LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

September 2005

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS September 2005

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: PS2 - game ports management
From:	Michael Grinnell <[log in to unmask]>
Reply To:	Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:	Thu, 8 Sep 2005 15:54:33 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (202 lines)

Use the API.  It's a simple HTTP POST operation.  Our web developer  
whipped up a form in Cold Fusion in 20 minutes.  If you use CF, I can  
share the code.

 From the 3.5.4 release notes
API Support Enhancement

Cisco Clean Access provides a utility script called cisco_api.jsp  
that allows you to perform certain operations using HTTPS POST. The  
Clean Access API for your Clean Access Manager is accessed via:  
https://<ccam-ip-or-name>/admin/cisco_api.jsp

This API was originally designed to provide unauthenticated access.  
However, due to information available through this API, this API will  
be protected by authentication starting with release 3.5.4. Release  
3.5.4 will require authentication over SSL for access to the API.  
(Note that this also resolves caveat CSCsb48572).

Since it is now necessary to authenticate before accessing the API,  
this enhancement results in two new authentication methods:

• Authentication by Session
This method requires the administrator to create an authentication  
shell script that will set a cookie with the session ID to be  
accessed for the rest of the admin session. If a session ID cookie is  
not set, the user will be prompted to login. This method results in  
two new functions being added: adminlogin and adminlogout. The  
administrator login function returns a session ID which has to be set  
as cookie for usage of any API. The adminlogout function should then  
be used to terminate the session. However, if adminlogout is not  
used, the session will still be terminated by admin session timeout.

• Authentication by Function
If the administrator does not want to create a shell script using  
cookies, this method is provided as an alternative. With this method,  
authentication is performed every time a function is used. This  
results in two new optional parameters added to every function:  
admin, and password. If authenticating by function, you will need to  
add the admin and password parameters to all functions that you are  
using in your existing script. In this case, you do not use the  
adminlogin and adminlogout functions.

Michael Grinnell
Network Security Administrator
The American University
e-mail: [log in to unmask]

On Sep 8, 2005, at 3:27 PM, Thomas MacMullen wrote:

> Our web registration page is pre-populated with the valid MAC  
> prefixes. A
> student registers their console and the MAC is checked automatically
> against the prefixes. If the MAC is valid, the request is passed on  
> in an
> e-mail to those responsible for registering the exception in Clean  
> Access.
> If the MAC address is invalid, the student gets an error page.
>
> I would like to get it to the point where the page would automatically
> enter the MAC address into clean access as well, but I never could get
> access to the database.
>
> Thomas MacMullen
> Eastern Illinois University
> Network Specialist I
>
> -----Original Message-----
> From: Perfigo SecureSmart and CleanMachines Discussion List
> [mailto:[log in to unmask]] On Behalf Of Ed Loebach
> Sent: Thursday, September 08, 2005 12:15 PM
> To: [log in to unmask]
> Subject: Re: PS2 - game ports management
>
> We have our students register the mac address with a web registration
> page.  I then take the MAC address and at least verify that it is
> registered to the company they claim the system is for.  I look up  
> the MAC
> address at the following site:
> http://coffer.com/mac_find/
>
>
>
>> I am also looking for solution without managing hundreds of  
>> ports.   At the
>> beginning of semester, we allow game devices to get online without
>> registration and just opening those gaming ports.  But now, we found
>> managing ports are too labor intensive after seeing all the port  
>> requests
>> coming in.    Some popular games also use port 80/443, do you just  
>> open
>> those ports or allow those hosts?
>>
>> What is the good solution you have that you and users are both  
>> satisfied
>> for xbox and ps2?   1. Web page registration  2. walk-in registration
>> showing game device at HelpDesk  3.  managing ports /hosts?
>>
>> Thank you.
>>
>> Wendy Shih
>> Kent State University
>>
>>
>>
>>
>>
>>             "Joyce, Todd N"
>>             <[log in to unmask]>
>>             Sent by:  
>> Perfigo                                           To
>>             SecureSmart and              [log in to unmask]
>>              
>> CleanMachines                                              cc
>>             Discussion List
>>             <[log in to unmask]                                   
>> Subject
>>             OHIO.EDU>                    Playstation - Socom Navy  
>> Seals
>>
>>
>>             09/05/2005 02:23 PM
>>
>>
>>              Please respond to
>>             Perfigo SecureSmart
>>              and CleanMachines
>>               Discussion List
>>             <[log in to unmask]
>>                  OHIO.EDU>
>>
>>
>>
>>
>>
>>
>>
>> It seems that Socom Navy Seals uses UDP port 6000 - 6999.
>>
>> Anyone know an easy way to open that many up other than 1 by 1
>>
>> That would be a great feature enhancement if anyone is out there from
>> the Cisco Side
>>
>> Here is what I found online
>>
>>
>> 20. What ports do I need to forward for [insert game title here]?
>> SOCOM 1, SOCOM II (2), Twisted Metal Black Online, NFL Gameday:
>> Tell the router to allow TCP Ports: 10070 - 10080 and UDP Ports
>> 6000-6999 to send data and recieve data.
>> Tony Hawk's Pro Skater 4 and Tony Hawk's Underground 2:
>> UDP port 5150.
>> Frequency and Amplitude:
>> TCP Ports 10070 - 10080 and UDP Ports 10070 and you need to allow
>> incoming ICMP Echo Reply.
>> Madden NFL 2003 and 2004:
>> UDP ports 1791, 1792, 9995 and 9996.
>> Medal of Honor: Rising Sun:
>> TCP 13505, TCP 443, UDP 3658/3659, UDP 6000/6001 (for voice chat).
>> Also, if using a router or a firewall, you MAY want to foreward port
>> 28500 to address 10.14.248.177 Final Fantasy XI:
>> TCP 25, 80, 110, 443, and 50000 - 65535 UDP 50000 - 65535 TCP 1024 -
>> 65535 Madden NFL 2006 Ports:
>> HTTP: 80 (outbound only)
>> HTTPS: 443 (outbound only)
>> TCP: 13505, 26300-26399 (outbound only)
>> UDP: 1795, 1797 (inbound and outbound)
>> GoldenEye Rogue Agent Ports:
>> Ports 21600-21699 are TCP and are outgoing ports for connecting to  
>> the
>> Lobby server.
>> Port 13505 is TCP and is an outgoing port for connecting to the EA
>> Messenger (buddy list) server.
>> Ports 3658 & 3659 are UDP and are incoming/outgoing ports for
>> connecting to another user to play a game.
>> Port 6000 is UDP and is an incoming/outgoing port for connecting to
>> another user for headset use during a game.
>>
>>
>>
>>
>> todd
>>
>> Todd Joyce
>> Network Services
>> Radford University - The Smart Choice
>> [log in to unmask]
>> (540) 831-7777
>>
>> There is no good way to bring a cupcake to work.
>>
>
>
>
> Ed Loebach
> Residence Hall Support Technician
> Hendrickson Center 4G
> (507)457-1433
>

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU