ZyNOS

From Wikipedia, the free encyclopedia
Jump to: navigation, search

ZyNOS is the proprietary operating system used on network devices made by the ZyXEL Communications Corporation.[1] The name is a contraction of ZyXEL and Network Operating System (NOS).

History[edit]

The ZyXEL Communications Corporation first introduced ZyNOS in 1998.[2]

Versions[edit]

ZyXEL released ZyNOS version 4.0 for their GS2200 series 24 and 48 port ethernet switches in April, 2012.[3] It appears that versions differ between ZyXEL products.

Access methods[edit]

Web and/or command line interface (CLI) depending on the device. Web access is accomplished by connecting an ethernet cable between a PC and an open port on the device and entering the IP address of the device into the Web browser.[4] An RS-232 serial console port is provided on some devices for CLI access, which is accomplished by using SSH or telnet.[5]

CLI command types[edit]

Listed below are the categories that the CLI commands are grouped by.[6]

  • system-related commands
  • exit command
  • Ethernet-related commands
  • WAN-related commands
  • WLAN-related commands
  • IP-related commands
  • PPP-related commands
  • bridge-related commands
  • RADIUS-related commands
  • 802.1x-related commands
  • firewall-related commands
  • configuration-related commands
  • SMT-related commands.

Web Configurator[edit]

The Web Configurator is divided into the following categories:[7][4]

  • basic settings
  • advanced application
  • IP application
  • management

Security advisories[edit]

As of March 2014, Danish computer security company Secunia reports no unpatched advisories or vulnerabilities on ZyNOS version 4.x.[8]

As of March 2014, Secunia reports seven advisories and six vulnerabilities on ZyNOS version 3.x. Five advisories are unpatched; Secunia rates the most severe unpatched advisory as less critical.[9]

As of January 2015, a DNS vulnerability has been found in certain ZyNOS firmware versions. The versions that are affected have not been narrowed down. The attack can be done from a remote location regardless if the user interface is accessible from the outside of a LAN. [10]

References[edit]

  1. ^ Mickey Tseng. "ZyNOS General FAQ". Zyxeltech.de. Retrieved 2014-03-07. 
  2. ^ http://web.archive.org/web/20120531030430/http://www.us.zyxel.com:80/Corporate/Overview/Timeline.aspx. Archived from the original on May 31, 2012. Retrieved June 6, 2012.  Missing or empty |title= (help)
  3. ^ http://web.archive.org/web/20120512103646/http://us.zyxel.com:80/Corporate/Pressroom/Press-Release.aspx?npid=568. Archived from the original on May 12, 2012. Retrieved June 6, 2012.  Missing or empty |title= (help)
  4. ^ a b "ZyBook2.book" (PDF). Retrieved 2014-03-07. 
  5. ^ "Ethernet Switch Reference Guide V3.90 (Nov 2008)" (PDF). Retrieved 2014-03-07. 
  6. ^ Mickey Tseng. "ZyNOS CI Command List". Zyxeltech.de. Retrieved 2014-03-07. 
  7. ^ ftp://ftp2.zyxel.com/GS2200-24P/user_guide/GS2200-24P_4.00_ed1.pdf
  8. ^ "ZyXEL ZyNOS 4.x". Secunia. Retrieved 2014-03-07. 
  9. ^ "ZyXEL ZyNOS 3.x". Secunia. Retrieved 2014-03-07. 
  10. ^ "DNS hijacking flaw affects D-Link DSL router, possibly other devices". Lucian Constantin. Retrieved 2015-01-30.