PLDT HOME Fibr Multi-WAN

In February 2007 it was my very first time going out the country to work abroad for operation and maintenance in one of the International Airport in the  Kingdom of Saudi Arabia, I left my previous work in one of the famous University in my hometown. During that time the only fastest Internet broadband connection that you can get for residential was the twin copper wire that carries two carrier in a single physical line,  one for voice such as home phone and the other is data for the Internet. In contrast to my beloved Philippines the Digital Subscriber Loop (DSL) at that time is very expensive, I remember I have three (3)  Internet Cafe whom I work for part time job in 2001 till 2005 and one of the NetCafe only afford a dial-up Internet connection, but during those period of time Netscape is the fave browser and mIrc is the best messenger among all who we used to hang on the net everyday from morning until midnight.

So I experimented my company dial-up internet account whenever I am on the NetCafe during night time to see how it works, so there it goes, it works that credentials. From that moment in time every night time  I hang on my NetCafe I have a free dial-up internet connection. I did the same thing in Saudi Telecom but this time its a Asynchronous Digital Subscriber Line during my three years work period contract and it works because the technology infrastructure used by DSL is same as the dial-up connection the Plain Old Telephone Service (POTS), whereas DSL uses Public Telephone Switch Network (PTSN) is just an upgrade version of POTS using same carrier twin copper wire single physical line.

In the mid of 2009 I got an offered to pursue my MS degree in Electronic and Communications Engineering in Kuala Lumpur to one of the well known International University of that Asia Tiger States, so I did grabbed the opportunity and started new series of being a university student again. The mud city just started their Fiber Optic roll out over the busy town, and my Kondominium were I reside don't offer the Fiber Optic service because its a high rise building and we are on the 11th floor. That's how they pronounce it Kondominium not Condominium, this tall building is equip with xDSL communication infra own by the government the Telekom Malaysia. The good things about Very High Speed Digital Subscriber Line (VDSL) it offers a triple play, you have the voice internet and the video just like the Fiber To The Home (FTTH) the physical connection is twin copper wire of the PTSN whereas FTTH a Passive Optical Network (PON).

I am really eager on experimenting such things like this and I proved that it works as what I have done and mention on my previous case study. In this experiment on Telekom Malaysia xDSL its not only a single connection but multiple logical internet connections. I have a TP-Link WR-TL740N v1.2 reflashed it with OpenWRT firmware Attitude Adjustment 12.09 loaded it with Multi-WAN package and it works I tested up to twelve (12) WANs.

If it works on Saudi Telecom and Telekom Malaysia I thing it would be impossible if it will not work on PLDT or neither to GLOBE Telecom Infrastructure. But this time we are on the PON infra, whether or not the Philippines Giant Telco will of course not right away garbage their vintage SmartBro Canopy equipment  that they still keep on using the authentication technique for P1 wireless CPE an upgrade of SmartBro family brand whom we all know the long term MacDo free internet connection that GLOBE Telco also rival it.

On this case study I am still using my legacy Wireless Access Point (WAP) router WR-TL740N v1.2 it has one WAN port and four LAN ports no modem built but with WiFi BNG 150N Lite. The Processor is 350Mhz MIPS with 4MBit flash and 32MBit of RAM, reflashed with the third party Linux embedded firmware OpenWRT Attitude Adjustment 12.09 and of course the Multi-WAN package.

My final test proves that there is no difference whether the Telecommunication Infrastructure between POTS, PTSN and PON are same regardless to whatever the authentication technique are being implemented they will behave in the same passion, this is just on my observation. I was very unfortunate my dear Professor in that university is a Shifu in Fiberless Optical Communication which is opposite to my field of interest during that time of my study. This case study still unknown issue to the academe, perhaps already known but not yet been publish, not a threat but widely vulnerable.

Read More

PLDT HOME Fibr ONU Vulnerable

So long I have no any article posted on my blog a busy man like me who has two angel keeps on following on me is so difficult to be a freeman again to hang on the net for long hours. I have stumbled upon around hopping by hop, sniffing on what is going on to the PLDT HOME Fibr Optical Network Unit after I disclosed the credentials of the  "admin account unavailable" to make available it seems like smell fishy going around after they mass update the Fiberhome AN5506-04-XXX  recently.

I still went on and try to see if this is really happening by accident or by chance that the PLDT HOME Fibr subscriber ONT device information page is been there exposed to the public network and can be seen without any authentications needed, you do not need the PLDT FiberhomeSuperAdmin account or the adminpldt to open it. Upon scanning is going thru I found PLDT Fiberhome AN5506-04-F software version RP2658 is already naked to the internet, in one subnet I found one and in another subnet I found two. I am not sure if these people who owns the said AN5506-04-F is aware of it, I guess they are also trying to open their device serial communication port to gain the access of the PLDT HOME Fibr "admin account unavailable" to make it available because its on trending today on the Netizen forum that the adminplt full access is back again since the first week of September 2018.

To ordinary people like me if my phone number is being publicize to the whole world it is worthless what they gonna do with that telephone number do they can make money with it? Are you going to jail? Oh I see, there you are, YES you can go to jail if  your  residential landline identity will be used for any illegal activity masking it to the other ONU/ONT as if it is YOU will pretend to be the DOER, your phone line identity number can be spoof to the other PLDT ONU/ONT such as to any AN5506-XX-XXX for as long as the device is hook to the PLDT network it will work and can make the CALL. You knew it right you are already diving into their palace.

Enough for the slides, I intentionally blurred those information on the screenshot for the security reason. If you wish to obtain one of those above feel free to swim to the PLDT HOME Fibr networks.

I do not know if this is a sabotage of the co-employees of the PLDT company who demanded for regular position because of their long history contractualization its for another topic. As you have witnessed its not only the mac addresses of the connected client that is being compromised but also the telephone number. I heard about HTTP injection how true is it, and what about the DNS hijacking? Well lets take it to another story when we have more time to write. But wait a minute we are not done yet, am I excuse to this PLDT HOME Fibr ONU/ONT exploitation? Lets take a walk thru it WANs will investigate if my Fiberhome AN5506-04-FA software version RP2627 is also affected by this so called nakedness.

By using the same procedure sniffing on the WAN side of the ONU/ONT from the public network there is no difference with the above mention PLDT Fiberhome ONU AN5506-04-F software version RP2658, the subscriber information are always compromise and its not guaranteed that you are on safe hand. If this is not a sabotage then there is another implication of web page disclosure to everybody on the net. Perhaps the Engineering Technical Team of the PLDT company is tired of being requested to task the switching of the subscriber ONU from Routing Mode to Bridge Mode from enabling it to disabling it more over specially when you demand and request to waive the adminpldt "admin account unavailable" to be available. Perhaps this is also to lure the client of the PLDT HOME Fibr that indicating that if the AN5506-04-XXX series ONU is on routing mode its mode prone to exploits unlike if it is on bridge mode it will appear to more safer. In addition, Yes that is more favorable to the PLDT as a whole it will lessen their headache not only that but  rather a discounted bandwidth for every internet fiber broadband subscriber allocated speed.

You said it right, including me, see that! Take a look at it closer, zoom it, that is my homephone line identity number. You can dial it from anywhere, "your monthly bill is our priority we do not care about your security whether you like it or not, its only PLDT and GLOBE where you can choose from". I heard it right Sir!

Worst from what you are expecting, you can swallow your PLDT "fiberhomesuperadmin" account now its not needed, the FTP Server will not ask you that to login and it can be open from any of your favorite browser, begging the "waiver" for obtaining the permission of the adminpldt "admin account unavailable" to be granted is no longer required the FTP Server will not ask for username and password anymore. Now you are thinking if you want to be in Bridge Mode that will lock you down to your throat squeezing your allotted bandwidth as possible to 30% that you can use out of your 100% speed limit. Or stick on Routing Mode make your AN5506-04-XXX series be the public WiFi access point of your neighbor give them a FREE access of your internet without your knowing? But then what solution can I offer to my reader regarding on this matter that will hamper you as a subscriber of the PLDT HOME Fiber internet broadband.

Answer, I can not provide any either solution or suggestion  unless you are the NTC  to tell this Giant Telco to fix their bugs before those man hatted will misused leak information above mention.

Read More

How To Access AN5506-04-FA Serial Port Console

Its not only me and you who are in trouble on acquiring the full accessibility of the PLDT Fiberhome AN5506-04-XXX ONU/ONT device settings, this has been raise on youtube channel, online forum such as github and Symbianize but remain no gain control rather the only option is to sign for a waiver until the Fiberhome Super Admin account unveil. This is NOT a tutorial on how-to dissect your all-in-one PLDT Home Fibr equipment but rather a reference for those people like me who suffer from memory lost who always forgetful.

What we need on How-To gain the Fiberhome AN5506-XX-XXX series ONU/ONT serial communication port console? Firstly, a serial port, but nowadays PCs and Laptop comes along with no serial com port then you have to look for USB-to-TTL or USB-to-Serial Com port. Secondly, any HyperTerminal utility will do but if you are like me who wants to be comfortably I would prefer Putty. Thirdly is optional, if you feel that the cord of your USB-to-TTL is too short then you might consider USB cord extension.

So how we start it, power off your PLDT Fiberhome AN5506-04-FA/T ONU/ONT device, unplug the power supply adapter, unplug the PON optical fiber jumper cord, unplug the LAN cable if you are using wired PCs. After you disconnect all those nasty wiring from the unit equipment flip the device from top to bottom. There are four (4) rubber feet located on the surface bottom of the Optical Network Unit. Lift one by one the four rubber feet with your finger nails you will see screw under it, then take any screw driver and unscrew it to remove the tighten metal lock. After you have taken all the four screws flip the Optical Network Terminal again from bottom to top, now its time to uncover it by just lifting the cover from any side of it.

Once the it is uncovered you will then see the four pin header on the surface of the circuit board of the PLDT Home Fibr AN5506-04-FA, to recognized which pin is which, from the left it is mark as CN1 and next to the first pin is labeled as 1. From pin 1 is Vcc, next pin 2 is ground and 3 is Rx while 4 is the Tx. To hook it to the USB-to-TTL for proper data communication you will only need three(3) pins the ground, RC and the Tx. On the side of AN5506-XX-XXX series the ground is to ground of the USB-to-TTL while Rx is to TX and the Tx of the ONU it to the Rx of the USB-to-TTL.

Next thing to do is to plug the USB-to-TTL on your PC, on Microsoft Windows7 the windows will automatically load its driver you can verify on the Device Manager if it is properly working, it will gives you the com port number. If the driver is not installed properly then you have to Google it for your driver and install it to make it work.

Now we are ready to go, use any HyperTerminal or Putty utility, download it first if you do not have one on your desktop. Open Putty, click serial, the "Serial line to connect to" in my case its COM13 yours might differ fill it what your Device Manager gives. Baudrate the speed is 115200, Data bits is 8, Stop bits is 1 while Parity is None.

After filling the Putty Configuration, click on the Session you are ready to fireup your Serial Console port, click the tab button Open you will then be prompted by a black screen. Plug the power supply adapter of the PLDT Fiberhome AN5506-XX-XXX series.

Now you be seeing a logs fast booting of the AN5506-04-FA/T all-in-one device equipment. There is two (2) boots you can interrupt the first and the second boots if you wish to enter the U-Boot section utility console. In this environment you can change your MAC Addresses your PON and the Ethernet permanently. You can type reset it will reboot the device while on the second boots you can type reboot and it will halt the system and reboot it from its beginning processing.

To login inside the Serial data communication port the username and password is by defualt all Wahun Fiberhome product is gpon, that is the username and password you be logged as root. Precaution if you get into the root Shell you can wipe out the entire systems. Your ONU/ONT PLDT Home Fibr AN5506-04-XXX series will get Brick it will no longer boots up, and it need to be reflash again to make it work. To avoid any disaster will occur before doing so backup the entire thing as possible, yo can use WinSCP its a handy utility on windows you can just click and drag to copy it.

Read More

Fiber Optic Connectors Evolution of Flat, PC, UPC and APC

The evolution of Fiber Optic connectors from flat to physical contact, ultra contact and the angled contact.

When a connector is installed on the fiber end, loss will be incurred. Some light loss would be reflected back directly down the fiber towards the light source that generated it. These back reflections, or Optical Return Loss (ORL) will damage the laser light sources and also disrupt the transmitted signal. Fiber connectors with different polishing types have different back reflections (see the picture below). With the development of technology, four polishing types are available: flat-surface, Physical Contact (PC), Ultra Physical Contact (UPC), and Angled Physical Contact (APC). How one evolves into another? This article will tell the answer.

The original fiber connector is a flat-surface connection, or a flat fiber connector. The primary issue of it is that a small air gap between the two ferrules is naturally left when mated. This is partly because the relatively large end-face of the connector allows for numerous slight but significant imperfections to gather on the surface. The flat fiber connector is not suitable for single-mode fiber cables with a 9µm core size, thus it is essential to evolve into Physical Contact (PC) connectors.

The Physical Contact is polished with a slight spherical design to reduce the overall size of the end-face, which helps to decrease the air gap issue faced by Flat Fiber connectors. It results in lower Optical Return Loss (ORL) with less light being sent back towards the power source.

Building on the convex end-face attributes of the PC, but utilizing an extended polishing method creates an even finer fiber surface finish: Ultra Physical Contact (UPC) connector. It has a lower back reflection (ORL) than a standard PC connector and allows more reliable signals in digital TV, telephony and data systems. UPC fiber connector could be used with both single-mode fiber and multimode fiber. Usually the UPC single-mode fiber connector is blue, but the UPC multimode fiber connector is beige. (Note: 10G UPC multimode fiber connector is aqua.)

PC and UPC connectors do have a low insertion loss, but the back reflection (ORL) depends on the the surface finish of the fiber. The finer the fiber grain structure, the lower the back reflection. When PC and UPC connectors are continually mated and unmated, the back reflection will begin to degrade. So there is a need for a connector with low back reflection and it could sustain repeated matings/unmatings without ORL degradation.

The end faces of Angled Physical Contact connectors are still curved but are angled at an industry standard eight degrees, which allows for even tighter connections and smaller end-face radii. Combined with that, any light that is redirected back towards the source is actually reflected out into the fiber cladding, again by the virtue of the 8°angled end-face. APC connector back reflection does not degrade with repeated matings/unmatings. APC fiber connector can only be used with single-mode fiber and it is green.

It is clear that all of the connector end-face options mentioned above take a place in the market. And it is hard to claim that one connector beats the others when your specification needs to consider cost and simplicity not just optical performance. Your particular need decides which one to choose. For those applications calling for high precision optical fiber signaling, APC should be the first consideration, but less sensitive digital systems will perform equally well using UPC.

Read More