Tank Gauges and Security on the Internet
|
|
- Vernon Gerard Ellis
- 8 years ago
- Views:
Transcription
1 Tank Gauges and Security on the Internet by Jack Chadowitz CEO, Boston Base, Inc. This article discusses the security and risk aspects of using the Internet for communicating with a tank gauge. As the majority of tank gauges are manufactured by Veeder Root/Gilbarco, we will use the TLS 350 as an example. The reader can apply the principles to other gauges that require public IP addresses and port forwarding. History The TLS 350 was designed for RS232 (serial) communications at a maximum baud rate of 9600 bps. It s communications card rack can take up to 4 cards. Slot 4 is slightly different so some but not all cards can use slot 4. Over the years a variety of cards were available. The most typical cards are RS232, Fax/Modem and TCP/IP. All 3 cards use a UART to communicate with the gauge, the RS232 card has a 25pin female (DB25) connector, the Fax/Modem has a telephone jack and the TCP/IP card has a RJ45 connector. The Fax/Modem card is actually the RS232 card with a front end modem and the TCP/IP card is the RS232 card with a Lantronix Xport module that translates RS232 to TCP/IP. The underlying communication is serial communication which uses the protocol published in the Serial Communications Document freely available via a quick Google. The document describes the commands for both polling for information and making configuration changes to the gauge. The communications was designed 20 to 30 years ago for RS232 and relies on physical access protection to secure the communications to the gauge. Physical access protection means that if you prevent physical access to the gauge, you prevent access to the gauge information and prevent sending configuration commands to the gauge. A feeble attempt at protection is the password feature where each communications slot can be 1
2 programmed with its own 6 character password. Its feeble because if anyone sniffs the communication, the password is in plain view. Unlike the front panel password which limits by activity, this security is all or nothing. The communications design is suitable for onsite communications if the gauge and any equipment that is connected is physically secured. The Fax/Modem card allows communications over a telephone line. Without a password the gauge is open to the world if the telephone number is known. With a password, the password can be sniffed by tapping into the telephone line, much easier than gaining access to the gauge. To save money, many sites share a telephone line by using sticks or switches. A series of tones tell the switch to direct the call to the gauge. To gain access, a hacker can simply look up the store s general number and try some common codes. Fortunately, the use of Fax/Modem cards is declining. This is due to a few factors, the cost of a dedicated telephone line is now more than an Internet connection, shared lines are inconvenient for the store and the new telephone exchanges which are digital, cause problems with the low speed Fax/Modem cards. This is evidenced by the glut of old and new Fax/Modem cards on ebay. A Fax/Modem card which once cost $700+, is now available new on ebay at about $100 or less. Last is the TCP/IP card. This card is setup in the gauge in the same way as other cards but unlike the Fax/Modem which typically operates at 1200 or 2400 baud, the TCP/IP card runs at the maximum serial speed 9600 baud. As the gauge sees the TCP/IP card as a serial card, setup in the gauge is simple but the TCP/IP setup needs to be done externally using a computer. In addition the store router(s) (sometimes more than one) need to be specially configured for port forwarding. This setup requires strong networking skills and specialized training. (If you have never heard of the arp command don t bother to try setting up the card.) 2
3 TCP/IP Card Communications The TCP/IP card needs a static IP address and port forwarding settings in the router to allow external access to the gauge over the Internet. As Internet connections with static, also called public IP addresses, cost typically more than twice the cost of a basic connection, static addresses are rarely available at dealer locations. The store will have a temporary public IP address which will change at the whim of the ISP. This may happen as frequently as every time the modem is power cycled, or when the ISP changes something on their network. This causes a break in communications with the gauge, resulting in one or more expensive service calls. A Dynamic DNS service is sometimes a solution to the changing IP if the store router supports the Dynamic DNS feature. This is one more configuration activity that the technician must learn to perform inside the store router and one more configuration that must be maintained in someone else s equipment. Then a subscription to a Dynamic DNS service must be setup and maintained. ISP s now commonly provide telephone and other services as well as Internet connectivity. To support these services, the modem has been replaced with a modem/router box that can take the place of a store router. These boxes bring their own issues as they often don t support Dynamic DNS. Why should they support Dynamic DNS? By not supporting Dynamic DNS, the ISP s force the store to buy a more expensive service to get a static or public IP address. In addition the technicians now need access to the ISP supplied router and possibly also the store router to configure port forwarding. The router login information for the ISP and store routers is often not available. 3
4 The technician then has a choice, a second site visit with the hope that the login information will be available or simply reset the router to factory defaults and do the configuration. Resetting the router destroys any previous router settings so it may trigger a service call as any other equipment that depends on router configuration will now be broken. This is often the camera security system. The camera technician then resets the router and the gauge technician then gets called back causing an expensive self perpetuating circle. This is one of the reasons why the TCP/IP card has not penetrated the dealer market. $1,500 for a card with installation, and expensive service calls of $500 plus per year to maintain the communications, just to get dealer inventory is a strong disincentive. Accessing the Gauge over the Internet If the gauge, card, and store network has been successfully configured, the gauge information will be available via the Internet. In addition, the gauge may be also configured over the Internet. The gauge may be accessed for both reading and writing if the public IP address of the store and the port configured for the Lantronix XPort unit on the card is known. The gauge is on the Internet for the world to access if they know the public IP address and the port number. Its typically port and rarely changed. The XPort itself is programmed via port If port forwarding for port 9999 is setup in the local router, then the card can be programmed from anywhere on the Internet unless you password protect this access. Of course the default is no password. And then when you really need remote access to reconfigure the card because the network subnet has changed, the change will block access to reconfigure the card. 4
5 TCP/IP Card Internet Security The TCP/IP card provides no security for the gauge whatsoever! Its simply a TCP/IP to serial converter on a serial card. The same applies to solutions where an external TCP/IP to serial converter is added to a serial board. The gauge provides only the serial communications security which, if it is actually setup, shows the password in plain text to anyone who can sniff the communications. There is somewhat unintentional security inadvertently provided by the ISP s basic service and the need for port forwarding. Whenever the IP address changes or the port forwarding is lost, or the dynamic DNS fails, hackers are locked out in the same way as the actual users. (Hackers are forced to scan periodically to keep up to date.) Why worry about security? Does anyone care? Well, these days there are concerns about credit card information theft and the associated PCI regulations when sharing an Internet service with credit card processing. The good news is although the PCI folks may think differently, the open door to read and write gauge information is not an opportunity to steal credit card information. The inventory information may be useful to competing dealers or wholesalers, and tank testing results may be interesting to State inspectors, but hacking is driven by profit or terrorism and the penalties if caught are severe. So data stealing is not an issue. Security is important when considering tampering with gauge settings. Malicious tampering can wipe out the gauge memory resulting in a service call and in some cases a station shutdown. Sophisticated tampering can cause run outs and overfills. It can also generate tank test failures and alarms that can be expensive to resolve. 5
6 As an individual station or a small chain of stations, a targeted cyber attack on a store or small chain is unlikely and the perpetrator will likely be caught through an associated motive. But as a group, dealer locations which make up more than 60% of fueling locations will or already has become a tempting target for cyber terror as more of them become accessible over the Internet. About 5 years ago the oil companies began selling their stores. The oil companies had their own wide area networks, some using satellite. When these stores were sold they lost their communications networks. Many of these stores are now dealers who once made do with telephone modem connections. These are now being replaced by low cost, basic Internet connections as the price for basic Internet service has dropped. As these sites become Internet enabled, their suppliers will be adding the TCP/IP cards or serial to TCP/IP converters to get inventory information in spite of the cost and difficulties. As the number of Internet connected dealer locations increase, the attractiveness of these locations and the risk to national fuel logistics by cyber terrorists will increase. The cost of the TCP/IP card is dropping and solutions using the serial card and TCP/IP to serial conversion boxes are becoming more well known. This reduction in cost will increase the number of installations and consequently the risk of a cyber attack. How can security be added? There are a few ways to add security. An expensive, high maintenance solution suitable for chains uses a virtual private network (VPN). An organization s private network is extended to remote locations by piggybacking on the Internet. Devices at the remote site now become devices on the private network. This is not suitable for dealer locations because all devices at the 6
7 store are now on someone else s network. They are also expensive to install and maintain. Interestingly the secure Onsite360 solution from Gilbarco, the company that manufactures the TCP/IP card requires a VPN to the gauge in order to be secure. A better solution is Kachoolie. In the interests of full disclosure I freely admit that I have a vested interest in the Kachoolie solution. I invented Kachoolie to provide an alternative to the TCP/IP card or similar insecure solution. The goal was low cost for equipment and installation, a reliable connection and data and configuration security. Another rather poor solution is using the TCP/IP card and adding source IP authentication at the store router. The router will only accept communications from pre configured IP addresses. This is often the solution of choice by chains who use 3rd party software services but don t allow foreign entities on their WAN s. This is subject to source IP spoofing and relies on the router retaining the source IP authentication configuration. A router reset will destroy this protection along with the port forwarding. The chains who own and control access to their routers often have separate IP addresses for different functions at the store. This conforms with the PCI compliance requirements but does not make the gauge more secure. A drastic solution is to simply avoid using the TCP/IP card or a similar solution. The TCP/IP card requires a static IP address and an open port. Its like leaving a front door open and expecting no one to walk in. Anyone can walk in, look around and leave. And no one will know about it unless the router logs all visits and someone knows where to look. In technical terms this is as simple as a scan of popular ISP s IP addresses on port and logging any responses to the popular get inventory command. (The response typically returns the store location as well as inventory.) The visitor (hacker) can come back and do damage at will, now that they know how to access the gauge. They even know the gauge s location so that they can attack by geographical location. 7
8 How The Kachoolie Solution Provides protection The Kachoolie solution uses a serial card installed in the gauge (or an existing serial connection on some gauges) and a Kachoolie box that connects between the card and the local router. The Kachoolie box has no public IP address and no open incoming ports. Its like an invisible building that no one can see and it has no doors or windows that can be broken. Kachoolie calls out ONLY to the Kachoolie secure server and communicates through secure encrypted messages. The same encryption that banks use with their customers but with encryption certificates instead of inherently insecure passwords. This is point to point encrypted communication and is very different from a VPN where there is only network security once one is within the network. Users access information or send commands via the Kachoolie secure website. The Kachoolie website provides password protected encrypted communications for users to access their gauges. It also emulates the gauge so that users can continue using their current software or service. In this case the security between the software or service and the Kachoolie server is as good as provided by their software or service. We do mitigate the risk by adding source IP authentication and command type filtering. Source IP authentication means that we only allow communication from known sources for specific tank gauges. This provides some protection but even a mediocre hacker can spoof an IP. Command type filtering is stronger because we can filter or ignore any commands, especially those which can change gauge settings. What are the ramifications of ignoring security? The gauge data is of little value to cyber criminals unlike credit card information. The real risk is malicious or terrorist attacks that disrupt fuel logistics and cause expense to wholesalers, store owners and the companies that provide environmental compliance services. An attack 8
9 can affect all vulnerable stations or just those in a targeted region. The attack can be disguised as a genuine problem at a site, an erroneous full tank report or an erroneous empty tank report. The attack can simply erase the tank gauge memory. These attacks can use the set (S) type commands that are openly published or the undocumented commands which are easy to find. Attacks in the future will occur. its rumored that least one malicious attack has already occurred but was not publicized. And as the vulnerability still exists, then in the society we live in, blame and liability will be assigned for the substantial damages. Who would be held liable and for what? The wholesaler who paid for and installed the TCP/IP card? The card manufacturer, the card distributor or the installer. Or who has the biggest pockets? The link below hints that companies, especially in the energy field could be liable for damages from cyber attacks if they ignore Federal Guidelines. guidelines could leave energy companies lia ble/ The article states The energy industry is among the most targeted by cyberattacks, with 40 percent of all hacks in 2012 aimed at energy companies, according to the Department of Homeland Security. As protection is added to large strategic energy installations, gas stations as a group will become the easy unprotected target for cyber attacks. 9
PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications
PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications PC/POLL SYSTEMS supports native TCP/IP polling for the SPS2000 cash register. It is recommended users have the register updated
More informationVPN vs Port Forwarding
VPN vs Port Forwarding VPN vs Port Forwarding: Which Method is best for delivering Remote Access to home or Small Office Networks Martin Boulter, Luxul Customer Services Manager Installers of home and
More informationNETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9
NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document
More informationCrow Limited Warranty. Print Version 017
Crow Limited Warranty (Crow) warrants this product to be free from defects in materials and workmanship under normal use and service for a period of one year from the last day of the week and year whose
More informationMcAfee.com Personal Firewall
McAfee.com Personal Firewall 1 Table of Contents Table of Contents...2 Installing Personal Firewall...3 Configuring Personal Firewall and Completing the Installation...3 Configuring Personal Firewall...
More informationDesigning AirPort Extreme Networks
Designing AirPort Extreme Networks Contents 1 Getting Started 5 About AirPort 5 How AirPort Works 6 How Wireless Internet Access Is Provided 6 Configuring AirPort Extreme Base Station Internet Access
More information9 Simple steps to secure your Wi-Fi Network.
9 Simple steps to secure your Wi-Fi Network. Step 1: Change the Default Password of Modem / Router After opening modem page click on management - access control password. Select username, confirm old password
More informationConnecting the DG-102S VoIP Gateway to your network
Contents of Package: DG-102S VoIP Station Gateway Power adapter CD-ROM, including User s Manual Quick Install Guide Requirements: RS-232 Console Cable Two RJ-45 CAT-5 Straight-Through Cables For more information
More informationChapter 2 Introduction
Chapter 2 Introduction This chapter describes the features of the NETGEAR 54 Mbps Wireless ADSL Modem Router Model DG834G. The Wireless ADSL Modem Router is a combination of a built-in ADSL modem, ADSL
More informationHow to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client
How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client Make sure your DI-804HV or DI-808HV is running firmware ver.1.40 August 12 or later. You can check firmware version
More informationFirewall VPN Router. Quick Installation Guide M73-APO09-380
Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,
More informationMulti-Homing Dual WAN Firewall Router
Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet
More informationRemotelyAnywhere. Security Considerations
RemotelyAnywhere Security Considerations Table of Contents Introduction... 3 Microsoft Windows... 3 Default Configuration... 3 Unused Services... 3 Incoming Connections... 4 Default Port Numbers... 4 IP
More informationFigure 1. The Motorola SB4200 cable modem
Setting Up a Home Wireless Network What You Need If you're still using a dial-up modem to access the Internet, it's time to consider broadband. Depending on where you live, you can either opt for a cable
More informationZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004
ZyWALL 5 Internet Security Appliance Quick Start Guide Version 3.62 (XD.0) May 2004 Introducing the ZyWALL The ZyWALL 5 is the ideal secure gateway for all data passing between the Internet and the LAN.
More informationIP Link Best Practices for Network Integration and Security. Introduction...2. Passwords...4 ACL...5 VLAN...6. Protocols...6. Conclusion...
IP Link Best Practices for Network Integration and Security Table of Contents Introduction...2 Passwords...4 ACL...5 VLAN...6 Protocols...6 Conclusion...9 Abstract Extron IP Link technology enables A/V
More informationQuick Installation Guide DSL-2750U/NRU. 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch
DSL-2750U/NRU 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch BEFORE YOU BEGIN Delivery Package Router DSL-2750U/NRU Power adapter RJ-11 telephone cable Straight-through Ethernet cable (CAT 5E)
More informationUsing a VPN with Niagara Systems. v0.3 6, July 2013
v0.3 6, July 2013 What is a VPN? Virtual Private Network or VPN is a mechanism to extend a private network across a public network such as the Internet. A VPN creates a point to point connection or tunnel
More informationComtrend 4 Port Router Installation Guide CT-5361T
Comtrend 4 Port Router Installation Guide CT-5361T 1 Installing Access Point s DSL Service with a Comtrend Router Thank you for selecting Access Point, Inc. to be your Internet service provider. This guide
More information12 Security Camera System Best Practices - Cyber Safe
12 Security Camera System Best Practices - Cyber Safe Dean Drako, President and CEO, Eagle Eye Networks Website version of white paper Dean Drako video introduction for cyber security white paper Introduction
More informationChapter 8 Router and Network Management
Chapter 8 Router and Network Management This chapter describes how to use the network management features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. These features can be found by
More informationFirewalls for small business
By James Thomas DTEC 6823 Summer 2004 What is a firewall? Firewalls for small business A firewall is either hardware, software or a combination of both that is used to prevent, block or should I say try
More informationPrestige 324. Prestige 324. Intelligent Broadband Sharing Gateway. Version 3.60 January 2003 Quick Start Guide
Prestige 324 Intelligent Broadband Sharing Gateway Version 3.60 January 2003 Quick Start Guide 1 Introducing the Prestige The Prestige is a broadband sharing gateway with a built-in four-port 10/100 Mbps
More informationPrestige 324 Quick Start Guide. Prestige 324. Intelligent Broadband Sharing Gateway. Version V3.61(JF.0) May 2004 Quick Start Guide
Prestige 324 Intelligent Broadband Sharing Gateway Version V3.61(JF.0) May 2004 Quick Start Guide 1 1 Introducing the Prestige The Prestige is a broadband sharing gateway with a built-in four-port 10/100
More informationSmart Telephone System
IG7600 Smart Telephone System Quick Installation Guide Copyright 2013, All Rights Reserved. Ver11140311 IG7600 Smart Telephone System Quick Installation Guide Powering up 1. Plug the IG7600 in and allow
More informationInformation Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need
More informationSecure Your Home Computer and Router. Windows 7 Abbreviated Version. LeRoy Luginbill, CISSP
Secure Your Home Computer and Router Windows 7 Abbreviated Version LeRoy Luginbill, CISSP TABLE OF CONTENTS Introduction... 2 Getting Ready... 5 Page 1 of 10 Introduction By giving the Introduction and
More informationGigabit Multi-Homing VPN Security Router
As Internet becomes essential for business, the crucial solution to prevent your Internet connection from failure is to have more than one connection. PLANET is a ideal to help the SMBs increase the broadband
More informationSTRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction
Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,
More informationSCS3205/4805 Quick Start Guide
Secure Console Server Quick Start Guide 2003 Copyright Lantronix is a trademark of Lantronix. All rights reserved. 900-287 Rev. B 8/03 QUICK START CONTENTS System Overview.......................................................2
More informationChapter 7 Troubleshooting
Chapter 7 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe VPN Firewall 200. After each problem description, instructions are provided to help you diagnose and
More informationTera Term Telnet. Introduction
Tera Term Telnet Introduction Starting Telnet Tera Term is a terminal emulation program that enables you to log in to a remote computer, provided you have a registered account on that machine. To start
More informationSecurity. CLOUD VIDEO CONFERENCING AND CALLING Whitepaper. October 2015. Page 1 of 9
Security CLOUD VIDEO CONFERENCING AND CALLING Whitepaper October 2015 Page 1 of 9 Contents Introduction...3 Security risks when endpoints are placed outside of firewalls...3 StarLeaf removes the risk with
More informationDirected Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM
Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring A White Paper from the Experts in Business-Critical Continuity TM Executive Summary With continued efforts to reduce overhead,
More information2 Setting Up the Hardware for a Wired Ethernet Network... 13. 3 Setting Up the Software for an Ethernet Network... 21
Contents 1 Networking Basics............................................... 1 Selecting a network connection........................................ 2 Wired Ethernet network...........................................
More informationEthernet. Customer Provided Equipment Configuring the Ethernet port.
Installing the RDSP-3000A-NIST Master Clock. Ethernet Connect the RJ-45 connector to a TCP/IP network. Equipment The following equipment comes with the clock system: RDSP-3000A-NIST Master Clock Module.
More informationCONTENTS. PCI DSS Compliance Guide
CONTENTS PCI DSS COMPLIANCE FOR YOUR WEBSITE BUILD AND MAINTAIN A SECURE NETWORK AND SYSTEMS Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not
More informationActiontec GT784WN Router
Table of Contents General Information...1 Verify Computer Settings...1 Router Installation...3 Configuring Your Router...3 Configuring Your Computer...7 Configuring Your Email...9 General Information Router
More informationQuick Installation Guide DSL-2750U. 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch
DSL-2750U 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch BEFORE YOU BEGIN Delivery Package Router DSL-2750U Power adapter DC 12V/1A RJ-11 telephone cable Ethernet cable (CAT 5E) Splitter (brochure).
More information8 Steps for Network Security Protection
8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because
More informationLevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0
LevelOne FBR-1430 VPN Broadband Router, 1W 4L User Manual V1.0 Table of Contents CHAPTER 1 INTRODUCTION... 1 VPN BROADBAND ROUTER FEATURES... 1 Internet Access Features... 1 Advanced Internet Functions...
More information8 Steps For Network Security Protection
8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their
More informationChapter 4 Managing Your Network
Chapter 4 Managing Your Network This chapter describes how to perform network management tasks with your ADSL2+ Modem Wireless Router. Backing Up, Restoring, or Erasing Your Settings The configuration
More informationMore effective protection for your access control system with end-to-end security
More effective protection for your access control system with end-to-end security By Jeroen Harmsen The first article on end-to-end security appeared as long ago as 1981. The principle originated in ICT
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationTCP/IP MODULE CA-ETHR-A INSTALLATION MANUAL
TCP/IP MODULE CA-ETHR-A INSTALLATION MANUAL w w w. c d v g r o u p. c o m CA-ETHR-A: TCP/IP Module Installation Manual Page Table of Contents Introduction...5 Hardware Components... 6 Technical Specifications...
More informationProtecting the Palace: Cardholder Data Environments, PCI Standards and Wireless Security for Ecommerce Ecosystems
Page 1 of 5 Protecting the Palace: Cardholder Data Environments, PCI Standards and Wireless Security for Ecommerce Ecosystems In July the Payment Card Industry Security Standards Council (PCI SSC) published
More informationSetting up VPN connection: DI-824VUP+ with Windows PPTP client
Setting up VPN connection: DI-824VUP+ with Windows PPTP client DI-824VUP+ (firmware 1.03 or higher) LAN IP: 192.168.0.1 Subnet Mask: 255.255.255.0 WAN IP: 203.111.91.1 Subnet Mask: 255.255.255.252 Default
More informationComtrend 1 Port Router Installation Guide CT-5072T
Comtrend 1 Port Router Installation Guide CT-5072T 1 Installing Access Point s DSL Service with a Comtrend Router Thank you for selecting Access Point, Inc. to be your Internet service provider. This guide
More informationH.323 / SIP VoIP Gateway VIP GW. Quick Installation Guide
H.323 / SIP VoIP Gateway VIP GW Quick Installation Guide Overview This quick installation guide describes the objectives; organization and basic installation of the PLANET VIP-281/VIP-480/VIP-880/VIP-1680/VIP-2480
More informationUsing a VPN with CentraLine AX Systems
Using a VPN with CentraLine AX Systems User Guide TABLE OF CONTENTS Introduction 2 What Is a VPN? 2 Why Use a VPN? 2 How Can I Set Up a VPN? 2 Important 2 Network Diagrams 2 Network Set-Up with a VPN 2
More information801.11n Wireless Broadband Router
801.11n Wireless Broadband Router WNRT-626 Quick Installation Guide Table of Contents Hardware Installation... 4 Web Configuration... 6 Further Configuration... 8 Thank you for purchasing PLANET 801.11n
More informationQuick Installation Guide DAP-1360. Wireless N 300 Access Point & Router
DAP-1360 Wireless N 300 Access Point & Router BEFORE YOU BEGIN Delivery Package Access point DAP-1360 Power adapter DC 12V Ethernet cable (CAT 5E) (brochure). If any of the items are missing, please contact
More informationFor extra services running behind your router. What to do after IP change
For extra services running behind your router. What to do after IP change This guide is for customers who meet the following conditions: - Customers who have moved from a TPG Layer 3 plan to a TPG Layer
More informationChapter 4 Customizing Your Network Settings
. Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the Wireless-G Router Model WGR614v9, including LAN, WAN, and routing settings. It
More informationAlmond. Quick Setup Guide
Almond Quick Setup Guide 2 Contents 1 Introduction 1.1 Getting to know your Almond 2 Connecting your Almond as a Range Extender (Repeater) 3 Connecting your Almond as a Router 3.1 Using your Almond with
More informationBroadband Router ALL1294B
Broadband Router ALL1294B Broadband Internet Access 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION... 1 Broadband Router Features... 1 Package Contents... 3 Physical Details...
More informationRemote Access Securing Your Employees Out of the Office
Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction
More informationSteltronic Focus. Main Desk Internet connection
Steltronic Focus Main Desk Steltronic S.p.A. Via Artigianale 34, 25082 Botticino Sera Brescia - Italy Tel: +39 030 2190811 fax: +39 030 2190798 Service: + 39 030 2190830 http: www.steltronic.com Service:
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationNETWORK SET UP GUIDE FOR
NETWORK SET UP GUIDE FOR USZ11ZS USX21ZS USX31ZAND DVRX16D DVRX32D HDDX13D SUPPORTING ROUTER D-Link Linksys NETGEAR BELKI IP Addresses on the Internet When you connect to the Internet, through dialup connection,
More informationUsing a Firewall General Configuration Guide
Using a Firewall General Configuration Guide Page 1 1 Contents There are no satellite-specific configuration issues that need to be addressed when installing a firewall and so this document looks instead
More informationT.38 fax transmission over Internet Security FAQ
August 17, 2011 T.38 fax transmission over Internet Security FAQ Give me a rundown on the basics of T.38 Fax over IP security. Real time faxing using T.38 SIP trunks is just as secure as sending faxes
More informationMN-700 Base Station Configuration Guide
MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station
More informationPrestige 202H Plus. Quick Start Guide. ISDN Internet Access Router. Version 3.40 12/2004
Prestige 202H Plus ISDN Internet Access Router Quick Start Guide Version 3.40 12/2004 Table of Contents 1 Introducing the Prestige...3 2 Hardware Installation...4 2.1 Rear Panel...4 2.2 The Front Panel
More informationA More Secure and Cost-Effective Replacement for Modems
A More Secure and Cost-Effective Replacement for Modems Lantronix, Inc. 15353 Barranca Parkway Irvine, CA 92618 Tel: +1 (800) 422-7055 Fax: +1 (949) 450-7232 www.lantronix.com Abstract For companies, service
More informationyour Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Configuring Installing
your Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Installing Configuring Contents 1 Introduction...................................................... 1 Features...........................................................
More informationGigabit Content Security Router
Gigabit Content Security Router As becomes essential for business, the crucial solution to prevent your connection from failure is to have more than one connection. PLANET is the Gigabit Content Security
More informationBiPAC 7404V series. VoIP/(802.11g) ADSL2+ (VPN) Firewall Router. Quick Start Guide
BiPAC 7404V series VoIP/(802.11g) ADSL2+ (VPN) Firewall Router Quick Start Guide VoIP/(802.11g) ADSL2+ (VPN) Firewall Router For more detailed instructions on configuring and using the Billion VoIP/(802.11g)
More information13 Ways Through A Firewall
Industrial Control Systems Joint Working Group 2012 Fall Meeting 13 Ways Through A Firewall Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright
More informationQuick Installation Guide
0, Total 18 Quick Installation Guide Sep, 2013 1, Total 18 Thank you for purchasing Enterprise High Gain Outdoor CPE. This manual will instruct you how to configure and manage this CPE, enable you to use
More informationINTRODUCTION FEATURES OF THE ICM
INTRODUCTION The ICM, Internet Control Module, is a remote controller device accessible via the Internet that allows operational access to the IPS (and other base units available). Through the ICM you
More informationConfiguring Routers and Their Settings
Configuring Routers and Their Settings When installing a router on your home network the routers settings are usually defaulted to automatically protect your home, and simplify setup. This is done because
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationGauge Drawing Tool... 8. Slider Drawing Tool... 8. Toggle Button Drawing Tool... 8. One-Way List Drawing Tool... 8
v. 20120510 Table of Contents RTiPanel Overview and Requirements... 3 Software Requirements:... 3 Hardware Requirements:... 3 Network Requirements:... 3 Licensing Requirements:... 4 Basic Integration Designer
More informationIP Power Stone 4000 User Manual
IP Power Stone 4000 User Manual Two Outlet Remote AC Power Controller Multi Link, Inc. 122 Dewey Drive Nicholasville, KY 40356 USA Sales and Tech Support 800.535.4651 FAX 859.885.6619 techsupport@multi
More informationGV-Data Capture V3 Series User's Manual
GV-Data Capture V3 Series User's Manual Before attempting to connect or operate this product, please read these instructions carefully and save this manual for future use. 2006 GeoVision, Inc. All rights
More informationVoice Over Internet Protocol (VoIP) Configuration
(VoIP) Configuration ENGINEERING REPORT No: 02-003 Introduction This report describes interfacing the IPCS VoIP Gateway Model EGW-902 to an ESTeem Model 192E Wireless Ethernet radio modem in a demonstration
More informationHalf Bridge mode }These options are all found under Misc Configuration
Securing Your NB1300 - Once connected. There are eleven areas that need your attention to secure your NB1300 from unauthorised access - these areas or features are; Physical Security Admin Password User
More informationChapter 6 Using Network Monitoring Tools
Chapter 6 Using Network Monitoring Tools This chapter describes how to use the maintenance features of your Wireless-G Router Model WGR614v9. You can access these features by selecting the items under
More informationNote: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.
Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. CHAPTER 5 OBJECTIVES Configure a router with an initial configuration. Use the
More informationSweex Wireless BroadBand Router + 4 port switch + print server
Sweex Wireless BroadBand Router + 4 port switch + print server Advantages Internet Sharing - A broadband internet connection makes it possible for several PCs to use the internet simultaneously. Wireless
More informationVantage RADIUS 50. Quick Start Guide Version 1.0 3/2005
Vantage RADIUS 50 Quick Start Guide Version 1.0 3/2005 1 Introducing Vantage RADIUS 50 The Vantage RADIUS (Remote Authentication Dial-In User Service) 50 (referred to in this guide as Vantage RADIUS)
More informationMeraki MX50 Hardware Installation Guide
Meraki MX50 Hardware Installation Guide January 2011 Copyright 2010, Meraki, Inc. www.meraki.com 660 Alabama St. San Francisco, California 94110 Phone: +1 415 632 5800 Fax: +1 415 632 5899 Copyright: 2010
More informationSecuring your Linksys WRT54G
Securing your Linksys WRT54G Abstract Current implementations of the 802.11b and 802.11g wireless LAN standards have several potential pitfalls for security. However, built in security mechanisms in these
More informationConnecting to the Internet. LAN Hardware Requirements. Computer Requirements. LAN Configuration Requirements
Connecting to the Internet LAN Hardware Requirements Computer Requirements LAN Configuration Requirements Installation Performed by Time Warner Cable Technician Connecting via Ethernet Connecting via USB
More informationChapter 2 Preparing Your Network
Chapter 2 Preparing Your Network This document describes how to prepare your network to connect to the Internet through a router and how to verify the readiness of your broadband Internet service from
More information3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T+ 485+ PIN6 T- 485- PIN7 R+ PIN8 R-
MODEL ATC-2004 TCP/IP TO RS-232/422/485 CONVERTER User s Manual 1.1 Introduction The ATC-2004 is a 4 Port RS232/RS485 to TCP/IP converter integrated with a robust system and network management features
More informationFI8910W Quick Installation Guide. Indoor MJPEG Pan/Tilt Wireless IP Camera
Model: FI8910W Quick Installation Guide (For Windows OS) (For MAC OS please go to page 17) Indoor MJPEG Pan/Tilt Wireless IP Camera Black White Package Contents IP Camera FI8910W with IR-Cut.x 1 DC Power
More information1 Getting Started. Before you can connect to a network
1 Getting Started This chapter contains the information you need to install either the Apple Remote Access Client or Apple Remote Access Personal Server version of Apple Remote Access 3.0. Use Apple Remote
More informationCisco CCNA Optional Semester 4 Labs Wide Area Networking LAB 1 T1 TSU WAN LINK OVERVIEW - Instructor Guide (Estimated time: 30 minutes)
CNAP @ VCC 1 of 8 LAB 1 T1 TSU WAN LINK OVERVIEW - Instructor Guide (Estimated time: 30 minutes) Objectives: Understand the function of a T1 Service Unit (TSU) in network telecommunications Connect routers
More informationShield Pro. Quick Start Guide
Shield Pro In the box: Power Adapter Shield Network Cables Let s get started! Before installing Shield you will first need to determine which operating mode best fits your needs. To help with this process,
More informationStudent Halls Network. Connection Guide
Student Halls Network Connection Guide Contents: Page 3 Page 4 Page 6 Page 10 Page 17 Page 18 Page 19 Page 20 Introduction Network Connection Policy Connecting to the Student Halls Network Connecting to
More information802.11n Wireless Broadband Router WNRT-625
802.11n Wireless Broadband Router WNRT-625 Quick Installation Guide Table of Contents Introduction... 3 Package Content... 4 Hardware Installation... 5 Web Configuration... 8 Further Configuration...11
More informationARP and DNS. ARP entries are cached by network devices to save time, these cached entries make up a table
ARP and DNS Both protocols do conversions of a sort, but the distinct difference is ARP is needed for packet transfers and DNS is not needed but makes things much easier. ARP Address Resolution Protocol
More informationA brief on Two-Factor Authentication
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
More informationPCI Security Scan Procedures. Version 1.0 December 2004
PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting
More informationFigure 1 - T1/E1 Internet Access
Page 1 of 17 TECH NOTE Configuring T1 and E1 Internet Access in AOS Overview This guide explains how to configure an Adtran Operating System (AOS) router for T1/E1 Internet access. You should use this
More informationAlliance 8300 Administration Manual and Operation Guide
Alliance 8300 Administration Manual and Operation Guide P/N 1068767 REV 4.0 ISS 26JUL11 Copyright Trademarks and patents Manufacturer Certification Contact information Customer support 2011 UTC Fire &
More information