Vykoristovuёmo KVM for the creation of virtual machines on the server. KVM - How to hack through a web interface? Kvm virtualization installation

Golovna / Contacts

KVM or Kernel Virtual Module is a virtualization module for the Linux kernel, which allows you to turn your computer into a hypervisor for virtual machines. This module works on equal kernels and supports such hardware acceleration technologies as Intel VT and AMD SVM.

By itself, the software security of KVM in the open space does not virtualize anything. The custom file /dev/kvm is free to set up virtual address spaces for the guest machine in the kernel. The leather guest machine has its own video card, and that sound card, hard drive that other possession.

Also, the guest system cannot access the components of the real operating system. The virtual machine wins over to the surface of the isolated space. You can tweak KVM both on systems with a graphical interface and on servers. This article shows how to install kvm Ubuntu 16.04

Before that, go to the very KVM installations You will need to change what your processor supports in terms of hardware accelerated virtualization from Intel-VT or AMD-V. For which type the following command:

egrep -c "(vmx|svm)" /proc/cpuinfo

If the result will be rotated 0 - it means your processor does not support hardware virtualization, if it is 1 or more - then you can beat KVM on your machine.

Now we can go to the installation of KVM, typing the program can be taken directly from the official repositories:

sudo apt install qemu-kvm libvirt-bin bridge-utils virt-manager cpu-checker

We installed not only the kvm utility, but also the libvirt library, as well as the manager virtual machines. Once the installation is complete, you need to add your root to the libvirtd group so that only root and root groups can root KVM virtual machines:

sudo gpasswd -a KORISTUVACH libvirtd

After vykonannya tsієї commands to see out of the system and see again. Dali, let's check that everything was installed correctly. For which, run the kvm-ok command:

INFO: /dev/kvm exists
KVM acceleration can be used

If everything was set up correctly, then you will be the same reminder.

KVM wiki in Ubuntu 16.04

You ran into the trouble of installing kvm in Ubuntu, but you still can't beat the virtualization middleware, but you still need to tweak it. Let's take a look at how kvm Ubuntu works. On the back, it is necessary to adjust the merezh. We need to create a place, for the help of such a virtual machine, connect to a computer.

Bridging in NetworkManager

It is possible to work in a number of ways, for example, you can win the networkmanager configuration program.

Click the NetworkManager icon on the panel and select change the day, then press the button Add:

Let's choose the type of order Mist and press Create:

At the window, press the button Add, to connect our place from the connection to the Internet:

Select from the list ethernet and press Create:

At the next vіknі choose a field attachment, mesh interface, with which we should connect our site:

Now on the list merezhy connection you bachite your place. I’ve lost the re-vantaging of the mesh, so that I’ll zastosuvat the change again, for whom I’ll vikoite:

Bridge by hand

It is necessary to install the bridge-utils set of utilities, because most of it was not broken:

sudo apt install bridge-utils

Let's help with the help of the brctl program, we can create the place we need. For which wick, use the following commands:

sudo brctl addbr bridge0
$ sudo ip addr show
$ sudo addif bridge0 eth0

The first command adds an extension to the bridge br0, for the help of another you need to designate which interface is the main connection to the outer boundary, in my case eth0. І for the help of the rest of the commands, we call the place br0 from eth0.

Now it is necessary to add a sprinkling of rows at the installation of the fence, so that everything will be done automatically after the system starts. For this, open the /etc/network/interfaces file and add the following rows:

sudo gedit /etc/network/interfaces

loopback
auto lo bridge0
iface lo inet loopback
iface bridge0 inet dhcp
bridge_ports eth0

If the fixing will be added, re-vandage the measure:

sudo systemctl restart networking

Now the installation and setup of KVM is completed again, and you can create your first virtual machine. If so, you can look at the available options for an additional command:

A collection of KVM virtual machines

The Ubuntu KVM installation is now complete and we can now move on to the wiki. Let's take a quick look at the list of already known virtual machines:

virsh -c qemu:///system list

The wine is empty. You can create a virtual machine through the terminal or at the graphical interface. To install via the terminal, type the virt-install command. From the beginning, let's go to the libvirt folder:

cd /var/lib/libvirt/boot/

To install CentOS, the command looks like this:

sudo virt-install \
--virt-type=kvm \
--name centos7\
--ram 2048\
--vcpus=2 \
--os-variant=rhel7\
--hvm\
--cdrom=/var/lib/libvirt/boot/CentOS-7-x86_64-DVD-1511.iso \
--network=bridge=br0,model=virtio \
--graphics vnc\
--disk path=/var/lib/libvirt/images/centos7.qcow2,size=40,bus=virtio,format=qcow2

Let's take a look at what the command parameters mean:

virt-type- type of virtualization, at times kvm;
name- Name of a new car;
ram- amount of memory in megabytes;
vcpus- number of processor cores;
os-variant- Type of operating system;
cdrom - current image systems;
network-bridge- Merezhevy mist, which we built earlier;
graphics- way to get access to the graphical interface;
diskpath- addresses of the new hard drive for a virtual machine;

After the installation of the virtual machine is completed, you can find out the parameters of the connection via VNC using the additional command:

sudo virsh vncdisplay centos7

Now you can enter the withdrawn data from your VNC client and connect to the virtual machine Navigate away. For Debian, the command is a trifle different, but everything looks the same:

Go to the folder for images:

cd /var/lib/libvirt/boot/

You can download the installation image from the Internet, if necessary:

sudo wget https://mirrors.kernel.org/debian-cd/current/amd64/iso-dvd/debian-8.5.0-amd64-DVD-1.iso

Let's create a virtual machine:

sudo virt-install \
--virt-type=kvm \
--name=debina8 \
--ram=2048 \
--vcpus=2 \
--os-variant=debian8 \
--hvm\
--cdrom=/var/lib/libvirt/boot/debian-8.5.0-amd64-DVD-1.iso \
--network=bridge=bridge0,model=virtio \
--graphics vnc\
--disk path=/var/lib/libvirt/images/debian8.qcow2,size=40,bus=virtio,format=qcow2

Now let's see the list of available machines again:

virsh -c qemu:///system list

To start a virtual machine, you can type the following command:

sudo virsh start hostname

For the zipper:

sudo virsh shutdown hostname

To put into sleep mode:

sudo virsh suspend hostname

For a reboot:

sudo virsh reboot hostname

sudo virsh reset hostname

For total withdrawal virtual machines:

sudo virsh destroy hostname

Creation of virtual machines at the GUI\

Since you have access to the graphical interface, there is no need to disable the terminal, you can disable the full graphical interface of the Virtual Manager virtual machine manager. The program can be launched from the main menu:

To create a new machine, click on the end with the monitor icon. You will then need to select an ISO image of your system. You can also copy a real CD/DVD drive:

On the next screen, select the amount of memory that will be available for the virtual machine, as well as the number of processor cores:

On this screen, you need to select the size of the hard drive, which will be available on your machine:

At the remaining stage of the master, you will have to check the correctness of the machine, and also enter the її im'ya. It is also necessary to indicate the next location, through which machine you can connect to the edge:

On the next day, the car will be ready before the appointment, and it will show up at the list. You can run її for the help of the green tricoutnik on the manager's toolbar.

Visnovki

In these articles, we looked at how to install KVM Ubuntu 16.04, figured out how to properly prepare the middle to work, and also how to create a virtual machine and beat them. If you are out of food, ask in the comments!

At the end of the lecture from Yandex about those who are virtualization in Linux:

I've tried a lot of web management interface, and not from them I've been doing good, like virt-manager.

You know, I'm one of the quiet guys, like VMware was before, where 90% of the management clicks.

My meals:

1) Why is the CLI utility “interactive”, for example, mc (pivnochi commander) so how do you manage KVM? (ON / OFF VM, increase memmory, restart virtual machines, add virtual ownership, add new disks then)

2) Can you recommend me a web based interface for KVM on debian squeeze? Have you downloaded the VMware 2 server? Basic web management. I know what was right, but it's okay, if you see it without a terminal. (For example, on Android with a web browser) I've tried a lot of them, but nothing, I've tried and tried.

5) How to improve KVM security? Can you solve this problem with the same web interface? (for example, appearance, keruvannya with coristuvachi?)

I know there is a google, wiki, a long list of KVM interfaces, but I need some ideas, expert advice, or KVM hacks. I spodіvayus, tse not like a bad food. Due to all for the help on my request.

5 Solutions collect form web for “KVM – How to hack through a web interface?”

For a KVM web manager, you can try Proxmox. Instructions for Debian Squeeze are here.

Vіn maє іinstrumenti command line, rather than text-based base menus.

You are guilty of making small in the middle and try її. Let's create a goal and realize it.

For whom there is no exact guide / assistant. The number of KVM server/client that can be recycled depends on how much resources (cpu/ram/storage) are available.

Well, I know, why lie in the middle of your place, and why bagatosharov / outbuildings, for example. routers, firewall, ip tables, password policy, access policy, etc. I don't know any gui, web base or anything that can handle all of them, including KVM. (OK, є hmara, but I can’t tell you about zim vzagali)

We tried Kimchi? We are the best choice for those who need to enter a valid code on KVM and sponsor IBM.

Vіdmova vіdpovіdalnostі: I vzagali not є affiliated special z Kimchi. I just like yoga friendliness.

Experts wicking CLI. Chi is not a GUI. Name correctly for Windows administrators to inform them.

Hi, graphic interface still pokraschuyutsya, ale scripts, scho self-recording, shvidshe and slacken those you want.

Boost KVM Productivity? Vikin tse.

It's more like a tight fit of the XEN-PV expert. Only LXC (or other containers) or chroot-based solution is better.

Help from the installation of KVM may not be reported, but we would like to give you an idea or give an idea about the installation process.

New KVM on the level of business and management of the AV / IT system under the name Boxilla, in a way, a complex and centralized command center, which ensures maximum productivity, simplicity vikoristannya that bezpeku.

It secures the ability to manage high performance KVM, KVM over IP, virtualized endpoints and various AV/IT devices in one centralized command center, allowing administrators to manage both KVM and AV/IT ports with a variety of hardwired web routers. You can find out about tse vi here: https://www.blackbox.co.uk/gb-gb/page/37929/Solutions-Industries/Technology-Products/KVM-Switching-and-Extension/Centralised-KVM-AV-Manager -boxilla

I am writing this note in order to demonstrate the pokrokov installation and setup of a virtual machine in Linux based on KVM. Earlier, I already wrote about virtualization, de victorious miracle film.

Immediately before me was the food orendi of a good server with a great commitment operational memory and a large hard drive. But I don’t want to run projects directly on the host machine, so I’ll split them up on okremi small virtual servers with Linux OS or docker containers (we’ll talk about them in another article).

Most of today's gloomy hostings follow this very principle, tobto. a hoster on a good platform brings up a bunch of virtual servers, which we call VPS/VDS, and distribute them to our clients or automate the process (hello, DigitalOcean).

KVM (kernel-based virtual machine) software security for Linux, based on hardware x86-sum processors for work with Intel VT/AMD SVM virtualization technology.

KVM Installation

All manipulations with the creation of a virtual machine are carried out on Ubuntu 16.04.1 LTS OS. In order to reverse engineer your hardware virtualization process based on Intel VT/AMD SVM, we can:

Grep-E "(vmx | svm)" /proc/cpuinfo

If the terminal is not empty, then everything is in order and KVM can be installed. Ubuntu officially promotes only the KVM hypervisor (to enter the Linux kernel warehouse) and to win the libvirt library as a management tool, which we will work further.

You can also convert hardware virtualization in Ubuntu with the help of the command:

At the time of success, you will succumb to kshtalt tsgogo:

INFO: /dev/kvm exists KVM acceleration can be used

Install packages for robots with KVM:

sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils

If you have access to the system's graphical shell, you can install the libvirt GUI manager:

sudo apt-get install virt-manager

It's easy to install virt-manager (it's not as easy as VirtualBox), so in this article about the console version of the installation, you can install a virtual server.

Installing and setting up a virtual server

In the console version of the installation, nalashtuvannya and keruvannya by the system, an indispensable tool is the virsh utility (both over the libvirt library). It has a large number of options and parameters, report description you can take it like this:

man virsh

abo viklikati standard "help":

Virsh help

I'm constantly learning these rules for an hour of work with virtual servers:

I save iso image OS at /var/lib/libvirt/boot
I save images of virtual machines from the directory /var/lib/libvirt/images
I explicitly set my new static IP address via DHCP server hypervisors.

Let's start before installing the first virtual machine (64-bit server Ubuntu 16.04 LTS):

Cd /var/lib/libvirt/boot sudo wget http://releases.ubuntu.com/16.04/ubuntu-16.04.1-desktop-amd64.iso

After capturing the image, run the installation:

sudo virt-install \ --virt-type=kvm \ --name ubuntu1604 \ --ram 1024 \ --vcpus=1 \ --os-variant=ubuntu16.04 \ --hvm \ --cdrom=/var/ lib/libvirt/boot/ubuntu-16.04.1-server-amd64.iso \ --network network=default,model=virtio \ --graphics vnc \ --disk path=/var/lib/libvirt/images/ubuntu1604. img,size=20,bus=virtio

By shifting all these parameters to "human language", then we will create a virtual machine with Ubuntu 16.04 OS, 1024 MB of RAM, 1 processor, a standard tethered card (the virtual machine goes to the Internet through NAT), 20 GB HDD.

Varto return respect for the parameter --os-variant, vin instruct the hypervisor for the OS itself next to adapt the adjustment.
The list of available OS options can be viewed by running the command:

osinfo query os

If such a utility is not available on your system, then it is possible to install:

sudo apt-get install libosinfo-bin

After the installation is started, the following message will appear in the console:

Domain installation still in progress. You can switch to the console to complete the installation process.

Tse є normal situation, we will continue the installation through VNC.
We wondered at which port the wine was used at our virtual machine (at the land terminal, for example):

Virsh dumpxml ubuntu1604 ... ...

Port 5900 to local address 127.0.0.1. To connect to VNC, you need to enable Port Forwarding via ssh. Before that, as a reminder, check that tcp forwarding is allowed in the ssh daemon. For which demo in configuring sshd:

Cat /etc/ssh/sshd_config | grep AllowTcpForwarding

I didn’t know anything, but you bachite:

AllowTcpForwarding no

That's right config on

AllowTcpForwarding yes

and re-attach sshd.

Port forwarding

We run the command on the local machine:

Ssh -fN -l login -L 127.0.0.1:5900:localhost:5900 server_ip

Here we set up ssh port forwarding from local port 5900 to server port 5900. Now you can already connect to VNC, just like a VNC client. I see UltraVNC winning in simplicity and simplicity.

After a successful connection, the screen will show up as a standard in the beginning of the Ubuntu installation:

After the installation is completed, that ringing re-entry will appear at the entrance to the system. After logging in, we change the IP address of the new virtual machine, so that the new virtual machine will be static:

ifconfig

Remember that demo to the host machine. Vityaguєmo to the mac-address of the "merezhevoy" virtual map:

Virsh dumpxml ubuntu1604 | grep" mac address"

Remember our mac address:

Redaguemo fencing hypervisor:

sudo virsh net-edit default

Shukaєmo DHCP, and add axis tse:

Guilty to visit schos on kshtalt tsyogo:

In order to improve the integrity, it is necessary to reconfigure the hypervisor DHCP server:

sudo virsh net-destroy default sudo virsh net-start default sudo service libvirt-bin restart

After changing the virtual machine, now it has been set to the IP address - 192.168.122.131.

There are other ways to set a virtual static IP, for example, without intermediary editing the array of settings in the middle of the guest system, but here it’s already like your soul will be welcome. I’m less likely to show a variant, which I myself will win.

To connect to the terminal of the virtual machine, we can:

ssh 192.168.122.131

The car is ready for battle.

Virsh: command redirect

To look at running virtual hosts (you can select all available ones by adding --all):

sudo virsh list

You can rezavantage the host:

Sudo virsh reboot $VM_NAME

Upload a virtual machine:

sudo virsh stop $VM_NAME

Viconati halt:

sudo virsh destroy $VM_NAME

sudo virsh start $VM_NAME

Vimknennya:

sudo virsh shutdown $VM_NAME

Add to autorun:

sudo virsh autostart $VM_NAME

Even more often it is necessary to hack the system, to make it possible to twist it like a framework for other virtual operating systems, with which to twist the virt-clone utility.

Virt-clone --help

She clones the virtual machine and changes host-sensitive data, for example, mac address. Passwords, files and other user-specific information in the clone are left unchanged. If on a virtual machine that is being cloned, the IP addresses of the bula are manually entered, then problems with SSH access to clone through a conflict (2 hosts with the same IP) can be blamed.

How to install a virtual machine via VNC, or another option is X11Forwarding via the virt-manager utility. For Windows, for example, for which you can tweak Xming and PuTTY.

Kimchi is HTML5 based on the web side for KVM. It provides an efficient and flexible interface for the creation and management of virtual machines. Kimchi is installed and runs as daemon on the KVM host. It manages KVM guests with the help of libvirt. Kimchi interface supports all latest version of the browsers with -1 version, it also supports mobile browsers.

Kimchi can be patched on the rest of RHEL, Fedora, OpenSUSE and Ubuntu. According to this document, I endorsed Ubuntu 14.10 as a KVM host.

After configuring kimchi, you must install the following dependent packages.

$ sudo apt-get install gcc make autoconf automake gettext git python-cherrypy3 python-cheetah python-libvirt python-imaging python-pam python-jsonschema python-ldap python-lxml nfs-common open-iscsi lvm2 xsltproc python-parted nginx firewalld python -guestfs libguestfs-tools python-requests websockify novnc spice-html5 wget

System would ask you the following details for installation of packages.

1. OK on Postfix configuration.

2. Select an Internet Site in the form of an email.

3. Type your FQDN and then select OK.

Once installed, download the latest version of kimchi from github.

$wget https://github.com/kimchi-project/kimchi/archive/master.zip

unzip downloaded file.

$ unzip master.zip $ cd kimchi-master/

Build kimchi, victorious next commands.

$ ./autogen.sh --system

$ make $ sudo make install # Optional if running from the source tree

$ sudo kimchid --host=0.0.0.0

Access kimchi using web browser, https://localhost:8001. You are responsible for being appointed in the system, vicoristing your system credential, so you call vicorist for registration in the system.

Once you logged in, you will get a page like below. If this displays a list of virtual instruments on the flow computer, you can use keys to shutdown, restart and connect to console by clicking on action.

To create a new guest machine, click on the + sign in the right corner. As you speed up this option to the machine, it will be generated through templates.

You can manage templates by visiting templates menu. To create a new template, click on the + sign in the right corner. You can create a template from a repository of ISO images, you can place iso images in /var/lib/kimchi/isos or use remote one.

You can turn the lane to go to the cooking store, the stench can speed up the new lane by clicking on + sign. Tse supports adding NFS, iSCSI and SCSI fiber channel storage.

Network can be managed by going to network menu, you can create a new network with isolated, NAT and bridged networking.

With the most famous KVM jumpers, I know, there were a lot of people sticking together. The abbreviation "KVM" stands for "Keyboard Video Mouse". KVM-attachment allows you to use only one set of keyboard + monitor + mouse (K.M.M.) system blocks). Otherwise, apparently, we take N system blocks, connect them to the output of K.M.M. I have KVM attachments, and even to the very attachment, I connect a real monitor, a keyboard, and a mouse-manipulator. Switching for help KVM between computers, we can check those that appear on the screen of the selected computer, and also check them, we are connected without interruption to the new one.

It’s handy, as we need a few cars, but access to them is not obligatory at the same time. Until then, save a lot of space - monitors, navit rare crystals, take up a great deal of space on the table. That and stand chimalo. And in the cupboards of the keyboards and the bear on the table, you can easily get lost.

Push the readers in to block - but now it’s so foldable, like a computer, better for everything, connected to one local lines and can be speeded up by (otherwise) programs into the operating system remote access for example Terminal Services or Radmin for Windows, VNC, ssh for *nix-like operating systems. Everything is correct, but scho robiti, as it is necessary, for example, to enter the bios of the computer or operating system Has ceased to be zavantazhuvatisya, to that we have installed the wrong driver or the program? Abo Well, we have installed a copy of the OS on the computer and we need to choose the wrong one, which starts for the lock? Zagalom, all programs are functionally good, but to the last inter - while the OS of the computer is practicable, and we need only access to the computer after the fact that the OS is occupied.

For example, let's take a look at some of the typical KVM jumpers on the butt of attachments, which are issued by the company.

Specifications

CN-6000 supports renewal of accounts and allows you to create up to 64 administrative accounts corystuvac appearance records, up to 16 accounts can be processed at the same time with the annex. Attachment can be connected to the WEB-interface administration, and yoga small sizes allow you to place yoga on the table or mount (for the help of a special plank, which is included in the kit) yoga on a rack mountable rack (0U rack mountable). CN-6000 handles firmware updates via Ethernet connection (from web interface as a standalone utility). The maximum size of the video, as an extension, is 1600x1200 pixels.

The table of specifications is given:

Wimoga until possession (remote client)			Pentium III 1Ghz
interface	local console	Keyboard	1 × Mini-DIN-6 F(Purple)
		Video	1 × HDB-15 F(Blue)
		Misha	1 × HDB-15 F(green)
	System (KVM)		1 × SPHD-15F(Yellow)
	LAN port		1 x RJ-45(F)
	Power on the net (reserved)		1 × DB9(M)
	Live interface		1
Buttons/jumps	KVM Reset		1 × stuffing, front
indicators	eating		1 × orange
	connection of a distant coristuvach		1 x green
	LAN 10/100 Mbps		1 x green/orange
Support protocols			10baseT Ethernet and 100baseTX Fast Ethernet. TCP/IP
Dozvіl video			Up to 1600×1200 60Hz
Frame			metalevium
Rosemary (dovzhina × width × height)			200×80×25mm

Let's move on to the tests.

On the CD that comes with the kit, you can find some utilities:

CN6000 Client is a Windows client software that can be connected up to remote computer
similar client program, written in Java (in jar format)
CN6000 Admin Tool
Log server - a program that can be configured to save log files from the CN-6000

In addition, a WEB server is connected to the KVM jumper; Let's turn to the web interface a little bit a year, we can look at the utilities a bit.

Configuring the CN-6000 via the Admin Tool.

The program is recognized for configuring the device, setting passwords for access, security and more.

At її launch, it was not without curiosity:

When you first start all the utilities from the disk, you need to enter serial number. Documentation (navit the rest of the version, which lies on the site of the forger) it is said that there is a serial number of cracks at the lower part of the CN-6000 case. And there is the right charge as the serial number, only the wine is too short, the program is required. Zagal, tormented a little, introducing the knowledge of the serial so and so, reaching new zero or clearing and not reaching anything more, lower at the end of the "Invalid Serial Number", I already wanted to end the test of that day, I will add it. Having removed the CD from the CD-ROM (I inserted it into the first line of the CD-drive - it was necessary to install the PZ), I revealed a wonderful sticker on the disk - and the serial number appeared.

Obviously, theoretically, a person can gain respect for those that are written or pasted on a CD if you insert it into the drive. Ale chi rich, who will strike at the same respect? :) І, eat, now it was possible to write in the documentation obviously untruthful information? I repeat - on the site there is a new version of the documentation, and there the "drukarka" is not corrected. I will appoint, so that there is no inaccuracy, as it slips through the documentation, that sometimes it is brought to action by the order "do not believe your eyes."

The CN-6000 administrative utility is useful, which allows you to know the attachments in the area, to find out which IP addresses do not belong to your subdivision, in which case we know, it’s more than enough, we (computer, for which we try to take access to CN- 6000 ) tried that segment locally, like a KVM switch.

After entering the login and password, we will use it in the configuration menu and add:

The company ATEN badly went to the food security facility. When you enter the configuration for the first time, I will inform you about those that the standard login and password are wrong and remember.

In retail network nalashtovuetsya IP addressing addendum, set ports for remote access to the services for help CN-6000 computers. And also here you can specify the MAC address of the machine, on which the "Log Server" program is installed, so that the log files (podії) are saved, which are controlled by the KVM jumper (so do not set, the logs will be saved on the KVM itself and you can look at them). from the web interface). This machine (for the Log-server) can be a computer, on which Windows is installed and the program is running, which is being discussed. The only problem is that the computer is guilty of switching to the same merged segment (roughly, apparently, connecting to the same switch) as the KVM CN-6000 itself, which is why the “features” are called sumniv.

Bookmarked security configure filters (for MAC and/or IP addresses) for access to the remote screen of the administration computers, as well as a filter for the administration of the CN-6000 itself.

At the next bookmark, the names and passwords of the coristuvachs are set, as well as their rights. It is noteworthy that you can connect the logins to the CN-6000 configuration and the JAVA-client. The minimum length of the password, as long as the configuration utility accepts up to eight characters. Skoda, that the password is not changed to "simplicity", but let's talk about those who ATEN security attaches respect.

The remaining bookmark allows you to upgrade the firmware, enable the possibility of a one-hour connection to a distant computer for people (though the bear and the keyboard are all the same, from the point of view of the ceramic computer, that is one thing, others - marvel ... or respect one to one, pulling the mouse in different sides) . Immediately there is a reaction to the wrong authentication process, as well as the inclusion of various modes of "hooking" the CN-6000 automatic prank attached to the local network through the client utility or the administrative utility).

My bookmark has one more item - Reset on Exit. I assumed that the drop-off is on the default, but in this case I will transfer the re-adaptation when exiting the configuration utility. Otherwise (so do not re-advance), new adjustments will be remembered, but nothing will be cleared up (before re-advancement).

In which view, the configuration utility can be finished (another aspect will be considered in the Java-client distribution).

Let's go to the web interface.

Configuration via WEB interface

In order to get into the web interface I will add it, it is enough in any browser to type the IP address that is installed on the CN-6000.

It is noteworthy that the browser immediately redirects the client to the HTTPS:// connection, that is. the whole distance of the robot is being protected through SSL protection.

After entering the login and password, the left-handed icons become active (you can click on them) on the web interface.

The upper icons are split, tied with a change CN-6000. For the most part, all the options there repeat the options for the interface of the Windows utility AdminTool ale є deyakі vіdminnostі. For example, we can set only the IP address of the add-on to whomever (configuration of the address) we can set, but we cannot specify the mask for the address and the gateway. Before that, the setting of the IP address is working as crooked - I didn’t even get to change the IP address and attach it to the web interface (for the help of the Admin Tools utility, I changed it without problems).

You can check the axis in the Admin Tool when you try to change the address via the web interface from 10.0.0.9 to 192.168.0.1. The mask for some reason has changed from the standard 255.255.255.0 to 10.0.0.9, and the extension (after recapture) of 5 seconds changes for the address 192.168.0.1, and then starts to change to 10.0.0.16 (about 192.16). Possibly, the bug of the current version of the firmware (1.5.141), but the version, at the time of testing, was the latest one that can be found on the company's website.

There were no more bugs associated with the web interface during the testing process.

Rozdil security I repeat a similar distribution of the Admin Tool utility.

A similar situation with a split User Manager…

… that split customization.

Icon Log, roztashovana in the left part of the web interface, allowing you to look at the subdivisions, which I’ve been working on for an hour and I’ll build it. In my opinion, the screenshot displays the logs, as they appeared at the time of testing, I will attach the Nessus program.

As it has already been said above, the logs can be dropped off on the same log server (although with the singing exchanges, the distribution of yoga).