Adder Technology 5000 manual Ports, Security issues with ports

Page 82

Ports

If you accept the analogy of IP addresses being rather like telephone numbers, then think of ports as extension numbers. In a company of any size, you generally wouldn’t expect the accounts department to share the same telephone with the technical department. Although their calls may all be related to the same company, they concern very different aspects of that company.

It is the same with IP network connections. Although you have only one network link into your computer and only one IP address (phone number), you are probably performing many different tasks through that one link, often at the same time. Thus, when you browse the web your outgoing requests and the incoming information are all channelled through port 80. When you send an email, it travels through port 25 and when you transfer files you are, without knowing it, using port 20.

At the “border crossing” between the wider Internet and every local network attached to it, there is a router that is usually combined with a firewall. One of its main tasks is to direct incoming traffic to the correct place within its local network. A key piece of information to help it do this is the port number:

User accesses the company

Internet

User with VNC viewer accesses

IP address: 129.7.1.10 (this

website at: 129.7.1.10 (this

 

 

automatically uses port 5900).

automatically uses port 80).

 

 

 

Router/firewall address: 129.7.1.10 Router is programmed to send port 5900 VNC traffic to local address 192.168.0.3 and port 80 web traffic to local address 192.168.0.42

 

Web server

AdderView CATxIP 5000

Web server has the local

has the local IP address:

IP address: 192.168.0.42

192.168.0.3

 

Security issues with ports

The settings of port numbers become important when the AdderView CATxIP 5000 is situated behind a network firewall. In order for a remote VNC viewer or web browser to make contact with your AdderView CATxIP 5000, it is necessary for the firewall to allow communication through a particular numbered port to occur.

One specific function of firewalls is to restrict access to ports in order to prevent malicious attackers using them as a route into your network. Every new port that is opened offers a new possibility for hackers and so the number of accessible ports is purposefully kept to a minimum. In such cases, it may be advantageous to change one or both AdderView CATxIP 5000 ports to use the same number. The other alternative is to place the AdderView CATxIP 5000 unit outside the firewall and take full advantage of its secure operation features – see Networking issues for details.

IMPORTANT: The correct configuration of routers and firewalls requires advanced networking skills and intimate knowledge of the particular network. Adder Technology cannot provide specific advice on how to configure your network devices and strongly recommend that such tasks are carried out by a

   



81

Page 81 Page 83
Image 82
Page 81 Page 83
Contents AdderView CATxIP Contents Further information Index CAM formats Many computersCascade installations Creating larger installationsEnterprise installations AdderView CATxIP 5000 features front and rear What you may additionally need What’s in the box  Single unit rack brackets MountingDouble unit rack brackets Connections   AdderView CATxIP Rear panel Local userTo connect the local user port From video monitor From USB keyboard and mouseTo connect the IP network port for global users Global users IP network portAdderView CATxIP Front panel Computer system via CAM To connect a computer systemTo connect the power supply Power in connectionOutput lead from Power adapter To connect and address the switch boxes Power control portSwitch Multiple video head connections Host computer port/channel Remote switching controlCable from serial Control device Configuration Overall initial configurationInitial configuration Hotkeys Main menuMenu layout SecurityTo set an Admin password General security and configuration stepsTo enable general security Registering users and host computersWhat to do if the Admin password has been forgotten To clear a password and restore factory default settingsWhat is IP access control? Clearing IP access controlTo clear IP access control Full configuration by global user To configure the unit from a global user locationAdderView CATxIP 5000 encryption settings Encryption settingsViewer encryption settings Networking issues Positioning AdderView CATxIP 5000 in the networkAddressing Port settingsPlacing AdderView CATxIP 5000 behind a router or firewall Firewall/router addressTo discover a DHCP-allocated IP address DNS addressingEnsuring sufficient security Placing AdderView CATxIP 5000 alongside the firewallPorts To configure the power sequences for each host computer Power switching configurationPower control sequences To control two or more ports simultaneouslyTo invoke backup/recovery mode Recovering from a failed upgradeTo upgrade AdderView CATxIP 5000 models Upgrading AdderView CATxIP 5000 modelsAccessing the AdderView CATxIP Front panel indicatorsLocal user access Selecting a computerStandard hotkeys To select a computer using the Select Host menuWhen choosing Select Host menu here you can select computers by nameShow All Users Logging in and outConfirmation status box To enable/disable the confirmation boxUser preferences and functions Orange dot indicators in the Select Host menu What will I see when I first login? Global user accessHow do multiple users coexist? To download the VNC viewer Global user access via VNC viewerTo access via the VNC viewer Options buttonGlobal user access via web browser To access via your web browserWhen using the viewer window Using the viewer windowMenu bar Host selection ConfigureMouse pointers To select a hostAuto calibrate Access mode shared/privatePower switching Re-synchronise mouseControls Video Settings Enable Sun TranslationWhen entering codes Keyboard ControlSetting the Threshold manually Using automatic configurationsIncreased by 50% when a slow link is detected Screen contains only host system informationCustom Video Modes Advanced Video SettingsShow All Users Reduced BlankingVNC hotkey selection If you need to enter a port number Viewer encryption settingsSupported web browsers Getting assistance TroubleshootingWhen logging on using VNC viewer, I cannot enter a username US +1 888 275Appendix 1 Local setup menus To access the local setup menusRestore Intellimouse Power ControlRestore Standard Mouse FunctionsUser Preferences Settings Blank, Moving LogoSettings Disabled, Enabled Screen SaverGlobal Preferences Mouse SwitchingUser Timeout OSD Dwell TimeLogon Security Setup OptionsAuto Logout Completely resets the AdderView CATxIP 5000 unit ConfigurationIP admin password, encryption settings, etc IP address, net mask, VNC port, etcUnit Configuration Network Configuration Settings 1200, 2400, 4800, 9600, 19200, 38400, 57600 Serial ConfigurationSettings Power Control, Sync Units Options PortReset Configuration To reset the AdderView CATxIP 5000 configurationTo access the remote configuration pages Appendix 2 Configuration pages via viewerMain configuration Logged on users User accounts Unit configuration Advanced unit configuration Time & date configuration IP Network Mask Network configurationIP Access Control IP GatewayTo reorder access control entries Setting IP access controlTo define a new IP access control entry To edit/remove access control entriesOptions Port Use Serial port configurationBaud Rate Add entry for unrecognised host Host configurationErase Host Configuration SortSyslog Server IP Address Logging and statusTo copy and paste the log For further details To get hereLdap configuration Auto select Appendix 3 VNC viewer connection optionsColour/Encoding Preferred encodingInputs Enable all inputsDisable all inputs view-only mode CustomiseMisc Scale to Window Size ScalingNo Scaling Custom SizeIdentities Defaults ReloadDefaults Save Load / SaveAppendix 4 VNC viewer window options Encoding and colour level Appendix 5 Browser viewer optionsSecurity IP addresses Appendix 6 Addresses, masks and portsNet masks Binary equivalent Net masks the binary explanationOperation with net mask Binary octet afterAll locations Calculating the mask for IP access controlSingle locations Address rangesSecurity issues with ports PortsSee also Appendix 7 Cascading multiple unitsCascade tree Tips for successful cascading Connecting units in cascadeTo connect units in cascade Using cascaded computers Addressing computers in a cascadePower switch to power switch daisy chain cable Appendix 8 Cable and connector specificationsAdderView CATxIP 5000 to power switch cable Multi-head synchronisation cablePermissible key presses Appendix 9 Hotkey sequence codesCreating macro sequences Appendix 10 Supported video modes Safety information WarrantyGeneral Public License Linux End user licence agreement FCC Compliance Statement United States Radio Frequency EnergyEuropean EMC directive 89/336/EEC Canadian Department of Communications RFI statementHoe Huat Industrial Building Index Options port Upgrade failure Connection Baud rate
Top Page Image Contents