UnBricked CD-R King CW-5358U CW-5356U

If you happen to bricked your CD-R King CW-5356U / CW-5358U by updating with the wrong Tomato firmware then worry no more that was also happened to me. Here's a quick guide thanks to TipidPC forum credits to the poster and to the contributors.

e-gizmo's USB to UART (Serial TTL) Converter Prolific PL2303 Item Code: 77011931 Php250.00

First of all what you need is "USB to UART (Serial TTL) Converter Prolific PL2303" for only 250 peso you can get it from e-Gizmo for the JTAGging. Second, must have the stock firmware of CW-5356U you can download from here mirror.

You should have a console tool first!!

1. I flash the other tomato firmware from shibby -->tomato-K26USB-1.28.RT-N5x-MIPSR2-084V-BT-VPN_N10U.trx
It seems work , but when I reset (clean nvram), it Bricked !!! I can not get the IP after rebooting!

2. I plug my console tool on the CW-5356U's 4 pin console port and open terminal on windows XP

3. I set my PC Manual IP 192.168.1.5 submask 255.255.255.0 default gateway 192.168.1.1
(this is because I saw the info on terminal)

4. Turn on the power and keep clicking CTRL-C at the first seconds CW-5356U on
the terminal will show CW-5356U stop at CFE mode

5. I open IE and go to 192.168.1.1 then the screen shows :
Broadcom - CFE miniWeb Server page

6. choose the right file ( I got from CD-R king named "CW-5356U_1214.trx")

7. wait until its done and show
Upload completed. System is goning to reboot. please wait a few moment~

Unbricking the two routers

Unbricking CW-5358u

CW-5358u

CW-5358u (Pinout from Left to Right)
Pin 1 - Vcc 3.3V (Don't connect anymore since the router will be powered by the supplied adaptor. You may test as well with a multimeter and you'll get 3.3V)
Pin 2 - GND (Connect to GND on TTL Converter)
Pin 3 - TXD (Router side) to be connected to RXD on UART Converter
Pin 4 - RXD (Router side) to be connected to TXD on UART Converter

Entered Broadcom = CFE miniWeb Server after Ctrl+C (right). Ctrl+C stops router startup.
Please click "Restore default NVRAM values" to ensure proper operation

Successfully Uploaded the firmware

Entering router's web interface CW-5356u / CW-5358u ^_^

Thank you very much @Ibrahimovic for the guide at page 2. I hope, images below would help others who have bricked their CD-R King routers.

Read More

ADSL Line Bonding - Bonded Broadband

Bonded ADSL is where multiple broadband lines are joined together to form a single larger pipe.

Bonding is not the same as load balancing, which would require a complicated algorithm to keep the lines in balance. A bonded connection operates as one pipe and the data going down that pipe is automatically shared proportionately over the individual ADSL lines.

Mature technology

The industry standard way of achieving this is through the use of MultiLink PPP (ML-PPP). This is a tried and tested technology and has been used by Internet Service Providers for many years. It is the very same technology used to provide ISDN internet connections larger than 64k.

Whereas with ISDN multiple 64k channels could be combined to make a larger (128k or 256k) connection, with DSL we are combining multiple high-speed ADSL or SDSL lines.

Special requirements for bonding ADSL lines

ADSL lines have certain properties that pose particular challenges to when it comes to bonding. Unlike ISDN lines, ADSL lines do not have guaranteed or even predictable levels of bandwidth. Different ADSL lines at the same site can also have varying latency. Naive bonding implementation that do not take account of these factors will be problematic and will provide a poor quality bonded connection. At Netservers we use an enhanced form of MultiLink PPP called "Quantum Bonding". This technology is been created specifically to address the unique challenges of DSL line bonding and is the foundation of our ADSL bonding service.

Required Equipment

Ordinary consumer ADSL routers are not capable of bonding ADSL lines. A more sophisticated router such as Cisco or FireRack is required to perform line bonding.

The FireRack equipment supplied by Netservers is available with 2, 4, 6 and 8 ADSL 2+ interfaces. Cisco routers that take WIC modules can be similarly configured by adding the appropriate number of ADSL2+ WIC cards.

The technique used by Netservers is true bonding of PPPoE or PPPoA DSL connections. Some Virtual Internet Service Providers (VISPs) claim to provide a bonded ADSL service without utilising ML-PPP. Typically the technique that they use is to bond multiple VPN connections together, rather than bonding multiple DSL lines. This is not true line bonding and is a technically inferior solution with a number of disadvantages.

Increased resilience through ADSL bonding

The most obvious benefit of ADSL line bonding is the increase in download and upload bandwidth. Less obvious is increased fault-tolerance and resilience that that bonding provides. The bonding service provided by Netservers will utilise however many lines are available at a given time. If for instance you have a four-line bonded service, and one of those lines fails, your service will continue to operate over the three remaining lines. Naturally you will see a reduction in available bandwidth, but the service as a whole will continue to operate.

Read More

FireRack Dual-Mini - ADSL2+ Router / Firewall

The FireRack Dual-Mini is a firewall/router designed for bonding two ADSL/ADSL2+ lines.

Hardware Specification

• AMD Geode LX800 500MHz processor
• 512MB DDR400 RAM
• 2 x ADSL2+ Ports
• 2 x 10/100 Ethernet Ports
• 2 x USB ports (one external)
• Mini PCI socket
• Compact Flash socket
• RS-232 Serial

Industry standard line bonding

Although most of our customers use the FireRack Dual-Mini on the Netservers ADSL network, the device itself is compatible with any ADSL service that supports the industry standard Multilink-PPP protocol (MLPPP). This is the very same protocol used by Cisco and other standards compliant routers.

Annex-A and Annex-M support

Up until relatively recently, all ADSL in the UK was "Annex-A". This provides up to 24Mbps download and up to 1.3Mbps upload rates. The difference with Annex-M is that the upload rates can go as high as 2.5Mbps. This is done by trading some of your download bandwidth for additional upload bandwidth.

Comparing Annex-A to Annex-M

	Max. Download Rate (per line)	Max. Upload Rate (per line)
Annex-A	24Mbps	1.3Mbps
Annex-M	16Mbps	2.5Mbps

The FireRack Dual-Mini fully supports both Annex-A and Annex-M standards.

Read More

Setting Up Your DSL Modem to a Single Computer

How to Setup Your DSL Modem to Your Computer This guide will help you step by step setting up a single computer to a DSL modem. If you are setting up a network please review the article for setting up with a router.

To begin you will need your Comtrend DSL modem/router, a phone cable, an Ethernet cable, the power adapter to the Comtrend, and a computer.

1.] First, we will need to get your Comtrend DSL modem/router. As pictured below it should look similar to the modem here.

2.] Now we will want to get the phone cable, and then plug one end into the LINE port on the Comtrend DSL modem. Once you have done this it should look the same as pictured below.

3.] Now that we have one end of the phone cable plugged into the Comtrend modem, we are going to take the other end and plug it into the phone jack that was dedicated for your DSL.

4.] Next we will want to hook up the Ethernet cable, this cable could be multiple colors. Once you have located the Ethernet cable, we will then plug it into LAN 1x on the Comtrend DSL modem/router.

5.] Now that you have the Ethernet cable plugged into the Comtrend, we will take the other end and plug it into your computer into the Ethernet port. As you can see here we used a laptop, on a desktop computer the Ethernet port is almost always located in the back of the computer.

6.] At this point you should have a setup that looks very similar to what we have shown here. You should have the blue Ethernet cable coming from LAN 1x on the Comtrend to the laptop computer. Then we have the phone cable plugged into the LINE port going into our wall jack that is dedicated for DSL.

7.] We are now ready to plug the power into the Comtrend modem. Once you have located the power adapter, plug one end into the Comtrend, and the other end into your wall outlet or surge protector. We recommend that you plug all your devices into a surge protector if you have one.

8.] If everything is hooked up correctly, you should see a light sequence like shown below. The power light should be solid green, the LAN 1x should blink to indicate data is moving, and the ADSL light should be solid to indicate the service is synced up to our Central Office and your location.

Read More

Jazztel Bonding the new alternative to VDSL

Since the launch by Jazztel of 30/1.5 (now 3) over VDSL, users are away from their central longed for access to this service in order to obtain maximum performance in their lines.

But the strict conditions of employment for VDSL so far have not allowed that dream can become a reality. The only hope for these users on copper pair, almost the majority, and not eligible modalities Cable / FTTH, is that ADSL operators implemented the ADSL bonding as an alternative.

At this point, all plants covered Jazztel VDSL are prepared and ready to start offering turn bonding. As confirmed by the Director of the Division of Residential and CMO Jazztel, Luis del Pozo, in an exclusive interview to bandaancha.eu (and soon to be available on the cover of this page) from the first half of the next 2011, Jazztel plans to launch its marketing Bonding + service, which will offer its existing users synchronization values ​​similar to those enjoyed by lucky customers with coverage for VDSL2.

Bonding +, the alternative to VDSL Jazztel

According to the Well, Jazztel "always attentive to the suggestions of its customers, has decided to launch this new modality, to bring those most affected by the distance factor solution both an economic and high quality. Currently our team technical closely with Huawei technicians, working around the clock for final tuning of Jazztel DSLAM and interesting alternative to offer this in the first third of 2011 "

Recall that the ADSL bonding involves using two lines on copper loop, doubling the theoretical maximum speed of ADSL2 +. This, in addition to the core, and require two physical copper pairs connected to two DSLAM ports, the subscriber must have a router compatible with this standard, from which hang two microfilters, one per line.

Net equipment: Comtrend NexusLink 5631Hg

The company chosen to provide new equipment for customers who sign this new option has been, as it was almost predictable, Comtrend which in turn is working hard to adapt their new NexusLink 5631Hg to the requirements of the operator and the deadlines set by this.

Thus, the new router must support IPv6, be compatible with the standard N and take at least one Gigabit Ethernet port, which lacks elements Based Comtrend model, which itself has two USB port ready to connect external storage devices or usb printer.

Until then, the limited beta tester of this new modality being used to test the latest tuning its predecessor, the NexusLink 5631 , the same team that the British operator BE is provided its users with bonding.

Source photo beusergroup.co.uk / technotes / index.php? xusLink_5631 you ...

Note that although the new method is not intended Bonding + exceed benefits Premium VDSL2 mode, in some lines in tests has achieved up to 40 Mbps in the downstream channel, as we can see here

The price

The trading prices of Jazztel Bonding + are defined yet, but according to the Well, should not exceed the service VDSL, although the cost of keeping the two lines and the launch of the service in the customer's home could reach somewhat expensive product, but, in his own words "along with the usual policy of Jazztel try to strive, as far as possible in the least possible impact these costs to the end user"

Recall that the cost of Jazztel VDSL, right now (final price and without promotions) only exceeds in just 2 € to 20 Mbps service to the operator's intention would then be to not beat this price for users Bonding + hire.

In the coming days we will have more details and information on this interesting scoop that we advance here more summary, on the cover of bandaancha.eu

Read More

Comtrend Launches two NexusLink ADSL2+ Bonded Routers

NL-5631Hg

Comtrend Corporation, a global supplier of advanced networking solutions, today announced the availability of two new NexusLink bonded routers. The new products include the NL-5631Hg wireless ADSL2+ bonded router with HPNA and the NL-5630u wired ADSL2+ bonded router. Both new products help to broaden the depth of the popular NexusLink line of products.

The NexusLink 5631Hg Wireless ADSL2+ Bonded Gateway is the perfect solution for triple play applications. It features dual ADSL2+ bonded ports (up to 48Mbps of downstream bandwidth), four Fast Ethernet ports, a USB host port and 802.11b/g WLAN Access Point (AP).

The NL-5631Hg also includes industry standard HomePNA 3.1 (ITU G. 9954) for supporting triple-play services over existing coaxial cables. Backward compatibility with the HomePNA 3.0 extends network reach to legacy equipment.

NexusLink-5631 and 5630u

HomePNA technology provides data rates up to 320 Mbps with guaranteed Quality of Service (QoS), remote management and diagnostics capability enabling service providers to meet the growing demand for new services such as IPTV and VoIP.

The NexusLink 5631 Wireless ADSL2+ Bonded Router is Comtrend’s leading solution for triple play applications. It features dual ADSL2+ bonded ports that provide twice the bandwidth (48Mbps) over comparable single-port models. It is equipped with four Fast Ethernet ports, two USB ports and an 802.11b/g WLAN Access Point (AP).

The NL-5630u is a wired version of the ADSL2+ bonded router and includes all the features of the NL-5631 except the 802.11b/g WLAN Access Point and USB client port.

Both new NexusLink routers include value-added features such as enhanced security, VPN-pass through and Remote Management (TR-069). A Stateful Firewall (with DoS protection) and NAT/PAT protect the LAN from external threats. IP and MAC address filtering provide fine-grained access control to or from the network. QoS allows classification, control, and prioritization of diverse traffic types for pristine video, toll-quality voice, and error-free data transmissions, while TR-069/TR-098/TR-111 standards compatibility ensures interoperability with central office remote management equipment.

Comtrend was a pioneer and first to market with bonded ADSL2+ CPE products in 2005. The technology of bonded ADSL2+ gives telecom companies an alternative to fiber by utilizing existing copper telephone lines at speeds of up to 48 Mbps of downstream throughput speed. ADSL2+ extends the capability of basic ADSL by doubling the number of downstream bits through combining two or more copper pairs as a single connection. At 1/20 the cost of fiber deployment, ADSL2+ gives carriers the ability to deliver high speed services at long distances from a Central Office.

“Since its debut, the NexusLink gateway has seen strong demand from service providers who appreciate the combination of performance and value in a single device,?says John DiFrenna, Vice President of Sales of Comtrend. “We’ve listened to the suggestions from our clients who requested different versions of the original NexusLink gateway, and the two new products are our quick response to their input. We look to continue expanding the NexusLink line as market needs dictate.?_ Learn more about the NexusLink products at http://www.comtrend.com.

Read More

DualWAN WR-500V Snap Review

More than a dozen years ago, in a wireless card also seventy-eight one thousand times, because the demand for internal assessment, I was able to long-term play. I remember that COMPAQ PCMCIA card, because it was not easy to get a wireless router, only through WINGATE software to a network share, but also very happy to experience the fun of wireless Internet.

For a wireless router, in this forum, I can not be called professional, but the kind of person who likes to share inexplicable taste appealing to me. The hands of the router, as long as the brush, and never let go.

Because at any time with an idle laptop when HTPC, taking into account 24 hours a day, of course, the way When the download, NAS uses. Community network or the WIMAX merge bandwidth (WIMAX concession period after play download, DualWAN very practical, this allows me around the house in Cable Internet (50M / 5M), not renewal), and make full use of the resources.

Beginning to recognize DualWAN, get their hand easily achieved router to test ASUS WL-520GU LINKSYS the WRT54GS machine tried to use although the effect can be, but always think it is flawed, really encountered a small problem when, too embarrassed to ask too much. After all, this is a free firmware release, developers zd under no obligation to support not paid subscribers.

Forbearance for a year, a lot of exclusive features see DualWAN WR-500V own models really get antsy, and finally take the initiative to contact with zd a few weeks ago, originally hoped to buy a WR-500V returned to Taiwan to play later heart read temporary turn, why not buy a few, when a small agent?

With zd discussion, basic maintenance protection generally no problem, because of cross-strait transportation, this is often do things my own company. Zd more concerns, will not cause the price steady growth? I'd not worried because I was originally a fun starting point, as long as the basic freight, customs clearance fees play level, that's no problem.

Much gossip, WR-500V hand has been a period of time, zd simple English version of firmware installed, I posted the first photo, and come back slowly added!

The packaging of these things, the machine body, detachable antenna, network cable and power supply. (Can be used directly in the Taiwan voltage)

Manual yes, but in fact, this product, because the firmware update function is also very complex, so it's really familiar, still have regular official website implementation.

DualWAN, the name suggests, the most important function of course, is the dual WAN port load balancing. A similar machine, I used CISCO RV042, D-LINK LB604, but the two are wired models, the price is too high, if not professional purposes (company MIS), most people just want to play, or less cost-effective.

The DualWAN WR-500V 150M 802.11N wireless transmission capacity is more than enough in everyday applications, Cable used in my 50M/5M, basically can ran at full speed on the test.

I think the fun is the so-called single-line double-dial function, the WAN port can be an entity, continuous dial, made two different IP on the line, superimposed bandwidth purposes. Of course, the same ISP account after continuous dialing is not able to achieve the purpose of bandwidth doubling eventually look at your ISP lock bandwidth.

My side Cable MODEM Internet is automatically assigned an IP automatically obtain the two-wire connection.

WR-500V hardware specifications

System Name DualWAN
Machine Model DualWAN WR-500V
CPU Model Ralink SoC
CPU frequency 320MHz
Flash capacity 8MB
RAM: SDRAM 32M
Wireless: 802.11n 150Mbps
Antenna: detachable SMA 3db
Power: DC 12V
Packing: color box packaging
NAT performance: 94.4Mbits / s

Observed lock bandwidth, not superimposed, but there is an unexpected discovery. I used to use the Next TV TV box, whether it is bandwidth how much, whether it is connected directly to the SWITCH or share HD High Definition channels is very easy to get stuck. But through after WR-500V (single two dial), turned out to be very smooth, a little unexpected.

Read More

BiPAC 5210S Dual Port ADSL2+ Modem Router

Billion's BiPAC 5210S with one Ethernet port and one USB port is an easy-to-use yet economical ADSL router that complies with the latest ADSL industry standards: ADSL2 and ADSL2+, for high-speed Internet access.

The 5210S router can connect directly to two computers, or more by using a switching hub, through USB and Ethernet ports, users can easily benefit from express speed and better data transmission performance via firmware upgrade to ADSL2 / ADSL2+NOTE. Powerful SOHO Firewall features are integrated to protect against hacker attacks while accessing the Internet.

Universal Plug-and-Play compliance and the Webbased user interface make network management easy. The BiPAC 5210S is truly a value-for-money model designed for home and SOHO Users.

Features & Specifications

ADSL Compliance

• Compliant with ADSL Standard
• Full-rate ANSI T1.413 Issue 2
• G.dmt (ITU G.992.1)
• G.lite (ITU G.992.2)
• G.hs (ITU G.994.1)
• ADSL over ISDN/U-R2

• Compliant with ADSL2 Standard
• G.dmt.bis (ITU G.992.3) ADSL2 Annex M (ITU G.992.3 Annex M) (Available for BiPAC 5210SA only)

• Compliant with ADSL2+ Standard
• G.dmt.bisplus (ITU G.992.5) ADSL2+ Annex M (ITU G.992.5 Annex M) (Available for BiPAC 5210SA only)

Network Protocols and Features

• NAT, static routing and RIP-1/2
• NAT supports PAT and multimedia applications
• Multi-to-multi NAT
• Transparent Bridging
• Dynamic Domain Name System (DDNS)
• SNTP
• DNS relay

Top Firewall & Virtual Private Network (VPN)

• Built-in NAT Firewall
• Prevents DoS attacks including Land Attack, Ping of Death, etc.
• Anti probe function
• Packet filtering
• Password protection for system management
• VPN pass-through

Management

• Web-based configuration
• Firmware upgrades and configuration data upload and download via HTTP/FTP
• SNMP v1 & v2c, UPNP, SNTP supported
• Supports DHCP server/client/relay

ATM and PPP Protocols

• ATM Adaptation Layer Type 5 (AAL5)
• Multiple Protocol over AAL5 (RFC 2684, formerly RFC 1483)
• Bridged or routed Ethernet encapsulation
• VC and LLC based multiplexing
• PPP over Ethernet (PPPoE)
• PPP over ATM (RFC 2364)
• OAM F4/F5
• ATM QoS: UBR, CBR, VBR-rt, VBR-nrt

Operating Environment

• Support for OS: Windows 98/ 98SE, 2000, ME, XP, NT, Vista, Linux
• Operating temperature: 0 - 40 °C
• Storage temperature: -20 - 70 °C
• Humidity: 20 - 95% non-condensing
• Can run in the range: 100~240V AC

Hardware Specifications

• Physical Interface
• LINE: ADSL port
• USB: Complies with USB v1.1
• LAN: 10/100Mbps auto-crossover (MDI/MDI-X) switch
• Factory default reset button
• Power jack
• Power switch

• Physical Specifications
• Dimensions: 5.20" x 3.70" x 1.38” (132mm x 94mm x 35mm) Power Requirements
• Input: 15VDC 0.7A

• Models & Standards Supported
• BiPAC 5210SA: Support Annex A and Annex M
• BiPAC 5210SU: Support U-R2 and Annex B
• Annex A and Annex M: ADSL over POTS
• Annex B and Annex U-R2: ADSL over ISDN

Accessories: 01 Splitter, 01 power adapter, 02 RJ-11 cable, 01RJ-45 Cable, 01 USB cable, 01 CD Disk, User manual. Firmware Download here.

Note:
1. The router may require firmware modification for certain ADSL2/2+/ Annex M DSLAMs.
2. Specifications in this datasheet are subject to change without prior notice.

Read More

How-To Bonding Tomato/MLPPP Router

Tomato/MLPPP is a fork of the popular Tomato firmware (http://www.polarcloud.com/tomato) for consumer broadband routers. The primary goal is to enable users to bond multiple DSL connections using MultiLink PPP (MLPPP), and/or to circumvent Bell Canada's DPI-based throttling by using MLPPP on a single DSL line.

This documentation will only cover differences between this fork and the original Tomato firmware. For information on things not covered here, please consult the Tomato website (linked above).

Obviously, your ISP must support MLPPP in order for this firmware to be of any use. Currently, TekSavvy (http://teksavvy.com), Velcom (http://www.velcom.ca), Acanac (http://www.acanac.ca), Caneris (http://www.caneris.com), LOGIX (http://www.logix.ca), and NetFlash (http://netflash.ca) are known to support MLPPP, while Electronic Box (http://www.electronicbox.net) is currently working on enabling MLPPP support. If your ISP supports MLPPP and you can confirm that you have it working, please contact us and we'll add it to this list.

This video shows how to (real) bond two DSL lines using Tomato/MLPPP on a Linksys router. Your ISP must support MLPPP (few do).

Attached to this post, you will find v1.19-mp1 of the firmware, as well as the source.

This firmware has only been tested on the WRT54GL v1.1, but should run on the following routers:

- Linksys WRT54G v1-v4, WRT54GS v1-v4, WRT54GL v1.x, WRTSL54GS (no USB support)
- Buffalo WHR-G54S, WHR-HP-G54, WZR-G54, WBR2-G54
- Asus WL500G Premium (no USB support)

Download Tomato/MLPP firmware tomato-mlppp-1.19-mp1.rar

Download Zeroshell/MLPP firmware zeroshell-mlppp-mz1alpha1.tar.bz2

Attached to this post you will find the first release of Tomato/MLPPP, a fork of the popular Tomato firmware for various consumer broadband routers. It allows you to bond two or more DSL lines to multiply your speed, and also circumvents Bell's throttling even if you only have one DSL line.

Read More

Cisco Model EPC2425 EuroDOCSIS 2.0 Wireless

Cisco Model EPC2425 EuroDOCSIS 2.0 Wireless Residential Gateway with Embedded Digital Voice Adapter

The Cisco® Model EPC2425 EuroDOCSIS 2.0 Wireless Residential Gateway with Embedded Digital Voice Adapter (EPC2425) is a high performance home gateway that combines a cable modem, two-line digital voice adapter, router and wireless access point in a single device providing a cost-effective voice and networking solution for both the home and small office.

The EPC2425 has been designed to meet EuroPacketCable™ 1.5 and EuroDOCSIS™ 2.0 specifications. In addition, the EPC2425 is fully backward compatible for use on both EuroDOCSIS

Features

• Compliant with EuroDOCSIS 2.0, 1.1, and 1.0 standards along with EuroPacketCable specifications to deliver high-end performance and reliability
• High performance broadband Internet connectivity to energize your online experience
• Two-line embedded digital voice adapter for wired telephony service
• Four 10/100BASE-T Ethernet ports to provide wired connectivity
• 802.11g Wireless Access Point with 4 service set identifiers (SSIDs)
• Wireless Protected Setup (WPS), including a push button switch to activate WPS for simplified and secure wireless setup
• Two RJ-11 telephony ports for connecting to in-home wiring or directly to conventional telephones or fax machines
• Dual antenna design - one internal and one detachable external
• User configurable Parental Control blocks access to undesirable Internet sites
• Advanced firewall technology deters hackers and protects the home network from unauthorized access
• Attractive compact design that allows for vertical, horizontal, or wall-mounted operation
• TR-068 compliant color-coded interface ports and corresponding cables simplify installation and setup
• DOCSIS-5 compliant LED labeling and behavior provides a user and technician friendly method to check operational status and act as a troubleshooting tool
• Allows automatic software upgrades by your service provider

Cisco Model EPC2425 EuroDOCSIS 2.0 Wireless Residential Gateway with Embedded Digital Voice Adapter Manual

Read More

CISCO WPS PIN Brute Force Vulnerability

Cisco Response

On December 27th, 2011 US-CERT released VU#723755 available here:
http://www.kb.cert.org/vuls/id/723755

The US-CERT Vulnerability Note describes a vulnerability that exists in the Wi-Fi Alliance Wi-Fi Protected Setup (WPS) certification program. The WPS certification program is based on the Wi-Fi Simple Configuration protocol, in which an Access Point (AP) has a static PIN that allows access and configuration from an External Registrar (ER). An AP with WPS enabled and configured to use a static PIN will allow a WPS-capable ER, that provides the correct PIN, to join a properly secured network. A weakness in the protocol affects all APs that have a static PIN, and may allow an unauthenticated, remote attacker to use brute force calculations to determine the AP's PIN in a short amount of time.

The vulnerability is due to a flaw that allows an attacker to determine when the first four digits of the eight-digit PIN are known. This effectively reduces the PIN space from 107 or 10,000,000 possible values to 104 + 103, which is 11,000 possible values. The eighth digit of the PIN is utilized as a checksum of the first seven digits and does not contribute to the available PIN space. Because the PIN space has been significantly reduced, an attacker could find the WPS PIN in as little as a few hours.

The affected devices listed below implement a 60-second lockout after three unsuccessful attempts to authenticate to the device. While this does not substantially mitigate this issue, it does increase the time to exploit the protocol weakness from a few hours to at most several days. It is our recommendation to disable the WPS feature to prevent exploitation of this vulnerability.

Vulnerable Products:

Product Name	Is the WPS feature enabled by default?	Can the WPS feature be permanently disabled?
Access Points
Cisco WAP4410N	Yes	No
Unified Communications
Cisco UC320W	Yes	Yes (See Note 2)
Wireless Routers/VPN/Firewall Devices
Cisco RV110W	Yes	Yes
Cisco RV120W	No	Yes
Cisco SRP521W	Yes	Yes
Cisco SRP526W	Yes	Yes
Cisco SRP527W	Yes	Yes
Cisco SRP541W	Yes	Yes
Cisco SRP546W	Yes	Yes
Cisco SRP547W	Yes	Yes
Cisco WRP400	Yes	No

Note 1: The Cisco Valet product line is maintained by the Cisco Linksys Business Unit. Information concerning the Cisco Valet line as well as information on Linksys by Cisco products is available at http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&articleid=25154

Note 2: The UC320W series devices can be configured to disable WPS through a Platform Modification File (PMF). A PMF to accomplish this has been posted as DisableWPS.pmf at the following link: https://supportforums.cisco.com/docs/DOC-16301

Products Under Investigation:

Product Name	Is the WPS feature enabled by default?	Can the WPS feature be permanently disabled?
Cable and DSL Home Access Products
Cisco DPC/EPC2320	Under Investigation	Under Investigation
Cisco DPC/EPC2325	Under Investigation	Under Investigation
Cisco DPC/EPC2325R2	Under Investigation	Under Investigation
Cisco DPC/EPC2420	Under Investigation	Under Investigation
Cisco DPC/EPC/DPQ2425	Under Investigation	Under Investigation
Cisco DPC/EPC2425R2	Under Investigation	Under Investigation
Cisco DPC/EPC2434	Under Investigation	Under Investigation
Cisco DPC/EPC3825	Under Investigation	Under Investigation
Cisco DPC/EPC3827	Under Investigation	Under Investigation
Cisco DPC/EPC/DPQ3925	Under Investigation	Under Investigation

Products Confirmed Not Vulnerable:

Product Name	Not Affected Reason
Access Points/Wireless Bridges
Cisco AP541N	Does not support WPS
Cisco WAP200	Does not support WPS
Cisco WAP200E	Does not support WPS
Cisco WAP2000	Does not support WPS
Cisco WET200	Does not support WPS
Unified Communications
Cisco UC500 Series	Does not support WPS
Wireless Cameras
Cisco WVC210	Does not support WPS
Cisco WVC2300	Does not support WPS
Wireless Routers/VPN/Firewall Devices
Cisco SA520W	WPS not enabled by default Does not support PIN-ER configuration Mode
Cisco RV220W	Does not support WPS
Cisco WRV210	Does not support WPS
Cisco WRVS4400N	Does not support WPS

Additional Information

Workarounds:
Disable the Wi-Fi Protected Setup feature on devices that allow the feature to be disabled, as listed in the Vulnerable Products table. Cisco Systems has verified that the products that support disabling the WPS feature do indeed disable it and are not vulnerable once the feature has been disabled from the management interface.

Fixed Software:

Product Name	Fixed Software
Cisco WAP4410N	To Be Released
Cisco RV110W	To Be Released
Cisco RV120W	To Be Released
Cisco UC320W	To Be Released
Cisco SRP521W	To Be Released
Cisco SRP526W	To Be Released
Cisco SRP527W	To Be Released
Cisco SRP541W	To Be Released
Cisco SRP546W	To Be Released
Cisco SRP547W	To Be Released
Cisco WRP400	ETA: February 2012

Note: The Cisco Valet product line is maintained by the Cisco Linksys Business Unit. Information concerning the Cisco Valet line as well as information on Linksys by Cisco products is available at http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&articleid=25154

Exploitation and Public Announcements:

Exploit code and functional attack tools that exploit the weakness within the WPS protocol have been released.

This vulnerability was discovered by Stefan Viehbock and Craig Heffner.
Status of this Notice: Final

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.

Revision History

Revision 4.0	2012-February-29	Updated the Can the WPS feature be permanently disabled? column of the table in the "Vulnerable Products" section for WAP4410N: changed from Yes to No. PSIRT would like to thank Bill Sanderson for pointing out this document error. Corrected the "Fixed Software" section to include the full product name of the WAP4410N.
Revision 3.0	2012-January-27	Updated text for clarity. Updated the Cisco UC320W WPS Disable status to Yes due to release of DisableWPS.pmf. Added Cable and DSL access products currently under investigation. Added a link to Linksys product documentation.
Revision 2.0	2012-January-18	Updated information for the Cisco WRP400.
Revision 1.1	2012-January-11	Corrected text mistakes in researcher's name.
Revision 1.0	2012-January-11	Initial public release.

Cisco Security Procedures

Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.

Read More

Anne Curtis ASAP 18 Controversial Strapless Dress

Anne Curtis's sexy outfit during her performance in “ASAP 18” on Sunday, February 24 did not escape the eye of the Movie Television Review and Classification Board (MTRCB).

MTRCB called the attention of the Sunday noontime variety show for its “provocative number.”

Anne performed Rihanna’s “Diamond” while being drenched with water, wearing a black strapless gown with a very high slit. Her performance and outfit soon went abuzz online.

MTRCB posted the following on its official Twitter account on Tuesday, February 26.

Anne on controversial outfit: 'I was completely protected'

Anne Curtis posted a photo of her black strapless dress on Tuesday, February 26, to clarify the issue.

Anne explained that her outfit designed by Boom Sason was a “bodysuit with a hidden tangga.” She assured everyone that no wardrobe malfunction happened, contrary to what many believed.

On Tuesday afternoon, February 26, Anne posted, “TAAAADAAA! I present to you the controversial @boomita outfit I wore for my birthday number on ASAP. As you can see we have a bodysuit with a hidden tangga to make way for the sky high slit skirt. It is made out of 2 pieces. In fact the "tangga" is made out of swimsuit material which Boom Sason is also known for making. I was completely protected.

It may have seemed like a wardrobe malfunction to many but I can assure you, after making the mistake of not securing myself once I wouldn't let that happen to me again. :) So to settle all your minds I just had to post this. Thank you to everyone that was concerned! To everyone that's trying to make an issue out of it! Thank you! ABSCBN news just told me its their most clicked on video on their site ever! Just relax everyone! Wearing a tangga is no newbie in the industry! It's been around since the 80's :)”

Read More

'Wowowillie' summons over gender-sensitivity issues

After summoning ABS-CBN and GMA-7 over provocative numbers in its respective show, the MTRCB (Movie and Television Review and Classification Board) is calling the attention of TV5, this time on gender-sensitivity issues raised in its noontime variety show “Wowowillie.”

The program recently made news after main host-producer Willie Revillame reprimanded fellow hosts Ethel Booba and Ate Gay on air for allegedly getting irked for losing in the “Mini-concierto” talent contest. This, in turn, led to a confrontation among the three parties in the Feb. 28 edition of the show.

Portrayal of women

MTRCB Chair Eugenio Villareal told Yahoo! Philippines OMG! in a phone interview that he summoned TV5 executives to his office to discuss the said episode as well as other viewers' complaints regarding the portrayal of women on the noontime variety show.

“The summon to TV5 over “Wowowillie” was further to the Memorandum of Understanding (MOU) between MTRCB and the networks, ABC included, on the portrayal of women in media as well as on account complaints of on-air decorum we received through social media and based on our own monitoring. It concerns a recent episode where there was an on-air castigation of a female talent, as well as that female talent’s use of unsavory language in referring to a talent from another network. To be tackled too is the manner how women appear in the said show,” Villareal said. MTRCB and TV5 representatives will meet over the said issue on Wednesday, March 13.

“We sent them already a notice for inquiry and that would be on Wednesday, 2pm. We will be having a panel for that, an ad hoc committee,” Villareal added. - source

Read More