Kitz Forum
Broadband Related => Broadband Hardware => Topic started by: Weaver on January 31, 2017, 12:41:07 AM
-
Many netgear routers are remotely vulnerable -
See
https://twitter.com/threatpost/status/826190441297149953
-
Here is a link (https://threatpost.com/hundreds-of-thousands-of-netgear-routers-vulnerable-to-password-bypass/123462/) to the original article, without going via "Twitter".
-
Stupid of me, I didn't spot that indirection. Thanks to Burakkucat
-
one reason to move to something with ongoing development such as pfsense, then you dont need to worry about using a product that is EOL.
-
Chrysalis makes a good point. Consumer routers are really nasty. And business grade routers and firewalls are sometimes ludicrously over-complicated, and cynically unusable, dangerously so. (Actually often under-specified often too.) I suspect this lack of usability is to keep high priests in jobs, it's the sysadmin equivalent of still writing everything in asm.
Products such as firewalls and routers ought to have an overlay that is predicate-based and policy-based, not requiring you all the time to specify the details of implementation which can be fragile, error prone and not visibly/provably correct. Were I designing one now, I would use Prolog or similar as a middle layer.
-
essentially my pfsense unit is very future proof, enough hardware grunt to power future faster connectivity, any new protocol e.g. pppoe-v2 would likely get developed into the code.
my ac68 is good until AC wifi spec becomes obsolete.
The next moving target is what my 8800nl is doing and that is modem side e.g. if I move to g.fast.
I decided multiple units that are most suited for each role is better than a jack of all trades device.
-
> I decided multiple units that are most suited for each role is better than a jack of all trades device.
Indeed.
-
My wish is for some entity to create a pure modem with no irrelevancies --
- Based on the latest Broadcom chip set.
- Low power consumption.
- In a metal case.
- An external lug to allow the metal case to be grounded, for shielding purposes.
- Four ports: (1) power supply, (2) xDSL line (RJ45), (3) Ethernet (RJ45) & (4) Console (RJ45).
- Configurable via the console port as to xDSL modulation: G.992.1/G.992.3/G.992.5/G.993.2, etc.
It would have to be a quality build, similar to that of a Watchfront Firebrick (https://www.watchfront.co.uk/product-category/firebrick/).
-
I would buy a Burakkucat modem like a shot.
I have been thinking about how to put my modems in metal boxes and ground them for ages, but haven't got it cracked yet, would need to have some ventilation yet keep rf out. If I could upgrade modems like that then it would give me further options. Spent a lot of time trying to google this but got lost and in any case don't know where to start. (Old thread somewhere.)
The Draytek Vigor goes part of the way, love them but just not performant enough for my particular situation, love the PPPoEoE -> PPPoA bridging and the full 1508 PPPoE MTU, just not as aggressive as I would like. Should really test a 130 again.
Not sure about the Netgear DMxxx series modems, reports of them running very hot indeed. Don't know about security.
-
I wonder if Watchfront or Draytek could be so persuaded? ( Draytek are not Broadcom-based iirc. )
-
I wonder if Watchfront . . . could be so persuaded?
Perhaps you could get on the "hot line" to Adrian Kennard? :-\
-
Hot line is usually Twitter. Or IRC. I don't tend to email the poor man, sufffering with the month-long mega-cold-from-hell as he is. He gets far too many pleas from me all the time as it is for feature upgrades and daft ideas. Don't have enough hands on deck writing lots of C for the things to get all the new features in that they might like as it it, never mind my wish list.
Someone does need to do a simple, quality modem though. BT did a good job with the HuaWei HG612 in some respect ph, although of course not coming anywhere near the full Burakkucat spec-list? But it was a no-nonsense and well-respected piece of kit that did its job.
-
Would a metal cased modem really make much difference? Assuming the am is to reduce interference pick up, I would have thought the vast majority of interference was picked up by the phone lines, which would be just as damaging with/without a metal cased modem. :-\
For me, my modem of choice would be one that could demonstrate fire safety above and beyond EU (or whatever) standards. It is the one piece of equipment that I very rarely switch off, even when not home, and I do sometimes worry a little. Not so long ago I had an outbreak of flame in an HP Proliant server... :o
-
In The Cattery's grotto are a Watchfront Firebrick 105 and a Huawei EchoLife HG612. Both, on separate occasions, have been opened up and the respective PCBs have been scrutinised.
The build quality of one of those devices is way, way higher than the other. Rather like comparing a Rolls Royce Phantom VI with a Lada Riva. :D
-
The thing about interference pickup is that it's significance is entirely determined by the level of DSL signal you are having to deal with. Clearly very few good volts received equals potential for trouble. The thing is, the noise received further away on the line will itself be attenuated as is the signal, if it is picked up not near the house, on the other hand, noise inside the house is the absolute worst thing in the world in two respects: it itself is not attenuated, and it is being compared with the dsl signal at its weakest. I don't know how much difference a metal case might make, but sticking kit in a biscuit tin temporarily might be an interesting test, ought to ground the tin too. If it is going to make a difference anywhere it will be to me with my lovely 67 dB downstream attenuation.
@sevenlayermuddle - I wonder if there is a device that can kill the power to a socket based on smoke detection and a temperature or infra-red alarm? Having had a terrible house fire some years ago, as has a good friend of mine recently, and I have also have had a washing machine catching fire too, it's a subject dear too my heart, and it's not something you want to have in your life.
-
Hi
I would buy a Burakkucat modem like a shot.
I have been thinking about how to put my modems in metal boxes and ground them for ages, but haven't got it cracked yet, would need to have some ventilation yet keep rf out. If I could upgrade modems like that then it would give me further options. Spent a lot of time trying to google this but got lost and in any case don't know where to start. (Old thread somewhere.)
The Draytek Vigor goes part of the way, love them but just not performant enough for my particular situation, love the PPPoEoE -> PPPoA bridging and the full 1508 PPPoE MTU, just not as aggressive as I would like. Should really test a 130 again.
Not sure about the Netgear DMxxx series modems, reports of them running very hot indeed. Don't know about security.
It wouldn't make a lot of difference being grounded in a metal case. The modem will have ground planes where required on the circuit board, and at high frequencies they are often just as effective as having something in a metal box, i.e. you don't need 100% coverage to be effective. Anything particularly sensitive on the board will be in a screened can, and often that's just to stop interference to other devices and not to the benefit of the device in question.
Given also that an xDSL signal has traveled hundreds of metres being unscreened, screening the modem completely is really shutting the stable door after the horse as bolted :-)
I agree about pfSense, that is what I'm currently using on a home built mini-ITX board, working fantastic.
Regards
Phil
-
Good points as always from PhilipD. I believe now I come to think of it that we have discussed this before and my errors have been illustrated earlier. I would think though that modems’ circuit boards may vary in the quality of their design in this respect. Is that reasonable?
For the good of science anyway, I would love to see this confirmed as a null result, or otherwise. It would be difficult though as we are talking about possibly small performance differences seen very indirectly through a complex system and we would need to decide what aspects of behaviour in the speed vs reliability tradeoff we are going to examine and how to combine them. Anyone got a biscuit tin and some tools?
-
I agree it would be very difficult to make draw any meaningful conclusions of screening in normal domestic scenario, with all the other spurious/random factors at play. My money would still be no benefit but it would be am interesting test... if any benefit were obtained, I would certainly be interested in understanding it.
@sevenlayermuddle - I wonder if there is a device that can kill the power to a socket based on smoke detection and a temperature or infra-red alarm?
That's an interesting idea, I wonder if such a device exists? I'd imagine it may sometimes be a bad idea to cut all the power when the alarm activates, e.g. lighting circuits as it is easier to run for the exit if the lights are still on. But cutting power to selective sockets.... hmm, hard to see why not. But we (at least I) are/am no expert, maybe there's downsides.
Maybe there's a risk that average consumer would then try to plug too much equipment into that one socket (because it is 'protected'), thereby increasing the likelihood of the fire he wants to prevent. :-\
-
I wonder if some washing machines have a temperature sensor in them that detects when the motor is melting. That's what happened when our washing machine started belchin out toxic smoke when we lived in london, luckily Mrs Weaver was around at the time. My good friend in Yorkshire had some white-goods type appliance catch fire and wrecked the house with smoke damage. When our house in Skye had a kitchen fire over ten years ago it was possibly a central heating pump that melted, not sure. Perhaps I should patent yet another of my half-baked ideas.
-
Hi
Good points as always from PhilipD. I believe now I come to think of it that we have discussed this before and my errors have been illustrated earlier. I would think though that modems’ circuit boards may vary in the quality of their design in this respect. Is that reasonable?
The quality definitely differs, some will be obviously worse and identifiable from sync speed and other statistics about the line and comparable if based on the same chipset, but then things like firmware versions of the modem code come into play. I would think most are pretty close enough that other affects will mast differences, for example slight differences in the circuit design might favour one VDSL line over another.
Anyone got a biscuit tin and some tools?
Just place it in a biscuit tin and run the wires out the top and loosely replace the lid will do just as well. This will shield the modem from any external interference, but of course it depends if that noise is entering via the plastic case into the circuit board directly, or being picked up by the power supply wire and telephone line, and so if the latter, it will make no difference.
It's also unlikely the circuit board is picking up external interference that is causing any negative results, as they have to be designed to be tolerant to external noise to comply with regulations, and also the circuit board will be designed with ground planes and the circuit tracks are always short and so would not really act as an antenna to many frequencies.
I have my modem surrounded by lots of kit all within a few feet, a pfSense box, a small fanless PC, a Philips Hue bridge, a Wi-Fi access point, a network switch and DECT cordless phone. Underneath the modem shelf are all the power supplies for all the kit, yet I can turn everything off, shut the house mains power off and run the modem on it's own via a UPS, and SNR margin is unchanged, despite the modem being in a plastic case. :)
I wonder if some washing machines have a temperature sensor in them that detects when the motor is melting. That's what happened when our washing machine started belchin out toxic smoke when we lived in london, luckily Mrs Weaver was around at the time. My good friend in Yorkshire had some white-goods type appliance catch fire and wrecked the house with smoke damage. When our house in Skye had a kitchen fire over ten years ago it was possibly a central heating pump that melted, not sure. Perhaps I should patent yet another of my half-baked ideas.
You can get thermal fuses http://uk.rs-online.com/web/c/fuses-sockets-circuit-breakers/fuses/non-resettable-thermal-fuses/ however very few electrical appliances have them. They have some problems, they are fairly costly, and need a manual process to install them as they can't be soldered in an oven with the rest of the components as that would fuse them, and they can't be soldered easily by hand as the heat would conduct up the leads and fuse them. So it's a case of crimping them in some how. Also they may not react quickly enough if the source of the heat isn't close by.
Regards
Phil