NISG3000というファイアウォールの機器の設定をブラウザ上で実施していて、やらかしたときの顛末を紹介。
NISG3000とは?
NISG3000:統合脅威管理アプライアンス - Neusoft
NISG3000は、SOHOや中小企業に最適な次世代ファイアウオール+UTMです。アプリケーション識別と制御、VPN、ファイヤーウオール、DoS / DDoS攻撃防御、侵入防御システム(IPS)、アンチウィルス、アンチスパム、URLフィルタリングなど、さまざまなトップセキュリティ機能を1台に統合し、一元管理できる多機能のオールインワンセキュリティソリューションを提供します。
やらかしたこと
本機器の設定は、ブラウザ上の管理コンソール「Neusoft NetEye Integrated Security Gateway」で設定可能(HTTPS)。
そして、設定作業中に、好奇心で、HTTPSのサービスを停止させてしまったところ(バカ)、管理コンソール自体にアクセスができなくなった(アホ)。
復旧までの道のり
- 「NIGS 設定変更」とか「Neteye config」でググる→釣果なし
- SSHのポートが空いていないか、淡い期待を抱いて、PowerShellでポート開放状況を確認
Test-NetConnection XXX.XXX.XXX.XXX -Port 22 - 空いていたので、ありがたくそのまま接続
ssh user@XXX.XXX.XXX.XXX` -
NetEye-Tokyo@root>なんて具合にプロンプトが上がってる - ベタにlsコマンドを叩いてみると塩対応
% Unknown command. - helpを出してみようと試行錯誤してみる
help→% Unknown command.
h→Do you want to halt the system?(恐怖)
?→ コマンドのリストが出てきた!(後述①) - 「list List commands definition」 この子が使えそうなので叩いてみる
list - コマンドリスト(後述②)を眺めた結果、
configure modeと叩いてみる - プロンプトが変わった!
NetEye-Tokyo@root-system] - きっと
?を打てばいいことあるはず!! - 設定できる項目が列挙された(後述③)
- しかし、どう打っていいかわからないので、「"neteye" "configure mode"」でググる
- 出てきた中国語のPDFを眺めてみる
- 「service {telnet | web | ping | ssh | scm-console} {on | off}」でサービスの上げ下げできそう
service web on- クライアントからブラウザで管理コンソールに繋いでみたら、繋げた!!
- まだこの状態では設定保存できていないため、管理コンソールで設定保存して終了
後述①:?コマンドの実行結果(@root)
clear Clear operation
configure Configure the system
debug Debugging functions
exit Exit from shell
halt Halt the system
list List commands definition
lock Lock the terminal
ping Send echo messages
ping6 Send echo messages
reboot Reboot the system
reset Reset the system
save Save operation
show Show operation
traceroute Trace route to destination
unset Unset debug
後述②:listコマンドの実行結果
長いので折りたたみ
clear session
clear session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol (tcp|udp) (INTEGER{1-65535}|LIMIT|Any) (INTEGER{1-65535}|LIMIT|Any)
clear session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol (tcp|udp|icmp|icmpv6|other|Any)
clear session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol icmp (ECHO_and_ECHOREPLY|TIMESTAMP_and_TIMESTAMPREPLY|INFO_REQUEST_and_INFO_REPLY|ADDRESS_and_ADDRESSREPLY|REDIRECT|TIME_EXCEEDED|SOURCE_QUENCH|PARAMETERPROB|ROUTER_SOLICITATION|ROUTER_ADVERTISEMENT|DEST_UNREACH)
clear session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol icmpv6 (ECHO_and_ECHOREPLY|TIME_EXCEEDED|PARAM_PROB|DEST_UNREACH|PACKET_TOO_BIG)
clear session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol other INTEGER{1-255}
clear session num WORD{1-8}
configure mode [override]
debug (pppoe|pppoev6)
debug clear
debug dump byte (all|off|INTEGER{1-65535})
debug dump complex (on|off)
debug dump hook (input|output|error|input_output|input_error|output_error|snat|dnat|route|policy|all|clear)
debug dump session (on|off)
debug file download WORD{1-64} sftp x.x.x.x username WORD{1-64} password WORD{1-64} WORD{1-256}
debug file download WORD{1-64} tftp x.x.x.x WORD{1-64}
debug file download WORD{1-64} x/zmodem
debug file remove [WORD{1-64}]
debug match bidir (on|off)
debug match input any
debug match input channel INTEGER{0-7}
debug match input channel INTEGER{0-7} vlan INTEGER{1-4094}
debug match input ethernet WORD{1-6}
debug match input ethernet WORD{1-6} vlan INTEGER{1-4094}
debug match input local
debug match input pppoe INTEGER{0-7}
debug match input rint INTEGER{1-4}
debug match input vlan INTEGER{1-4094}
debug match ip (x.x.x.x|X:X:X:X:X:X:X:X|any) (x.x.x.x|X:X:X:X:X:X:X:X|any)
debug match mac (HH:HH:HH:HH:HH:HH|any) (HH:HH:HH:HH:HH:HH|any)
debug match output any
debug match output channel INTEGER{0-7}
debug match output channel INTEGER{0-7} vlan INTEGER{1-4094}
debug match output ethernet WORD{1-6}
debug match output ethernet WORD{1-6} vlan INTEGER{1-4094}
debug match output local
debug match output pppoe INTEGER{0-7}
debug match output rint INTEGER{1-4}
debug match output vlan INTEGER{1-4094}
debug match port (INTEGER{1-65535}|any) (INTEGER{1-65535}|any)
debug match protocol (INTEGER{1-255}|tcp|udp|icmp|icmpv6|arp|any)
debug match tunnel (WORD{1-63}|off)
debug start INTEGER{3-14400} [WORD{1-64}]
debug stop
debug vpn ipsec INTEGER{3-14400}
debug vpn isakmp (error|basic|detail)
debug vpn isakmp tunnel WORD{1-63} (error|basic|detail)
debug vpn l2tp
exit
halt
list
lock
ping (x.x.x.x|WORD{1-128}) [INTEGER{1-999999}]
ping6 (X:X:X:X:X:X:X:X|WORD{1-128}) [INTEGER{1-999999}]
ping6 X:X:X:X:X:X:X:X interface WORD{1-16} [INTEGER{1-999999}]
reboot
reset
save config
show alert-config
show alert-config (mail|snmp-trap|syslog) WORD{1-63}
show alert-config (mail|snmp-trap|syslog|local-syslog|terminal-print)
show arp
show arp channel INTEGER{0-7}
show arp dynamic
show arp ethernet WORD{1-10}
show arp proxy
show arp rint INTEGER{1-4}
show arp static
show arp timeout
show arp vlan INTEGER{1-4094}
show arp wlan INTEGER{1-4}
show arp x.x.x.x
show assetinfo
show attack-defense WORD{1-63}
show attack-defense WORD{1-63} dos-defense
show attack-defense WORD{1-63} icmp-attack-defense
show attack-defense WORD{1-63} ip-options
show attack-defense WORD{1-63} reconnaissance-defense
show attack-defense WORD{1-63} tcp-evasion-control
show backup entire-unit
show banner
show cam-table
show cam-table HH:HH:HH:HH:HH:HH
show cam-table timeout
show cam-table vlan INTEGER{1-4094}
show certificate (local|ca|crl) [WORD{1-63}]
show certificate caserver WORD{1-63}
show certificate request WORD{1-63}
show config (default|)
show current timezone
show current-config
show customize-the-size-of-IP-datagrams-to-send
show debug
show debug (pppoe|pppoev6) [all-tty]
show debug vpn [all-tty]
show dhcp interface [WORD{1-15}]
show dhcp server ip-binding
show dhcp server ip-binding subnet WORD{1-63}
show dhcp server subnet [WORD{1-63}]
show dhcpv6-client [WORD{1-15}]
show dhcpv6-client-config [WORD{1-15}]
show dns cache
show dns cache (dynamic|static)
show dns cache WORD{1-255}
show dns cache-state
show dns host
show dns server-select
show dns server-select WORD{1-255}
show hostname
show interface
show interface brief
show interface channel
show interface channel INTEGER{0-7}
show interface channel brief
show interface ethernet
show interface ethernet WORD{1-10}
show interface ethernet brief
show interface loopback
show interface loopback INTEGER{1-1023}
show interface loopback brief
show interface pppoe
show interface pppoe INTEGER{0-7}
show interface pppoe brief
show interface rint
show interface rint INTEGER{1-4}
show interface rint brief
show interface tunnel
show interface tunnel INTEGER{1-4095}
show interface tunnel INTEGER{1-4095} GTB
show interface tunnel brief
show interface vlan
show interface vlan INTEGER{1-4094}
show interface vlan brief
show interface wlan
show interface wlan WORD{1-10}
show interface wlan brief
show ipv6 pathmtu [X:X:X:X:X:X:X:X]
show language
show ldap server
show ldap server WORD{1-63}
show license
show line
show log (system|av|as|url|ips|application-control)
show log (system|av|as|url|ips|application-control) start-time YYYY-MM-DD HH:MM:SS end-time YYYY-MM-DD HH:MM:SS
show object group type (ipaddr|service) [WORD{1-63}]
show object ipaddr [WORD{1-63}]
show object service [WORD{1-63}]
show package internal
show package upgrade config
show patch
show policy access
show policy access WORD{1-63}
show policy default
show policy dnat [WORD{1-63}]
show policy ip-mac [WORD{1-63}]
show policy mip [WORD{1-63}]
show policy route [WORD{1-15}]
show policy snat [WORD{1-63}]
show radius server
show route
show script internal
show script internal WORD{1-128}
show server account
show server authentication
show service
show service (web|telnet|ping|ssh|dns-proxy)
show service port
show session
show session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol (tcp|udp|icmp|icmpv6|other|Any)
show session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol icmp (ECHO_and_ECHOREPLY|TIMESTAMP_and_TIMESTAMPREPLY|INFO_REQUEST_and_INFO_REPLY|ADDRESS_and_ADDRESSREPLY|REDIRECT|TIME_EXCEEDED|SOURCE_QUENCH|PARAMETERPROB|ROUTER_SOLICITATION|ROUTER_ADVERTISEMENT|DEST_UNREACH)
show session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol icmpv6 (ECHO_and_ECHOREPLY|TIME_EXCEEDED|PARAM_PROB|DEST_UNREACH|PACKET_TOO_BIG)
show session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol other INTEGER{1-255}
show session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol tcp (INTEGER{1-65535}|LIMIT|Any) (INTEGER{1-65535}|LIMIT|Any) (ESTED|FIN|CLOSED|SYN|SYN_SENT|SYN_ACKED|Any)
show session (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol udp (INTEGER{1-65535}|LIMIT|Any) (INTEGER{1-65535}|LIMIT|Any) (ESTED|Any)
show session count
show session count (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol Any
show session count (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol icmp (ECHO_and_ECHOREPLY|TIMESTAMP_and_TIMESTAMPREPLY|INFO_REQUEST_and_INFO_REPLY|ADDRESS_and_ADDRESSREPLY|REDIRECT|TIME_EXCEEDED|SOURCE_QUENCH|PARAMETERPROB|ROUTER_SOLICITATION|ROUTER_ADVERTISEMENT|DEST_UNREACH|Any)
show session count (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol icmpv6 (ECHO_and_ECHOREPLY|TIME_EXCEEDED|PARAM_PROB|DEST_UNREACH|PACKET_TOO_BIG|Any)
show session count (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol other (INTEGER{1-255}|Any)
show session count (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol tcp (INTEGER{1-65535}|LIMIT|Any) (INTEGER{1-65535}|LIMIT|Any) (ESTED|FIN|CLOSED|SYN|SYN_SENT|SYN_ACKED|Any)
show session count (WORD{1-63}|Any) (WORD{1-63}|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) (x.x.x.x|IPV4RANGE|X:X:X:X:X:X:X:X|IPV6RANGE|Any) protocol udp (INTEGER{1-65535}|LIMIT|Any) (INTEGER{1-65535}|LIMIT|Any) (ESTED|Any)
show snmp (daemon|location|contact|port)
show snmp community (read-only|read-write)
show snmp usm user [WORD{1-63}]
show ssh hostkey v1 rsa
show ssh hostkey v2 (rsa|dsa) [ssh2-format]
show ssh server authentication (pubkey|passwd|rsa)
show ssh server ciphers
show ssh server key-regeneration-time
show ssh server login-grace-time
show ssh server protocol
show ssh server server-key-bits
show system info
show system resource-utilization
show system state
show system time
show system-list
show timeout
show timeout (ICMP|UDP)
show timeout TCP (SYN|FIN|ESTED|CLOSING)
show timezone
show tunnel WORD{1-63}
show tunnels auto
show update rulebase (anti-virus | anti-spam | attack-signature)
show user administrator [WORD{1-63}]
show user authuser [WORD{1-63}]
show user authuser default configuration
show vpn group
show vpn group WORD{1-63}
show vpn ippool
show vpn ippool WORD{1-63}
show webauth auth-port
show webauth banner
show webauth interface
show webauth interface (ethernet|channel|rint|vlan|pppoe|wlan)
show webauth online
show webauth policy [WORD{1-63}]
show zone [WORD{1-63}]
traceroute (x.x.x.x|WORD{1-255})
unset debug (pppoe|pppoev6) [all-tty]
unset debug vpn [all-tty]
unset debug vpn isakmp
unset debug vpn isakmp tunnel WORD{1-63}
unset debug vpn l2tp
後述③:configure mode後の?コマンドの実行結果@root-system
alert-config Alert configuration
arp Arp configuration
attack-defense Attack Defense Configuration
backup Backup system configuration
banner Banner configuration
ca CA server configuration
cam-table Cam-table configuration
channel Channel configuration
console Console configuration
copy Copy operation
customize-the-size-of-IP-datagrams-to-send Customize the size of IP datagrams to send
delete Delete operation
dhcp DHCP configuration
dns DNS configuration
end Exit to normal configuration mode
enroll Apply for local certificate
exit Exit from configuration mode
generate Generate certificate request
hostname Set system's network name
import Import certificate file
interface Interface configuration
ipv6 IPv6 operation
language Change firewall language settings
ldap Ldap server configuration
license License configure
list List commands definition
load Load operation
logging Logging media
loopback Loopbak configuration
ntp Network Time Protocol(NTP) configuration
object Object configuration
package Install package
password Change password
patch Patch management
policy Rule configuration
pppoe PPPoE interface configurationn
radius Radius server configuration
restore Restore operation
rint Rint configuration
route Route configuration
server Server configuration
service Service configuration
snmp SNMP configuration
ssh SSH configuration
system System configuration
time System time configuration
timeout Timeout configuration
timezone Timezone configuration
tunnel Tunnel interface configuration
教訓
- 好奇心で設定変更するのはやめよう!!ダメ!!絶対!!