Adder Technology X100R, X200AS/R, X200A/R, RS232, X100A/R, CATX-PS2 Ports, Security issues with ports

Page 104

Ports

If you accept the analogy of IP addresses being rather like telephone numbers, then think of ports as extension numbers. In a company of any size, you generally wouldn’t expect the accounts department to share the same telephone with the technical department. Although their calls may all be related to the same company, they concern very different aspects of that company.

It is the same with IP network connections. Although you have only one network link into your computer and only one IP address (phone number), you are probably performing many different tasks through that one link, often at the same time. Thus, when you browse the web your outgoing requests and the incoming information are all channelled through port 80. When you send an email, it travels through port 25 and when you transfer files you are, without knowing it, using port 20.

At the “border crossing” between the wider Internet and every local network attached to it, there is a router that is usually combined with a firewall. One of its main tasks is to direct incoming traffic to the correct place within its local network. A key piece of information to help it do this is the port number:

Security issues with ports

The settings of port numbers become important when the AdderView CATx IP is situated behind a network firewall. In order for a remote VNC viewer or web browser to make contact with your AdderView CATx IP, it is necessary for the firewall to allow communication through a particular numbered port to occur.

One specific function of firewalls is to restrict access to ports in order to prevent malicious attackers using them as a route into your network. Every new port that is opened offers a new possibility for hackers and so the number of accessible ports is purposefully kept to a minimum. In such cases, it may be advantageous to change one or both AdderView CATx IP ports to use the same number. The other alternative is to place the AdderView CATx IP unit outside the firewall and take full advantage of its secure operation features – see Networking issues for details.

IMPORTANT: The correct configuration of routers and firewalls requires advanced networking skills and intimate knowledge of the particular network. Adder Technology cannot provide specific advice on how to configure your network devices and strongly recommend that such tasks are carried out by a qualified professional.

  

User accesses the company website at: 129.7.1.10 (this automatically uses port 80).

AdderView CATx IP has the local IP address: 192.168.0.3

User with VNC viewer accesses IP address: 129.7.1.10 (this automatically uses port 5900).

Router/firewall address: 129.7.1.10 Router is programmed to send port 5900 VNC traffic to local address 192.168.0.3 and port 80 web traffic to local address 192.168.0.42

Web server has the local

IP address: 192.168.0.42

 



103

Page 103 Page 105
Image 104
Page 103 Page 105
Contents AdderView CATx Contents Auto calibrate Re-synchronise mouseIndex Introduction AdderView CATx features front and rear Front panel buttonsWhat’s in the box What you may additionally needConnections MountingRack brackets Remote switching Control ConnectionsModem Multiple video Isdn port Head connections Cascading Multiple unitsLocal user To connect the local user portTo connect a remote user Remote user via X100/X200 extenderCable lengths for remote user locations Global user IP network port To connect the Global user IP network portComputer video compensation for details Computer system via CAMTo connect a computer system Modem/ISDN port To connect a modem or Isdn adapterPower in connection To connect the power supplyPower control port To connect and address the switch boxesSee also Cascading multiple unitsSystem, called Adder Port Direct How cascade connections operate Addressing computers in a cascade CA02To connect units in cascade Connecting AdderView CATx units in cascadeTips for successful cascading To test a specific link Using cascaded computersTesting specific links to cascaded computers Multiple video head connections Remote switching control Host computer port/channel Video offOverall initial configuration Configuration menus To access the configuration menu local and remote usersTo access the configuration menu global users HotkeysGeneral security and configuration steps Configuration menus layoutTo enable general security To set an Admin passwordTo create/edit user accounts Access to all computers Press Access to no computers PressRegistering users edit user list To create/edit computer entries Tips when creating/editing computer entriesRegistering computers edit computer list See Remote user skew adjustment for details Video compensationComputer video compensation To apply computer video compensationRemote user video compensation To display a suitable high contrast imageTo apply remote user video compensation If the image controls cannot provide a crisp imageRemote user skew adjustment To use skew adjustmentUsing the supplied skew pattern Creating a skew test patternNum Lock for Red, Caps Lock for Green To select an autoscan mode AutoscanningTo select an autoscan period To define an autoscan listTo transfer configuration settings Saving and restoring configuration settingsPreparations for configuration save/load To edit the configuration settings Hints for editingWhat to do if the Admin password has been forgotten To reset AdderView CATx modelsTo reset the AdderView CATx IP models Configuration screensWhich restore setting do I use? To restore mouse operation when hot pluggingHot plugging and mouse restoration Recognising an IntelliMouse-style mouseTo configure IP-specific settings Initial IP configurationTo use the initial IP-configuration sequence User Accounts IP configuration by global userTo configure IP details from a global user location Viewer encryption settings Encryption settingsAdderView CATx IP encryption settings Networking issues Positioning AdderView CATx IP in the networkAddressing Port settingsPlacing AdderView CATx IP behind a router or firewall To discover a DHCP-allocated IP address DNS addressingBy configuration page via viewer Placing AdderView CATx IP alongside the firewallEnsuring sufficient security PortsPower switching configuration Power control sequencesTo configure the power sequences for each host computer To control two or more ports simultaneouslyKvmadmin utility Kvmadmin command ip address parametersKvmadmin -getconfig kvm1.cfg Kvmadmin -setusers users.csvPerforming upgrades Items required to use the upgrade utilityUpgrading AdderView CATx models and CAMs To use the KVM Firmware Uploader utilitySelect the items to be upgraded Select the upgrade file to be usedCommence the upgrade Issues to consider when performing flash upgradesTo upgrade AdderView CATx IP models Upgrading AdderView CATx IP modelsAccessing the AdderView CATx Front panel controlsAdderView CATx models AdderView CATx IP modelsLocal and remote user access To gain access as a local or remote userTo select a computer using the front panel controls Selecting a computerTo select a computer using hotkeys Standard hotkeysAbove or for even longer cascaded computers Keep Pressed down until all other Numbers have been enteredTo select a computer using mouse buttons Advanced method To select a computer using the on-screen menuTo select a computer using mouse buttons Confirmation box Logging in and outSelecting cascaded computers To change banner colours or disable the banner To use the Routing status featureReminder banner Routing statusUser preferences and functions Power switching via configuration menuTo switch a computer on or off Global user access To download the VNC viewer Global user access via VNC viewerTo access via the VNC viewer Global user access via web browser To access via your web browserMenu bar Using the viewer windowWhen using the viewer window Configure Mouse pointersHost selection To select a hostAccess mode shared/private Power switching via viewerAuto calibrate Re-synchronise mouseSingle Mouse Mode ControlsMouse Control Resync MouseWhen entering codes Video SettingsKVM switch menu Keyboard ControlUsing automatic configurations Increased by 50% when a slow link is detectedSetting the Threshold manually System informationAccess via dial up modem or Isdn link If you need to enter a port numberTo initiate a dial up link To enter a port number in a Web browserViewer encryption settings Supported web browsersWindows LinuxTroubleshooting When logging on using VNC viewer, I cannot enter a usernameGetting assistance US +1 888 275Configure IP port Appendix 1 Configuration menusTo access the configuration menus Functions User Preferences Mouse Switching Autoscan ModeGlobal Preferences Screen SaverUser Timeout OSD Dwell TimeRS232 Mouse Type Mouse TypeSetup Options Keypad ControlsLanguage Exclusive UseSettings AUTO, Manual Automatic LogoutAudio Add ComputersDDC Source Settings AUTO, LOCAL, Default DDC Refresh Settings AT START, DisabledAdvanced Options DDC OptionsCountry Code Settings AUTO, MANUAL, Disabled Default CountrySetup Options Force Mode Settings DISABLED, EnabledConfigure IP port IP admin password, encryption settings, etcIP address, net mask, VNC port, etc Baud rate, initialisation string, etcUnit Configuration Network Configuration Modem Configuration Clearing IP access control Reset ConfigurationTo reset the AdderView CATx IP configuration What is IP access control?Appendix 2 Configuration pages via viewer To access the remote configuration pagesUser accounts Unit configuration Admin PasswordHardware Version Firmware VersionAdvanced unit configuration Time & date configuration Network configuration IP Access ControlIP Network Mask IP GatewaySetting IP access control To define a new IP access control entryTo reorder access control entries To edit/remove access control entriesModem port Serial port configurationPower control port Host configuration Erase Host ConfigurationAdd entry for unrecognised host To create a new host entryExamples Port/host addressing using Adder Port DirectAdder Port Direct Logging and status To copy and paste the logSyslog Server IP Address For further details To get hereAppendix 3 VNC viewer connection options Colour/EncodingAuto select Preferred encodingEnable all inputs Disable all inputs view-only modeInputs CustomiseScaling MiscDefaults Reload Defaults SaveIdentities Load / SaveAppendix 4 VNC viewer window options Security Appendix 5 Browser viewer optionsEncoding and colour level Appendix 6 Addresses, masks and ports IP addressesNet masks Want to know more?154 Net masks the binary explanationCalculating the mask for IP access control Single locationsAll locations Address rangesSecurity issues with ports PortsRS232 serial flash upgrade cable Appendix 7 Cable and connector specificationsPower switch to power switch daisy chain cable Multi-head synchronisation cable Creating macro sequences Appendix 8 Hotkey sequence codesPermissible key presses Appendix 9 Supported video modes General Public License Linux WarrantySafety information End user licence agreement Radio Frequency Energy European EMC directive 89/336/EECFCC Compliance Statement United States Canadian Department of Communications RFI statement111 Index 113 114
Top Page Image Contents