For our third-generation units such as Sonoma, Meridian II, Tycho II, Ninja, RTM3205 and e-Series Distribution Chassis run the command below to invoke interactive script:

accessconfig

Then, when prompted enter a hostname, host address or range of host addresses to be given telnet/ssh/snmp access (name, IP address or IP address range, 0 to quit).  You enter:

192.168.1.0/255.255.255.0

No.  Products manufactured by Endrun Technologies are not affected because none of them include any version of Apache Log4j.

You will need to configure a gateway for both the Ethernet ports.  The user manual indicates that only one port can be configured with a default gateway (using the front panel or netconfig).  However, with advanced routing you can configure a gateway for both ports (eth0 and eth1).  You must add commands to set up static routes in the /etc/rc.d/rc.M startup script.

If you are uploading via SSH, do not use WinSCP!  WinSCP does not work well with a raw flash partition.  We have had great success using PuTTY's pscp utility, which is executed from the Windows command line and uses the same syntax as the Linux-based scp utility.  You can download pscp from putty.org.

Yes.  Follow these instructions:

1.  Open the sshd_config file for editing.

For current models (Sonoma, Meridian II, Tycho II, RTM3205) open this file:

   /etc/ssh/sshd_config

For legacy models open this file:

   /etc/sshd_config

2.  Uncomment and edit the lines in sshd_config with ClientAliveInterval and ClientAliveCountMax settings as follows:

Serious vulnerabilities that cannot be mitigated with a reasonable workaround will be addressed with a new firmware update as soon as possible.  For remaining vulnerabilities, please see Network Security Bulletins for mitigation steps.