-wire (RS-485) op eration. In R S-485 mode, P ort 2 [...]

  • Página 18

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 18 4 . System Co nfigurati on Th i s chapter provi d es ste p -by-ste p i n struct ions for t h e console server’s i n itial c onfigurati on , and f or connecting it to t h e Ma na ge me nt or Ope ra t i ona l LAN . Th e Administrator must: • A cti va te t he Ma na ge me [...]

  • Página 19

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 19 Fi gu re 4-1. Run screen. No w add a s ta t ic en tr y to the AR P tab l e an d ping th e console server to ass ign the IP a dd ress t o th e c on sole server . I n t h e example b el o w, a con sol e se rver has a MAC Address 00:13:C6:00:02:0F (designate d on the label[...]

  • Página 20

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 20 You will be prompted to log in. Enter t h e d efa u lt administ r ation user na me a nd adminis tra ti on passw ord: Username: r oot Passw ord: default F i gur e 4- 2. Lo gin sc re e n. NOTE: C onsole ser ver s are fac tory c onfigured w ith HTTPS acce ss enable d and HTTP[...]

  • Página 21

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 21 F igure 4-4. System : Ad mi n istra tion scree n . 1. Sel ect Syste m: Administra tion. 2. E nter a new System Pass word t h en re-e nter it in Confirm Sys t em Pass wo rd. T h is is t h e new pa ssword f o r r oo t, t h e ma in adminis trative user account, so choose a[...]

  • Página 22

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 22 F i gur e 4- 5. IP Se t ti ngs sc r ee n. I f y ou s e lec te d DHCP , t he co n sol e s e r v er wi ll lo ok f or c onf ig ura ti on d et ai ls fr om a D HCP se rv e r on y our ma na ge me nt L AN. T hi s sel e ct ion au to m ati c al ly di s ab l es an y s t at i c ad d [...]

  • Página 23

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 23 Fi gure 4-6. Sys t em: Se rvices scree n. Sel e c t th e S y s t em: S e rv i c es op tio n , th en s e l ec t /d es e l ec t fo r the se r vi c e to b e en ab l ed /d i s ab led . Th e fo l lo w i ng a c c es s pro to co l options are availa b le: • H T TP S : Th i s[...]

  • Página 24

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 24 • Base: The cons o le ser ver us e s spe c if i c d e f aul t r an g e s fo r th e TC P/ I P po r t s fo r th e v a rio u s a c c e ss ser v ic e s tha t Users and A d m in ist ra to r s can u se t o access d evices attac hed t o seria l po rts (as covere d in Cha pte r [...]

  • Página 25

    C h a pt er 4 : S ystem C o nf i g ur ati o n 724-746-5 5 00 | blackbox.co m 25 4.5. 2 P uTTY You ca n also use c om municati on s p ackages l i ke Pu TTY to co nn e c t to th e c ons ol e s e rve r command l ine (and to c onnect seria lly attac h ed device s as co v er ed in Chapter 5 ). Pu T TY is a f reew are i mpleme n tation of Te lnet a nd SS[...]

  • Página 26

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 26 5 . Se ria l Port, Host, Devi ce, and User Co nfig urat io n The Black Box LES1101A and LES1102A co n so l e s e r v er en abl e s a c c e ss an d con t rol of s er i al ly a tt a ch ed d ev i c es an d n etw o rk a t t ach ed d e vi c e s ( ho sts ). Th e Adm inis trator [...]

  • Página 27

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 27 F igure 5-2. Serial port scree n . Select Serial & Netw o rk: Seria l Port and y ou wil l see the c u rre n t la b els, modes, logging levels , and R S-232 protocol options th at are curre n tly s et up fo r each se rial port. By d e[...]

  • Página 28

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 28 Be fo r e pro ce ed ing w i th fu rth e r s e ri a l p o r t co n figu rat io n , con n ect t h e po r t s to th e s e ri a l d e v ic e s th e y w ill b e co n t ro l lin g , an d make sure they have matchi ng sett ings. NOTE: The serial ports are all set at th e factory [...]

  • Página 29

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 29 F i gur e 5- 5. Wi nd ows fe a tur es sc ree n. If th e re mo te co m mu ni c a tio n s a r e tu n n e le d wi th SDT Conn ect o r , the n y ou can us e Tel net to sec urel y acce ss these a ttached d evices (refer to the No t e b e low [...]

  • Página 30

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 30 F i gur e 5- 6. P uTT Y Co nfi gur a ti on sc re e n. Pu T TY can b e downloaded at http://www.tucows.c o m/preview/ 19 5286.html SSH: We recomme nd that you u se SSH as t he protocol wh ere t h e Use r or Adm inistrato r co n n ect s to the cons o le server ( o r connect [...]

  • Página 31

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 31 TCP: RAW TC P allo w s connect ion s directly to a TCP socket. Comm unicat ions prog rams like Pu T TY also support RAW TCP. You would usually access t hi s pr otoc ol v ia a c us tom a ppl ic at io n. For RAW TCP, the d efault port addr[...]

  • Página 32

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 32 F i gur e 5- 9. S DT se tt i ngs . F or conf igurati on details , refer to Chapte r 6. 4—U si ng SDT C on nec to r to Te l ne t or SS H co nne ct t o de v ice s t ha t a re se ri a lly at tac he d t o th e c ons ole se rver . 5.1. 4 De vi ce (R PC , UP S, E M D ) M o de [...]

  • Página 33

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 33 Fi gu re 5-12. Serial bri d ge setti ng s. Se le ct Se ri al Br id gi ng Mo de a nd s pec ify t he IP a ddr es s of t he Server c onsol e server and th e TCP port address o f th e remote seria l por t (for R FC2217 bri dg ing this w ill [...]

  • Página 34

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 34 5.2 A d d/ Ed it Us er s Th e Adm inis trator u s es thi s m enu s el e ctio n to s e t up , ed it , an d d e le t e us er s , an d to d e fin e th e ac ce s s perm i ss ion s fo r e a ch of th e s e use rs . Fi gu re 5 -15. Users and Groups sc reen. Users ca n be a ut hor[...]

  • Página 35

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 35 Fi gu re 5-16. Add a n ew user screen. Click Add User to add a n ew user . Add a U sern ame a nd a c on firm ed Pass word for eac h new user. You may also incl ud e informati on related t o t h e user (f o r exa mp le, c on ta ct de ta i[...]

  • Página 36

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 36 5.3 A ut h en ti c at io n Re fe r to Ch apt er 9. 1 —Au thenticati on Configuration for authenticat ion configurat ion details. 5 . 4 N e tw or k Ho st s To acces s a locally networked com pu ter or device (refe rred to as a Host ), you must identi fy the Ho st and spec[...]

  • Página 37

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 37 5 .5 T rusted Ne tw orks Th e T ru st ed N etw o r ks fac i l it y gi v e s yo u an op t io n to no min a t e sp ec if i c IP add r es s e s wh er e us e r s ( Administra tors and Us e rs ) mus t be lo c ated to acce ss c ons ole se rve [...]

  • Página 38

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 38 Fi gu re 5 -19. Serial Por t re dir ecti on. This s erial port redirector s oftwar e is loaded i n your d esktop PC, a nd it al lows you to use a serial device t h at’s c onn ecte d t o the re mote c ons ole se rver as if it were co nn ected to y our l o cal s eria l por[...]

  • Página 39

    Chap te r 5 : S e ri al Po r t, Ho s t, De vi ce, and Us e r Con figu ra ti on 724-746-5 5 00 | blackbox.co m 39 • Select t h e connecti on type for the new connecti on (Serial, Netw o rk Host, UPS, or R PC) and th en select the specific connecti on from the pr esented list of confi gu red un all ocated hosts/ports/ ou tlets. T o a dd a n ew net [...]

  • Página 40

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 40 6 . S ecur e S SH Tu nn e l in g a nd S D T Conn ecto r Each B l ack Bo x c on sole se rver h as a n embedded SSH serve r and u ses SS H tunnel ing so rem o te users ca n sec ur ely connect t h rough th e c ons ole server to Managed D evice s—usi ng text-base d cons o le[...]

  • Página 41

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 41 • Usi ng SDT t o IP connect t o hosts t hat are se rially attac h ed t o the c on sole server (Section 6. 1 0). 6 .1 Co nfig uring for SS H Tunnelin g to H osts To set up the c on sole server to SS H tunnel to access a network at tached ho st: Add the [...]

  • Página 42

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 42 O nc e the i nst a ll er c om pl et es yo u wi l l hav e a wor k in g SD T Co nne cto r c l ie nt i ns ta ll e d o n y our ma c hi ne a nd a n ic on on y ou r des k t op : Fi gu re 6 -3. S D T connector ic on. Cli c k th e SD T Co nn e c tor ico n on you r d es k to p to s[...]

  • Página 43

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 43 F i gur e 6- 5. N ew S DT Gat e way sc re e n. O r, e nte r a De sc r i pti ve Na me t o dis pl ay i nst ea d of t he I P o r DN S add re ss , a nd a ny Not es or a Des c ri pti on o f t his gat e way (s uc h as it s firmwa re versi on, site location, or[...]

  • Página 44

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 44 F i gur e 6- 7. Ho sts . NOTE: The Retrieve Hosts function will auto-confi gu re all us er class es (th at is, th ey can be members of user or admin or som e o th er group or no group. S D T Connect o r will not auto-confi gu re the r oo t (a nd we recommend t h at y ou on[...]

  • Página 45

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 45 F i gur e 6- 9. Ne w S DT Hos t sc ree n. E n t er t he IP or DNS Hos t Ad dre s s of the hos t (i f t his is a D NS a ddr es s , it mus t be a ble t o be re s ol ve d by t he gat e way ). Select which Services to use to access t h e n ew host. A range o[...]

  • Página 46

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 46 Select which Client a ppli cati on is associa ted wit h the n ew service. A range of c l ient a pp licati on options are p re-c on figured i n the d efau lt SDT Connector ( R D P client, VNC cl ient , HTTP browser, HTTPS browser, Telnet clie n t, etc.) . I f you w ant to a[...]

  • Página 47

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 47 Fi gu re 6-13. Edit port r edire ction. NOTES: SDT Connect o r ca n als o tunnel UDP services. SDT Connector tunnels t h e UDP traf fi c t h rough t h e T C P SSH re d irect ion, so i t is a “t u nnel with in a tu nn el .” Enter t h e UD P port wh er[...]

  • Página 48

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 48 Enter a Comm and Li n e ass ociated w i th la un chi ng the c lient a pplic ati on . S DT Connector ty p i cal ly la un ches a c li ent using com m and li n e ar gu ments t o point it at t h e l o cal e ndpo int o f the re direction. T h ere are three special key words for[...]

  • Página 49

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 49 6 . 3 SD T Conn ecto r t o Ma n a g e m e nt Con so l e You ca n also configure S D T Connect o r f o r b rowser acce ss t o the cons ol e serve r’s Management Con sole —and f o r Tel n et or SS H acces s to th e command l ine. F o r these connection[...]

  • Página 50

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 50 Fi gu re 6-18. Add po rt redirection. Assumi ng you have a lready se t up t h e tar g et c on sole se rver as a gateway i n your S D T Connector c lient (with u sername/pass wo rd et c) , select this gat eway a nd cl ick t h e H o st i co n to crea te a host. O r, se lec t[...]

  • Página 51

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 51 F i gur e 6- 19. Ou t- of - ba nd a c ce ss . To co n fi g ur e SD T Co n n ec to r for O o B a cc e s s: When a dd ing a n ew Gateway o r e d iti ng an existi ng Gateway se lect t h e Out O f Band ta b. Enter t he secondary , OoB IP address o f the g at[...]

  • Página 52

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 52 Fi gu re 6 -20. OoB connecti on using SDT c onnector. When y ou c onn ect t o a se rvice on a host be h ind the c onso le se rver, o r to t h e cons o le serve r itself , SDT Connect o r will initiate t h e OoB connection usi ng the p rovided Star t Comm and. T h e OoB c o[...]

  • Página 53

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 53 SDT Connector will now u se public key aut h enticati on wh en connecting through the SSH gateway (con sole serve r) . You m ay have to restar t SDT Connector t o shut dow n any exi sting tunnels that were esta b lished using password a uth enticat ion. [...]

  • Página 54

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 54 Fi gu re 6-23. Remote D eskt op Us ers dial og bo x. To set the user(s) who can remotely access t he system with RDP, click A dd on the R emote Desktop Users di al og bo x. NOTE: If you need to set up n ew users for Remote Desktop access, o pen User Accounts in the Control[...]

  • Página 55

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 55 In Co m pu t e r , en t er t h e ap p rop r i at e I P A d d r es s and Po rt N u m b er : Where there is a direct l o cal o r e n terprise V PN connect ion, enter the IP Address of t h e cons o le server, and t h e Port Numb er of the SDT Sec ure Tunnel[...]

  • Página 56

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 56 You ca n use GUI front end tools l ike the GNOME Ter m inal Services Cl i ent t sclient t o c on figure and launc h the r d eskt op clie n t. (U sin g t s cl ien t al so ena bles you to store multiple configurati ons o f rdesktop for connecti on to m any servers. ) F i gur[...]

  • Página 57

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 57 RealVNC ht tp:/ /www .realvnc.c om is fully cr o ss-platf o rm, so a desktop running on a Linux mac h ine may b e displayed on a Windows PC, on a Solar is machine, or on any numb er of other a rchitectu res. There is a Windows ser ver, all owing y ou to [...]

  • Página 58

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 58 • E d i t / home/username/.v n c/xsta rtup if y ou want a mo re a d vanced se ssion than j u st t wm and a n xterm. F or M aci nt os h s erv er s (a nd cl ie nts ): OSX vn c h ttp : / /w w w . r ed s ton e so ftw ar e .co m/ vn c .ht m l i s a ro bu st , fu l l-f e atu r[...]

  • Página 59

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 59 F i gur e 6- 29. IP a ddr es s of co nso le s er ve r uni t. To establish t h e V NC connecti on , s i mply acti vate t h e VNC Viewer software on the Vie w er PC a nd enter the pass word. Fi gu re 6-30. V NC authenticati on . NOTE: F o r ge n eral backg[...]

  • Página 60

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 60 6.10. 1 Es tab l is h a PPP Conn ect ion b e t w e e n t h e Hos t C OM P o r t a nd Con so l e S e r v e r (T his ste p is on ly n ece ssary f or seria lly c onnecte d co mputers. ) Firs t, physical ly connect the CO M port on th e ho st computer you w ant to access to th[...]

  • Página 61

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 61 Fi gu re 6-32. User permi ssi on s. Specify which Users will be al lowed to u se t h is connecti on. This s ho uld b e t h e same Users who w ere give n Remote Deskt op access p riv il eg es in th e ea rlier ste p . Click Next. On the Network Conn ecti o[...]

  • Página 62

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 62 NOTES (continued): T h e c onsole server default Username is port XX where X X is t h e se rial po rt numb er o n the c on sole server . Th e d e f au l t Pa s swo rd i s p o r t XX To use the d efa u lts for a RDP connection to the serial port 2 on the console server, you[...]

  • Página 63

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 63 F igure 6 -35. S D T sett ings scree n. N OT E: Wh en y ou e na ble S DT, i t wi l l ov er r i de al l ot he r C onf ig ura t i on p rot oc ol s o n t hat por t. NOTE: If you leave the Username and U ser Passwor d fiel d s blank, they default t o po rt X[...]

  • Página 64

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 64 Fi gu re 6-36. PuTTY Con figuration screen. In th e S e s sio n men u , en ter th e I P ad d res s of th e co n s ol e se r v er in t h e Ho s t N am e or IP ad d res s fi eld . For dial-in connect ions, t h is I P address will b e t h e L o cal Add ress t h at y ou assi g[...]

  • Página 65

    Chap te r 6: Se c u re SS H Tun nel ing and SD T Con nec to r 724-746-5 5 00 | blackbox.co m 65 F i gur e 6- 37. Se t de st i nat io n. If y our destinati on computer is serially c onnected to t h e c on sole se rver, set the Desti n ati on as <port la bel>:3389. F o r example , if the Labe l you specif ied on th e serial port on the console [...]

  • Página 66

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 66 NOTE: How secure is VNC? VNC access general ly allows access to your whole com pu ter, s o securi ty is very import ant. VNC uses a ra ndo m challe ng e-res ponse system to provide t h e basic authentica tion that a llows y ou to c onn ect t o a VNC server . This is reason[...]

  • Página 67

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 67 7 . Alerts and L og gin g This c h apter describes t h e alert g enerat ion and loggi ng feat u res of t h e con sol e se r v er . Th e Al ert fa ci li t y m o ni to rs th e se ri al po rts , all lo g ins , an d th e power status, and sends e m ails, SMS, Nagi o s, o r SNMP al e[...]

  • Página 68

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 68 You may als o e n ter a Use rname an d Pa ssword if the SMTP ser ver re quires aut h enticat ion. You ca n spec ify t he s pecif ic Subject L ine tha t w ill b e sen t wi th th e em ai l. Click Apply to a c ti v a te SM T P . 7.1. 2 S MS A l er ts Th e co ns ol e s e rve r[...]

  • Página 69

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 69 To con fi g ur e fo r SN M P v3 , yo u wil l ne ed to en t er an ID and au th en ti c a tio n p as sw o rd an d co n t ac t in fo r m at io n for th e lo c al Admin istrator (in th e Securit y Name ). Click Apply to a c ti v a te SN M P. F igure 7-3. S N MP ale rts. NOTE: All co[...]

  • Página 70

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 70 Select Aler ts & Logging: A lerts, which will display all the alerts c u rre n tly confi gured. C lick Add Aler t. 7.2. 1 A d d a Ne w Al er t Th e f ir s t s t ep is to sp e ci f y th e al er t se r vi c e th a t th is e v en t wil l us e fo r s end in g n o tifi ca t[...]

  • Página 71

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 71 F igure 7-6. Gen eral a lert ty pes. Seri a l Port Signal A lert —This ale rt will b e tr iggered when t h e s p ecifie d si gn al c h anges state a nd applies to serial port s only. You must s p ecify t h e partic ul ar S ignal Type (D SR, DCD o r CTS) trigger cond ition and [...]

  • Página 72

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 72 F i gur e 7- 8. Se ri al port pat te r n mat ch a ler t . UPS Power S tat u s A lert — T his al er t wi ll be tr ig ger e d w he n t he UP S p owe r s ta tus c ha nge s be t wee n o n l ine , o n ba t te ry , a nd l ow ba tt er y. T his stat u s will only b e monitore d [...]

  • Página 73

    Chap ter 7: A le r t s a nd Loggi ng 724-746-5 5 00 | blackbox.co m 73 7 .3 Re mote Log S torage Bef ore acti vating Serial or Network Port Logging on any port or U PS logging, you must specify where those l og s are to b e saved: Select the A lerts & Loggin g : Port Log me nu option and s p ecify the Server Type to u s e , an d th e d e t ai l[...]

  • Página 74

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 74 Level 2 L og s al l da ta tra n sferre d t o and f rom the port. Click Add th en c li c k App ly.[...]

  • Página 75

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 75 8 . Power Ma nage m ent Black Box co n sol e se r v er s ma na ge em be dde d s of twa re t hat y ou c an u se to ma na ge c onne ct e d P owe r Di str i but io n Sy s te ms (P DU s), IP MI de vic e s, a nd Uninterrupti ble Power S upp lies ( U PSs) s uppl ied b y a nu mber of ve n[...]

  • Página 76

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 76 Click Add RPC . Connected Via pre se nts a l i st o f se ria l p or ts a nd ne tw or k H ost c onn ec ti ons t ha t y ou h av e se t u p wi t h de vi ce t y pe RP C ( but have y et t o c on nec t to a s p ec ific RP C device ): When you select Connect Via f o r a N etwork [...]

  • Página 77

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 77 F i gur e 8- 3. RP C des c ri pti ons . En te r th e User na me and Pa ssword u s ed to log in i nto th e R PC (N o t e th at th es e log in c r ed en t i al s ar e no t r el a t ed to th e Users a nd a c ce s s pr iv ile ges y ou co nf i gur e d i n Serial & N etworks: Users &[...]

  • Página 78

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 78 The ou tl et s tatus is displayed a nd you can init iat e t h e Ac ti on y ou want t o take by selec ting the appr op riate ic on: Turn ON Turn OFF Cycle Status You will only be pr esente d with ic on s for tho se operati on s that are supporte d by the Target y ou hav e s[...]

  • Página 79

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 79 Fi gu re 8 -5. Connecti ng to re mo te UPS. 8 .2 .1 Ma n aged U PS Co nnec tions A Managed UPS is a UP S th at is di r e ct ly co nn e ct ed as a M an ag ed De vi c e to th e con so l e s e r v er . You can connect i t via serial or USB cabl e o r by th e ne tw o rk. Th e co n sol [...]

  • Página 80

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 80 Seria l and net wo rk c onn ected UPSes must firs t be c onn ecte d to, a n d c onf igure d t o communicat e with the console se rver: Fo r seria l U PSes attac h the U PS to the selec ted serial port on the console s erv er . Fr om the Serial and Ne twork: Serial Po rt me[...]

  • Página 81

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 81 F i gur e 8- 8. A dd ma na ge d UPS sc ree n. Select if the UPS w ill be Connected Via USB, over a pre-c on figured ser ial po rt, or via SNMP/HTTP/HTTPS over the preconfi gured n etwork Host connecti on. When y ou sele ct a netw o rk UPS connecti on, then the c o rres ponding Host[...]

  • Página 82

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 82 Click New Op tion s in Dr i ver Op ti ons if yo u ne e d t o s et dr ive r -s pec if ic op ti ons f or yo ur s e le cte d N UT dr ive r a nd ha r dwa re c om bi na tio n (mo re detai ls at h tt p ://www.networkupstools .org/do c ). Fi gu re 8-9. New op tion scree n . Check[...]

  • Página 83

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 83 En te r th e I P Add re ss or DNS name of t he re m ot e console serv er * th at i s ma na gi ng t he re mot e UP S . ( *T his ma y be a not her Bla ck Box co n sol e s e r v er or i t may be a g eneric Li nu x server r unning Network U PS Tools. ) NOTE: An exam ple where ce n tral[...]

  • Página 84

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 84 Fi gu re 8-11. UPS g raph. Cl i c k o n an y p ar t i cu l a r All Data for any U PS Sys tem in t h e ta ble for more stat us a nd confi gu rati on informati on about t h e sele cted UPS Syste m. Select UPS Logs a nd y ou wi l l be pr es e nt e d wi th t he l og ta ble of [...]

  • Página 85

    Chap te r 8 : Powe r Manage men t 724-746-5 5 00 | blackbox.co m 85 Fi gu re 8-13 . NU T. N UT is b ui l t o n a ne tw ork e d m ode l w it h a l ay ere d sc he me o f dr ive rs , se rve r a nd c li e nts : Th e dr iver p ro g ram s t al k d i r e ct l y to th e U PS eq u ipm en t an d run o n th e sa m e ho st a s th e N U T n et wo r k s e r ver [...]

  • Página 86

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 86 C e ntr al ma na ge me nt of mu lt ipl e NUT se rv er s : A c e ntra l NUT c l ie nt c a n m on it or m ult i ple NU T s e rv er s t ha t may be di str i bute d t hr ou gho ut the d a ta center, across a campus, or around t h e w o rld. NUT supports the more c omp lex pow [...]

  • Página 87

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 87 9 . Aut henticati on Th e co ns ol e s e rve r is a dedica ted Linux computer with a myria d of popular a nd proven Li nux software modules for net wor king, secure acces s (OpenSSH), and communicati on s ( Op enSSL), and s ophisticated u ser aut h enticati on (P A M , RAD IUS, T [...]

  • Página 88

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 88 F i gur e 9- 2. T ACA CS sc re e n. En te r th e Se rver Addre ss (IP or ho st nam e) of the remote Auth enticat ion /Authorizati on server. M ultip le rem o te serve rs may be specif ie d in a c om ma-se parate d l ist. Ea ch server is t ried in s u cces sion. In a dditio[...]

  • Página 89

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 89 RADIUS: T h e Rem o te Au thenticati on Di al-I n User Service (RADIUS) prot o col was developed by L ivingston En te rprise s as a n access s erver authenti cation and acc oun ti ng protocol. T h e RA DIUS server ca n support a variety o f methods t o authenticate a user. W h en [...]

  • Página 90

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 90 Example 2: Use r Be n is onl y def i ne d on t he T AC ACS s er ve r, w hic h sa ys he has ac ce ss to p or ts 5 a nd 6 . Wh en he a tte m pts t o l og i n, a ne w us e r will be cr ea te d f or h im , a nd h e wi ll be a bl e t o acc e ss po rt s 5 a nd 6. If th e T AC AC[...]

  • Página 91

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 91 9 .3 SSL Certifi cat e Th e co ns ol e s e rve r u ses t h e Sec ur e S o cket Laye r (SSL) protocol f o r enc rypted n etwork tra ffic betwee n itself a nd a connecte d user. When esta bli shi ng the c onn ecti on , the c onsole server has t o ex po se its iden tity to the use r?[...]

  • Página 92

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 92 Select System: SS L Certific ate and fi ll o u t th e f i eld s a s exp l ain ed b elo w: Common name T his is the netwo rk n ame of the co n sol e s e r v er o n ce it is in s t al l ed in th e n et w or k (u su a ll y th e fu ll y q u al if i ed d o m ain n am e). I t i [...]

  • Página 93

    Chap te r 9 : Au then t ic a ti on 724-746-5 5 00 | blackbox.co m 93 F i gur e 9- 6. Up l oa d bu tt on. Aft e r co m pl e tin g th es e st ep s , th e console se rver h as i ts o w n c er ti f ic a te th at i s u s ed fo r id en ti f yin g th e console s erver t o its users. NOTE: You can find inf o rmati o n on issuing certif icates and co n figu[...]

  • Página 94

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 94 1 0 . N agios Integra tio n Nagios is a pow erful, hi gh ly exte n sible open source t o ol for monitori ng n etwork hosts and servic es. The core N agi o s soft w are packag e w ill typically be insta ll ed on a server or virtual serve r, th e central Nagios server. Console se rver s operate in conjunc[...]

  • Página 95

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 95 1 0 .2 Centra l Mana ge ment and S etting Up S D T for Na gios T he Bla ck Box Na gi os s olu ti on ha s th re e pa rts : t he Ce nt ra l Na gi os ser ve r, Dis tr i but e d Bla ck Box cons o le ser ver s, and th e SD T fo r N ag io s so f tw a re . F i gur e 10 - 2. [...]

  • Página 96

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 96 2. Run the SDT for N agi o s Configuration Wizard on the centra l N agios server (Section 10.2. 1 — Set up SDT N agios on central N agi o s server) an d pe rf or m a ny a ddi ti ona l c on fi gu rat i on ta sk s. 3. Install SDT Connector on eac h client. . 1 0 .2 .1 Se t[...]

  • Página 97

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 97 Click Apply. Next, y ou must c on figure the attached Wi ndo w n etwork host a nd specify t h e ser vic es y ou will b e c h ecking w ith Na gi os (HTTP a nd H TTPS): Select N etwork Hosts f rom the Seria l & N etwork menu and click Add Ho st. Enter t he I P Addr [...]

  • Página 98

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 98 F i nal ly, y ou ne e d t o a dd a User for t h e clie n t r unn ing S D T Connector: Select Us ers & Gr ou ps from th e Se r i al & N e two r k me nu. Click Add U s er. In U sername , ente r: sd tn ag io su s er , then enter and confirm a Password. In A c c ess ib[...]

  • Página 99

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 99 10.3. 2 En ab le N R PE M o ni to r in g Figu r e 1 0 -5 . N R PE m on i to ri ng s tru c tu re. Enabli ng NR PE a llows y ou to exec ute pl ug -ins (s u ch as c h eck_tc p and c h eck_ping ) on the remote C o n so l e s e r v er to mo n i to r s er i al o r n e tw o [...]

  • Página 100

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 100 Re f er t o t he sa m ple Na gi os c onf ig ura ti on s ec t i on be low fo r s ome ex a mpl e s of c onf ig ur i ng s pec if ic NS CA che cks . 1 0 .3 . 4 Co nfig ure S elected Ser ia l Ports for Nagios Mo nito ring Th e i nd i v i du al S er i al Po r t s co n n ec ted [...]

  • Página 101

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 101 ho st_ n ame Bla ck Box a lias C onsole server address 192. 168 .254.147 } ; Ma nag ed Host defi n e host{ use g eneric -host ho st_ n ame se rver a lias se rver address 192. 168 .254.227 } ; NRPE d aemon on g ateway de fi ne c omma nd { c om ma nd _ name c hec k_ nr[...]

  • Página 102

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 102 check_c omm and check_ po rt_l og } de fin e s e r vic e { se rv i ce_ des c ri pti on p or t- l og- se rve r hos t_name server use generic -service check_c omm and check_ po rt_l og active_ checks_enable d 0 passive_ checks_enable d 1 } de fin e s e r vi c ed ep en d en [...]

  • Página 103

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 103 use generic -service check_c o mmand check_c onn _via_ B lack Box !t cp !2 2 active_ checks_enable d 0 passive_ checks_enable d 1 } de fin e s e r vi c ed ep en d en cy{ n a m e Black Box _n rp e_d a emo n _d ep host_ n am e Black Box depe nd ent_ ho st_name se rver [...]

  • Página 104

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 104 1 0 .4 . 4 Distrib uted Mo nito ring U sage Scenarios Bel o w ar e a number of distribute d mon itoring Nagios scenarios: Lo ca l o f fi ce In th i s scen ario , th e c ons ole se rv er is set up t o m on itor ea ch managed devic e’s c on sole. Configure it t o make a n[...]

  • Página 105

    C h a pt er 1 0 : N a g i os I nt e gr at i o n 724-746-5 5 00 | blackbox.co m 105 Remote sit e with restric tive f irewa ll In th i s s cen a rio , th e ro l e o f th e co nsol e se r ver will va r y. On e aspect may b e t o upload c h eck resu l ts t h rough NSCA. Another m ay be t o provi d e a n SSH tunnel to allow the N agios server t o run NR[...]

  • Página 106

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 106 1 1 . Syste m Manage m ent Thi s ch ap t e r d e s cr ib e s h o w th e Administrat or can p erform a ra ng e of g eneral c onsol e ser ver sy s t em ad mi n i str at ion an d con fig u r at io n t a s ks su ch a s: • Applying So ft an d Ha r d R ese t s to th e g at e [...]

  • Página 107

    Chap te r 1 1: S y s te m M anage men t 724-746-5 5 00 | blackbox.co m 107 Th e har d e rase wil l clear al l c u stom sett ings and re turn t h e unit back to factory de fault sett ings ( i. e. the IP a ddress wil l be re set to 1 9 2 .1 6 8 .0 .1 ). You wil l be pr o mpted to log i n and must e n ter the d efault ad m inistrat ion username a nd a[...]

  • Página 108

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 108 Cli ck A p p l y an d th e console server applia n ce w ill perf o rm a soft re b oot a nd star t upgradi ng t h e fir mw are. T his process will take severa l mi n utes. Af ter the firmware upgrade complete s, click here to ret u rn to th e Mana g ement Cons ole. Your co[...]

  • Página 109

    Chap te r 1 1: S y s te m M anage men t 724-746-5 5 00 | blackbox.co m 109 Fi gu re 11-6. Conf igurat ion b ackup screen. With a ll cons o le server s , you ca n save the backup f i le re mo tely on your P C and y ou can res tore confi gu rati on s from re mote locations: C li ck Sa ve Ba ck up i n t he Re mot e C onf i gur a ti on Bac k up m e nu.[...]

  • Página 110

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 110 1 2 . St atus Reports Thi s ch ap t e r de s cr i b e s th e da sh b o ard f e atu r e an d th e s t atu s rep o r ts th at ar e a v a il ab le : • P o rt Access and Active U sers • Statist ics • Support Reports • Sysl o g • Dashboard Ot h er s tatus re po rts t[...]

  • Página 111

    Chap te r 1 2: S ta tu s R e po rt s 724-746-5 5 00 | blackbox.co m 111 Figu r e 1 2-2 . S t ati st i cs st a tu s. You ca n find detai led statist i cs re po rts by selec ting t he various s ub menus. 1 2 . 3 Suppo r t R e po r t s The S uppo r t R eport p rovi d es u seful stat u s inf o rmati on that w ill ass ist the B lack Bo x Tec hnical Supp[...]

  • Página 112

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 112 12.4 S ys l o g The Li nu x Sys tem Logger i n the c ons ole se rv er m ain t ain s a r eco rd o f a ll sy s t em me ss ag es an d e rro r s: Select St at us : Sys l og You c an re direct the sysl og recor d to a remote Sysl og Serve r: En te r th e re m o te Sy slog Serv[...]

  • Página 113

    Chap te r 1 2: S ta tu s R e po rt s 724-746-5 5 00 | blackbox.co m 113 1 2 . 5 . 1 Con f i gu r ing th e D a s hbo a rd O nly use rs wh o a re mem be rs of t he ad m in g roup (and the root us er ) ca n c onf i gure a nd a c ce ss t he da s hb oar d. T o c onf i gu re a cus t om d as hb oa r d: Select System: Con figure Da shboard a nd select t h [...]

  • Página 114

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 114 To configure what is to be displaye d b y each widget: Go to the Conf igure widgets pa ne l a nd c onf ig ure ea c h s el ec te d wi dge t ( for e xa mp le , spe c if y wh ic h UP S s ta t us is t o be di s pla ye d o n t he up s widget or t he max i mum num be r of Ma na[...]

  • Página 115

    Chap te r 1 3: Man agemen t 724-746-5 5 00 | blackbox.co m 115 1 3 . Manage ment Th e co ns ol e s e rve r ha s a s mal l n um ber of Manage r e por ts a nd t ool s t hat a re a va il a ble to bot h Administrat o r s a nd Users : • Access and contr ol authorized devices. • V ie w se ri a l po rt l ogs a nd h os t lo gs f or t hose dev ic e s. ?[...]

  • Página 116

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 116 Fi gu re 1 3-3. P o rt logs. To d i sp l a y Ho st log s , sel e c t Manage : Host L og s a nd t he H ost to be d is pl aye d. 1 3 . 3 Se r i a l P o r t T e rm in a l Conn ect i on Adm inistra tor and Use rs can communicate direct ly with the cons o le server c om ma nd [...]

  • Página 117

    Chap te r 1 3: Man agemen t 724-746-5 5 00 | blackbox.co m 117 NOTE: You must insta ll SDT Conn ector on t h e com pu ter you are browsing fr om and a dd and t h e c ons ole ser ve r as a gateway as d etai led in Cha pter 6. The al ternate to u s ing S D T Connect o r and y ou r l o cal t elnet c li ent is to run t h e open s ource jcter m java te [...]

  • Página 118

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 118 1 4 . Co nfiguration fr om the Comma nd Line Fo r those who p refer to configure t h eir co n so l e s e r v er at t he Li nu x c omm a nd l ine l ev e l (ra t he r th a n us e a br ows er a nd t he Ma nage me nt C ons ole ), t hi s c ha pte r de sc ri bes h ow t o us e c[...]

  • Página 119

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 119 The config to ol Syntax c onfig [ -ahv ] [ -d id ] [ - g id ] [ -p pa th ] [ -r c onfi gurat o r ] [ -s i d=va lue ] [ -P i d ] De s crip tio n Th e co n fig tool is designed to p erf orm multiple acti on s from on e command if needed, so options can be cha[...]

  • Página 120

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 120 Th e r eg is t er ed co n f ig u rato r s a r e: al e r ts auth c as cad e c ons ole dhcp dialin even tlo g hosts ipaccess ipco n fig na gi os power serialc onfig services slave systemse tti ng s time ups users T h ere ar e three w ays t o delete a confi g eleme nt val u [...]

  • Página 121

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 121 NOTE: Supporte d serial port baud-rates are ‘50’, ‘75’, ‘ 110 ’, ‘134 ’, ‘ 150’ , ‘200’ , ‘ 300 ’, ‘600’, ‘1200’, ‘1800’, ‘ 2400 ’, ‘4800 ’ , ‘ 9600 ’, ' 19200 ', '38400', '57600 &[...]

  • Página 122

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 122 # co nfi g - s c onf i g. po rt s. por t 5. s dt. ss h= on T o c onf ig ur e a use r na me a nd pas sw or d w h e n ac ce ss in g th is p ort wi t h Us e r nam e = us er 1 a nd P a ss wor d = se cre t : # co nfi g - s c onf i g. po rt s. por t #. s dt. use r na me= us er [...]

  • Página 123

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 123 Yo ur new User wi l l be t he ex i st ing t ot al plus 1. If t he pre v i ous c omm a nd ga ve y ou 0 , t he n y ou sta rt w it h us er nu mbe r 1. If y ou a lr e a dy hav e 1 user y ou r ne w use r wi ll be n um ber 2, e tc . To add a user (wi th Us ername[...]

  • Página 124

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 124 1 4 . 4 Add i ng a nd R e m ov i ng U s e r G rou ps Th e co ns ol e s e rve r is configured with a few default user groups (even though onl y two of these groups are visible in th e Management Con sole GUI). T o find out ho w ma n y groups are a lready present: # c onf i[...]

  • Página 125

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 125 To con fi g ur e TA C AC S au th en ti c a tio n : # config -s co n fi g .aut h.tacacs .auth_se rver='c omma separate d list' (li st of remote a uthe n ticti on an d aut horizat ion server s.) # config -s config.aut h .tacacs .acct _serve r='[...]

  • Página 126

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 126 Add othe r network ho st T o ad d any ot her ty pe of net wor k h os t w it h the f ol low in g de tai ls: IP address/ D NS n ame 192.168.3.10 Host name OfficePC Descripti on MyPC All o wed sevice s ssh port 22,https port 443 log l ev el fo r s e rvi c es 1 Iss u e the co[...]

  • Página 127

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 127 Th e fo llo w in g co mm an d w ill s ynch ron ize th e li v e s yst e m wi th th e n ew con f ig u ra t ion : # con f ig -r s er i al co n fig 1 4 .8 Casc aded Ports To ad d a n e w s l av e d e vi c e wi th th e fo llo win g se t tin g s : IP a dd ress/ D[...]

  • Página 128

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 128 # c onf ig -s c onfig.ups.monitors.monit o r1.options. op tion1.opt=option # c onf ig -s c onfig.ups.monitors.monit o r1.options. op tion1.ar g = argument # c onf ig -s config.ups.monitors.m on itor1.options.t otal=1 # co nfi g - s c onf i g. ups .m on it ors . mo ni t or[...]

  • Página 129

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 129 # c onf ig -s config.ports. po rt2.power.ty p e=A PC 7900 # co nfi g - s c onf i g. po rt s. por t 2. powe r. na me= My RPC # c onf ig -s "config.ports. po rt2. po wer.descri p tion=RPC in room 5" # co nfi g - s c onf i g. po rt s. por t 2. powe r[...]

  • Página 130

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 130 N o t i c e Warning A ss um e t he re mo te l og se rve r nee ds a us e r name ' na me 1' a nd pa ssw or d 'se c re t ': # co nfi g - s c onf i g.e ve ntl og .s er ver . use r na me= nam e 1 # co nfi g - s c onf i g.e ve ntl og .s er ver . pas s wor d=[...]

  • Página 131

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 131 # c on f ig -s "config.aler ts.alert 2 .pattern=. *0.0% i d " # con fig - s co n fig . al e rt s. al e rt2 .po rt1 0 =o n # config -s c onfi g .aler ts.a lert 2 .sen sor=tem p # con f ig - s con fig . al ert s . al ert2 . sign al=D SR # con fig - [...]

  • Página 132

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 132 # c on fig -s config.syste m .smt p .subject =SM TP ale rts T o set -up an SMTP SMS server with t h e same details as above: # config -s confi g .syste m .sm tp.server 2=mail . Black Box .c o m # co nfi g - s c onf i g.s yst e m. sm tp. e nc ry pti on 2=S SL (c a n a ls o[...]

  • Página 133

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 133 # co nfi g - s c onf i g. i nte rfa ce s .w a n.m ode =s ta t ic # config -s config.i n terfaces. w an.media=[ Auto | 100b aseTx-F D | 1 00baseTx-HD | 10b aseT- H D ] 10baseT-FD To en ab l e b ri d gi n g b et w e en al l in t er f a c es : # co nfi g - s c[...]

  • Página 134

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 134 Th e fo llo w in g co mm an d w ill s ynch ron ize th e li v e s yst e m wi th th e n ew con f ig u ra t ion : # con fig -r ti m e 14.19 DHCP Server To en ab l e th e DH C P se r v er on th e con so le m an ag e m ent LA N , wi th s et tin g s : Default l ease t ime 20000[...]

  • Página 135

    Chap ter 14: Con figu ra tion f ro m th e Co mm and L ine 724-746-5 5 00 | blackbox.co m 135 Th e fo llo w in g co mm an d w ill s ynch ron ize th e li v e s yst e m wi th th e n ew con f ig u ra t ion : # config –a 14.21 NAGIOS To con fi gu r e NA G IO S w i th th e fo llo w in g s et ting s: NAGIOS ho st name console at R3 (Name o f this system[...]

  • Página 136

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 136           Black Box co n sol e se r v er s r un the embe d de d Linux ope rating system . So A d mini strat o r cl as s use rs ca n c on fi gur e t he console server an d mo n i to r an d ma [...]

  • Página 137

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 137 Fo r power and al arm sensor a lerts (pow er load, a nd battery c harge a l erts): /etc/ scri p ts/e n vir on mental -alert F or an i n te rface fa ilover a lert: /etc/scri pts/i nterface -failove r-alert All of these s cripts do a c h eck t o see w hether y ou have c r[...]

  • Página 138

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 138 e m ail to m o re t h an on e ema il a dd ress, fi nd the l ines in the scr ipt res ponsible f or inv o king t he ale rt-email script, t hen a dd th e foll owi ng lines be low th e e xi s tin g li n e s: exp o r t TO A D DR = " em ail add r es s@ do m ain .co m "[...]

  • Página 139

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 139 NE WT OT AL = $[ $ TOT AL -1 ] # Make backup copy of config file cp /et c/ confi g /config.xml /et c/ confi g /config.bak echo "backup of /etc/confi g /config.xml save d in / etc/c on fig/config.bak" if [ -z $NUMB ER ] # test whether a singular node is b ei ng[...]

  • Página 140

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 140 echo Done exit 0 el s e echo "er ror: i tem being d eleted has a n index g r eater than total items. I n crease the t o tal count va riable." exit 0 fi                   ?[...]

  • Página 141

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 141 slee p 30s fi if [ " $C OU NTE R" - e q 5 ] th en COUNTER=0 " $ @ " s l e e p 2 s fi done   !        ?[...]

  • Página 142

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 142 To save the configurati on : # / et c /s cr i pt s/ back up - us b sa ve c onfi g- 20Ma y To c h eck if the backup was saved correctly: # /etc/sc rip ts/ b ackup- u sb list If t h is command does not disp lay "* co n fi g -2 0 M ay " th en the r e wa s an erro r[...]

  • Página 143

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 143           Black Box’s portma ng er pr ogr a m ma na ges the console se rver serial ports . It routes networ k connecti on to serial ports, checks permiss ions, and monitors and logs a l l t [...]

  • Página 144

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 144 portm anage r daemon Th er e i s n o rm al l y n o n e ed to s top an d r es t a rt th e d aem o n . To r es t a rt th e d a em o n n o rm al l y, ju s t ru n th e co m m an d : # portmanager Supporte d comma nd lin e options are: Force portma n ager to run in the foregro[...]

  • Página 145

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 145 fi </ e t c/ con fig /pm sh el l -s t a rt .s h >                           ?[...]

  • Página 146

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 146 If the sta nd ard system firewall confi guration is no t a d equate f o r your n eeds y ou can b ypass it s afe ly b y crea ting a fil e at /etc /config /filt e r-cust om contai ning comm ands t o build a s p ecial i zed fi rewall. This fi rewall scr ipt will run whenever[...]

  • Página 147

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 147 T o s et t he Us er na me fi e l d (S N MP v ers i on 3 o nl y) : co n f ig - -s e t con fi g. sys t em . snm p .u se rn am e2 = yo u ru s e rn am e . . r e plac i ng your u sername wi th th e use rn am e conf ig . sy st e m. sn mp .u sern am e2 (3 on l y) To set the En[...]

  • Página 148

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 148 Th e k e y f in g erp ri n t i s : 28:aa: 29 :38:ba:40:f 4 :11:5e:3f:d4:fa:e 5:36:14:d6 u ser@serve r $ C rea te a new di re ct ory t o s t ore yo ur ge ne ra te d ke ys . Yo u ca n a ls o na me t he fi le s a fte r t he dev ic e t he y wi ll be us e d f or . For e xa mpl[...]

  • Página 149

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 149 Figu r e 1 5 -1 . If th e Bl a c k B ox d evi c e s e l ect ed to b e th e s er v er w il l on ly h a ve o n e c li en t d e vi c e, th en th e aut ho rized_keys f ile is s imply a c op y of t he publ ic key f o r t ha t de v ic e . If one or mor e de v ice s wi l l be [...]

  • Página 150

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 150 htt p ://www.openbs d .org/cgi-bin/man.cgi?query=ss h& sektion=1 htt p ://www op enbs d .org/cgi-bin/man.cgi?query=ss hd .  !                       [...]

  • Página 151

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 151 U se Wi nSC P to co py t hi s "a uth or iz e d_ ke ys " fi le int o t he u se rs home dir e ct ory : e . g. /etc/confi g /users /test u ser/. ssh/authorize d_keys of the Black Box ga te w a y wh i ch w i ll be th e S SH s er v er. Yo u w i ll n eed to ma k e s[...]

  • Página 152

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 152 I f t he h os t key has bee n le git i mat e ly c ha nge d, i t ca n be re mov e d fr om t he ~/.ss h/k nown_hosts f ile a nd t he ne w fi nge r pr i nt a dde d. I f it ha s n ot chan g ed, this indicates a seri ou s problem that should be investi g ated imm ediately. [...]

  • Página 153

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 153 Figu r e 1 6 -6 . K ey s . To ge n erate the keys using OpenBSD's OpenSSH suite, we us e the ssh-key gen pr ogra m: $ ssh-ke ygen -t [rsa |dsa] Generati ng pub lic/private [rsa |dsa] key pair. En te r fil e in wh i ch to sa v e th e ke y ( / ho me/ use r/ .s s h/i [...]

  • Página 154

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 154 Each clie n t will then n eed its own set of keys upl o aded through the sam e page. Take care to ensure that the correct type of key s (DSA or R SA) go in th e co rr e ct sp o ts , and th at th e pu b li c an d p ri v a t e ke y s a r e in th e co rr e c t spo t. (* &quo[...]

  • Página 155

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 155 To crea te a 10 24 bit R SA key a nd a self - signe d certific ate, iss u e t h e followi n g openssl c omm a nd fr om t he hos t y ou ha ve op enssl installe d on: openssl re q -x509 -nodes -d ays 1000 -newkey rsa:1024 -key ou t ss l_key.pem - ou t ss l_cert.pem You [...]

  • Página 156

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 156 Opti on s -1, - -o n Pow er O N t a rg et s . -0, - -o ff Pow e r OF F ta rg ets . -c , --cycle Pow e r c y cl e ta rg e ts . -r, --reset Asse rt ha rdware rese t for t argets ( if i mplemente d by RP C). -f, --flas h Tu rn b ea co n ON fo r t a rg et s ( if i mp l e m en[...]

  • Página 157

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 157 status Th i s acti on re t rie ve s t he cu rr e nt st at us of t he de v ice or ou t let Exa mp les: To turn outlet 4 of the pow er device connecte d to serial port 2 on : # pmpower -l port02 -o 4 on To turn an IPM I device off loca ted at IP a dd ress 192.168.1. 100 ([...]

  • Página 158

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 158           Th e co ns ol e s e rve r i n cl ud es t h e ipmitool uti li ty f or managing a nd configuri ng devices that support the Inte llig en t Pl a tfo rm Man ag em en t Int e r f ace (IP M I) ver sion 1.5 and ver sion[...]

  • Página 159

    Chap te r 1 5: A dv anced Co n figu ra ti on 724-746-5 5 00 | blackbox.co m 159 -p < port > Rem o te ser ver UDP port to connect t o . D efault is 623. -P < pa ss w or d > Rem o te server p assw ord i s specified on the command line. If supported, it will be ob scure d in the process list. Note! S p ecifying t h e p assword as a command[...]

  • Página 160

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 160 exec Run lis t of co m m and s fro m file set Set runti m e va r i ab l e fo r sh e ll and exec ipm i too l ch a ss i s h el p Chassis Commands: stat u s, power, id entif y, pol icy, restart_ca u se, poh, bootd ev ipm i too l ch a ss i s p o w er h elp chassi s power Com [...]

  • Página 161

    Appendi x A : Linu x Com ma nd s and Sou rc e Code 724-746-5 5 00 | blackbox.co m 161 App end i x A . L inux Com m a n d s a nd S ou rc e Cod e Th e co ns ol e s e rve r platf o rm is a dedicated Linux computer, optimized to provid e monitori ng and secure access to serial and network consoles of crit ical server systems a nd their s uppo rti ng po[...]

  • Página 162

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 162 ip6 ta ble s Admini strati on to ol for IPv 6 packet fi lteri ng ipta ble s -re s to re Rest o re IP Tables ipt a bles-save Save IP Ta bl es kill * Se nd a signal t o a process to end g racefully ln * Make link s b etween files logi n Begi n sessi on on the sy stem loopba[...]

  • Página 163

    Appendi x A : Linu x Com ma nd s and Sou rc e Code 724-746-5 5 00 | blackbox.co m 163 sl ee p * Delay f or a specif ied a mount of time s m bmnt Help er utility f or mounting SM B file sys tems sm b moun t Mount an SM B FS f il e sy stem sm bu moun t SMB F S u mo u n t fo r no rm a l u s er s snm p d SN M P d a emo n snm p tra p S en d s an SN M P [...]

  • Página 164

    1101 a n d 11 02 Secur e Devi ce Ser ve rs 724-746-5 5 00 | blackbox.co m 164 T h e re ar e a ls o a num ber of ot he r CL I c omm a nd s re la te d to othe r ope n s our ce to ol s e mbe dde d i n t he console serv er in cludi ng : PowerMan pr o vides po w er manageme n t fo r m any prec on fi gured rem o te p ow er co n trolle r (R PC) d evices .[...]