Oct 13, 2014

TM Riger DB120-WL reflash with TD-W8951ND Stock Firmware

If you are unhappy of your Riger DB120-WL Streamyx residential modem wireless router because of its buggy stock firmware given by TM for you as FREE, now you are not anymore locked by your ISP you will now have the chance to re-flashing your device with the TP-Link TD-W8951ND v5 third party stock firmware that will give you the total freedom.


Before you proceed, take this precaution.
  • This applicable only Riger DB120-WL (Silver) with Firmware Riger v4 installed by default.
  • Before you proceed updating, please connect your PC directly via LAN cable to DB120-WL
  • This may void your warranty (may or may not be, since you didn't open the case)
  • Doing this is at your own risk!
    Step 1. Download Firmware
    Step 2. Extract
    • Open zip file and then open "TD-W8951ND_V5_140226 & TD-W8951ND_V5_140306" folder, extract "TD-W8951_V5_140306" folder (simply click once and drag)

    Step 3. Login
    • Note: Do this only when computer connected via LAN Cable (Hardwired)
    • Username: tmadmin
    • Password: Adm@**** (**** is the last 4 HEX digit of MAC Address, eg: D1E3 => Adm@D1E3, you can find bottom of your DB120-WL)

    Step 4. Click maintenance
    • After successful login, click maintenance and then click Firmware, until you see this page:

    Step 5. Choose firmware
    • Click New Firmware Location: "Browse" button and then locate back where you extract just now, and then open that folder and choose "ras" file.

    Step 6. Proceed!
    • Click "UPGRADE" button! and wait until you see a progress bar!

    Step 7. Update complete
    • Once progress bar reach 100% and it will redirect to new TP-Link login page!
    • Please login using previous username and password (it's look awkward when login using tmadmin under TP-Link page, lol)

    Step 8. Finished!
    • Well done, now you have working DB120-WL with TP-Link Firmware! TP-Link will use your previous configuration.

    Step 9. Improve Wireless Security
    • Click Interface Setup tab and then click Wireless
    • Scroll down until you find Multiple SSID Settings, change SSID Index to 2.
    • Change SSID: Riger1 to any string you like,
    • Then change encryption to WPA2-PSK and put any password you like.
    • Repeat until SSID Index: 4
    • This simply blocking from someone using your hidden wireless, because default DB120-WL allow other to join your wireless freely by simply enter "Riger1" or "Riger2" or "Riger3" SSID.

    This guide originally posted in LowYat Forum.

    Sep 28, 2014

    Jetway J7F2 Four LAN Mini-ITX for pfSense

    For quite a while I was running m0n0wall on an old dell laptop with two NICs. This worked out pretty well because the laptop had a built-in screen, keyboard, and battery backup of sorts. It was also fairly portable. At some point I decided I wanted to do a bit more with my firewall and move to more powerful hardware. In particular, I wanted to try out pfSense, a m0n0wall fork. pfSense contains a package management system that allows you to install a wide variety of services including: Snort, Squid, FreeSWITCH, OpenBGPD, to name a few. I'll return to these in subsequent posts. I also needed more interfaces to be able to properly segregate my wireless network from my wired network.


    I've been a big fan of the smaller form factor x86 machines for a while. Serapeum was built on a MicroATX form factor as well as my current desktop system. µATX is great for smaller desktop machines but is a bit too large for a firewall solution.


    Mini-ITX seemed like the perfect option. I selected the Jetway J7F2 board with a 1.5Ghz Via C7 processor. Two compelling reasons for selecting this board were the Padlock engine, which provides hardware RNG, AES, and hashing acceleration, and support for daughter cards. Some quick OpenSSL benchmarks using the various engines provided these results:





    cryptodev kilobytes per second:
    type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
    aes-256-cbc 10166.19k 10492.00k 10832.45k 10520.09k 10871.68k

    padlock kilobytes per second:
    type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
    aes-256-cbc 69552.53k 221044.97k 475699.68k 662806.69k 745178.49k

    The padlock hardware engine provides a 6850% increase in AES 256 encryption over the software based cryptodev. It peeks at about 5.7 gigabits per second. Cryptodev only achieves 85 megabits per second.

    Summary of build hardware:
    Jetway J7F2 VIA C7 1.5Ghz
    Jetway AD3RTLANG 3 port GigaLAN daughter card
    Corsair 1GB DDR2 533
    Transcend 4GB CF 300x
    M200 Enclosure
    PicoPSU-120

    GJ8018LCD : My Latest Portable SMD BGA Reworks Station

    My latest SMD BGA portable reworks station with LCD display another comparison with SAIKE 8858.


    Description :
    • This product is yet another innovative industry technology breakthrough that bypassing the traditional diaphragm pump air supply and transformer power supply
    • And the use of LCD digital display hot air temperature, and its sophisticated design, superior quality


    Technical parameters:
    • Model GJ8018LCD
    • Operating voltage AC220V Operating Current 2.5A
    • Power consumption: 450W, Hot air temperature:Condition temperature 450 ℃ (Max.)



    Features:
    1. Beautiful shape, easy to use and carry space saving operation
    2. The quality of imported motor and heating elements, natural and gentle wind, air heat distribution. Easy to adjust the operator to precisely control the temperature and air volume.
    3. LCD display hot air temperature, digital thermostat, the operator uses an intuitive, blowing welding handy
    4. No way solder contact pads may dispense parts displacement and thermal shock
    5. Welding QFP and SOP type IC, welding and soldering can be selected according to requirements of different nozzle
    6. Suitable for most surface mount soldering and rework parts, such as: SOIC, CHIP, QFP, PLCC, BGA, etc.
    7. For desoldering various shielding box cover board
    8. Shrink Heat Shrink Tubing, PVC film and polyethylene materials with metal connections

    SAIKE 8858 : My Portable SMD BGA Rework Station

    The SAIKE 8858 is a Portable SMD/BGA Rework Station, can be as such Hot Air, Blower, Solder, Heat Gun.


    Description:
    1.  Automatic mode
    2. Microcomputer control automatically, automatic thermostat, standby,warming up rapidly, temperature stability, accuracy is ± 2 ;
    3. Replacing heating core, hot helical structure; adjustable temperature is 100 -480 , it is suitable for general / lead-free soldering;
    4. Replaceable large, medium and small nozzles, strong non-noise blowers, rotary air output; adjustable air pressure is 3mph-10mph 99 class, it can meet different welding requirements;
    5. Intelligent software design, high-temperature alarm, automatic fault detection and alarm, automatic standby overtime;
    6. Highly efficient switching power supply, power supply control system is integration design;
    7. The supply voltage is 220V
    8. Long-life heating batteries, vulnerable parts can be removable and replacement, reduce the cost of users;
    9. Small size, low power, easy to use, easy to operate.

    Specification:
    • Voltage: 220V
    • Power frequency: 50-60Hz
    • Power: 100-320W
    • Temperature: 100-480, analyze temperature: 1
    • Air pressure: 3-10mph,, 99 grade
    • Mode: automatically
    • Display: digital tube/3
    • Dimension: 128mm×54mm×32mm
    • Air output: 120L/min (The MAX.)


    Sep 24, 2014

    How to write pfsense image onto a SSD for fast installation

    One question we have received since the how to build a pfsense box piece is how to quickly install a pfsense image onto a SSD. Recently we sent three Dell C6100 XS23-TY3 servers to our collocation facility but had not yet decided upon a few software items. We used the three day transit and racking time to do some basic software installation. One of these tasks included two instances of pfsense on SSD installations which we prepped offsite. When it was time to do the final installation, each pfsense node received its SSD and the units booted right up. As a result we did a quick guide on the installation after we confirmed it worked perfectly.


    Copying pfsense onto a SSD

    The first step in the copy process is to install the drive in the physical machine. Although we have done this for a few different SSD implementations, we are actually using an iSCSI volume setup on a Synology DS1812+ that was mounted locally. Disk management shows the following drive ready to use in the system.


    The next step is to get physdiskwrite for Windows here. We are using Windows 8 Pro and thus are using the PhysGUI.exe to make the process a bit easier. One major note about this step is that since one will be making major changes to disks, one will want to run the program as administrator.


    Once the PhysGUI is loaded, one will see a list of drives installed in the system. In this case we are going to use PHYSICALDRIVE5 because we are going to attach that to an iSCSI boot machine soon. For the purpose of today’s guide, we are going to use it just as we would the OCZ Agility 3 or any other SSD (we used Intel SSDs for our colocation.) PhysGUI is not an English utility so it is slightly less intuitive for native English speakers.


    After selecting the correct disk, right click and open the pfsense image that you want to flash on the SSD. For this we are using the pfsense 2.0.2 stable release and are using the 4GB NanoBSD VGA version. You can read more about the versions and download here. With a SSD, we are much less sensitive to size than we are on a small USB flash drive.


    Once clicking on open, and since we are using a 4GB installation, we are asked to confirm that we want to pick a capacity over 2GB for the pfsense installation.


    At this point one will get a confirmation about destroying the current content on the disk and overwriting it with the disk image. Beware – you can lose data doing this so triple check before proceeding.


    Once this is done, it will generally take a few seconds to write everything out. Going back into disk management one will see the image is written to the SSD.


    One tip here is that you can use this to do extreme over provisioning. A 60GB drive that is brought down to 8-16GB will see considerably higher write endurance as compared to a fully provisioned drive. This can be important if one is trying to write logs to the drive.


    Sep 6, 2014

    TM Innacomm ADSL-INNATECH-W7100N Username Password

    Telekon Malaysia (TM), The Innacomm ADSL-INNATECH-W7100N is a new modem replacing Innacomm W3400V6. The modem login ID/username/password is already printed in the manual guideline. This new modem wireless router all in one residential gateway is unique due to its modem password architecture is the last-4 digit modem CPE MAC Address ID.


    Here's how it is look like, the TM Innacomm ADSL-INNATECH-W7100N Username Password

    Modem Login: tmadmin
    Modem Pass : Adm@****


    Hint: **** is the last-4 digit modem CPE MAC Address ID (e.g: XXXXXXXX1234, so CPE MAC ID is 1234)

    Modem Pass: Adm@1234

    You can refer also to TM ADSL RIGER DB120-WL Default Username Password both are identical.

    Different modem has different CPE MAC Address ID. But don't worry, you can refer sticker info at the back of the modem every time you forgot or lost the modem box.

    Jul 23, 2014

    How-To Upload myBRO Device Certificate and Private Key

    I made this write ups for the request of my guest readers who has having a hard time on uploading their myBRO DV235T device certificate and private key aka the Green Packet 4G wireless broadband WiMAX CPEs. Let me tell you that this WiMAX modem have different flavor, the first firmware release and being loaded by PLDT/Smart Telco were version: v2.10.14-g1.0.6-smart then v2.10.14-g1.0.7-smart and next is v2.10.14-g1.0.8-smart similarly there is also stock firmware of Green Packet which is used by subscriber/s and Netizen who are avid of getting the full access to this device such as the web_update-2_3G-v2.10.14-g1.0.4-gp and the web_update-3_5G-v2.10.14-g.1.0.5-gp all of this said firmwares work for this tutorial.

    This guide will help you upload your myBRO DV235T Green Packet 4G WiMAX modem broadband device certificate and private key only via any web browser will do.

    First, open any web browser such as Firefox, IE, SeaMonkey or any other similar browser and point to https://192.168.15.1 if you are using PLDT/Smart Firmware and https://10.1.1.254 if your device is loaded with Green Packet stock firmware.


    Once you are login to the graphical user interface (gui) as the above screenshot, navigate your mouse  on the left Main Menu point to WIMAX menu  it will prompt you the sub-menu on Authentication Setting.On the Authentication Mode drop down and select User and Device Authentication. Just leave the below setting that has check/tick.


    Next, on the EAP Supplicant just follow the Screenshot above I hope it is very clear to you on how to fill up the following space provided make sure your MAC address the colon (:) is omitted, then upload the device certificate wmx_client_ca.pem  likewise the private key wmx_priv_key.key.


    Scrolling down, on the Options Menu please do not forget to untick or uncheck the Ignore Cert Verification and then click the Save button to apply the changes you have done.


    Finally, go back to Main Menu, navigate your mouse and point  it to Network menu, then on the WAN sub-menu. Locate the space provided labeled with Clone MAC Address as what the snapshot show you. You can now input your desired MAC Address make it sure that the colon (:) now is not omitted. Again scroll down hit the button Save, your myBRO DV235T 4G WiMAX broadband modem will now reboot in 70 seconds. Login again on the stated IP addresses to your corresponding firmware now you are connected. Enjoy!

    Jul 15, 2014

    How-To : myBRO Device Certificate and Private Key Retrieval

    As of June 26, 2014 the PLDT/Smart Telco 4G wireless Internet Service Provider made its first clearing operation on its network and wireless system to eliminate the country's number one rampant in cloning the 4G wireless broadband CPEs. According to this forum the usual MAC address base authentication of the SMART myBRO 4G wireless modem is no long effective as of the said date, this is because the AAA is already been implemented such as the Device Certificate + Private Key + MAC address, if this three is not much on your Green Packet device such as DV235T and OX230 then you will no longer be welcome to the network. In short you will be denied to access to the Smart 4G Base Station, there's no way for you to use even the proxy server to bypass their portal.

    Here's simple step on how to retrieve your myBRO 4G wireless broadband modem device certificate, private key and the mac address either via telnet or ssh make sure to enable port 23 or 22 to be able to get this terminal open.

    Once you are login to the command line interface (cli) e.g. telnet or ssh, just type this following command respectively.

    cd /etc


    The ls /etc command is to view the list directory of the /etc now you will be able to see the filename wmx_client_ca.pem this is the device certificate and the wmx_priv_key.key filename  is the private key.

    cat wmx_client_ca.pem


    cat wmx_priv_key.key


    After you have viewed the device certificate and the private key in plain text, you can copy paste this to notepad and save it as wmx_client_ca.pem, wmx_priv_key.key filename respectively. Now you already successfully retrieved your myBRO device certificate likewise the private key.

    Additionally, the next command is if you wanted to retrieve your myBRO 4G wireless broadband WAN MAC address just type this command and you will prompted your device WAN MAC.

    sncfg get WAN_MAC


    I have included this extra screenshot because of some myBRO 4G Wireless broadband CPEs their device certificate and private key are hidden, just like on this screen. The Green Packet equipment which Chipset is MediaTek is embedded with Linux OS and therefore it is equip with tiny all in one Busybox you can use the tool to unhide the device certificate and the private key.

    Jul 14, 2014

    CIDG 7 seized P300K worth of LTE modems

    Thursday, June 26, 2014

    THE Criminal Investigation and Detection Group (CIDG) entrapped four persons for allegedly selling Internet modems without authority from a telecommunication company.


    Some P300,000 worth of modems, antennas and cable cords for Internet installation were confiscated by the operatives Wednesday afternoon in Mandaue City.

    The suspects work as sub-contractors for Globe Telecom.

    The are identified as Israel John Brigoli Abenir, 25; Lemuel Galinato, 22; Orlando Rizaldo Mula, 27; and Roy Gonzales Aguelo, 45.

    CIDG 7 Deputy Chief Fermin Armendarez explained that the sub-contractors install modems for clients to have Internet connections.

    Globe

    The operation was conducted based on the report of Globe Telecom Security Officer Ramil Manlosa.

    Manlosa said his job is to monitor their customers’ Internet connection through their website.

    Manlosa told police that he found modems being sold online while he was browsing the Internet last June 19.

    He then informed Globe Telecom Security Head Manolito Zapata, who instructed the former to coordinate with the police.

    Armendarez said Long-Term Evolution (LTE) modems cannot be sold because these are given for free to Globe Telecom Internet subscribers.

    Armendarez led the entrpament at 3 p.m. in Barangay Labogon, Mandaue City.

    Through the online website selling the modems, Manlosa ordered 20 gadgets.

    He was immediately contacted by the administrator of the website.

    Each modem was reportedly sold for P5,000.

    But Manlosa said a modem costs about P10,000.

    SPO1 Jackson Rivera acted as the buyer.

    He met the four suspects during the delivery of the sold items.

    As soon as the suspects handed Manlosa’s order, the other CIDG 7 operatives swooped down on the suspects.

    LTE

    Recovered from Abenir were nine LTE modems with power cord and five LTE antennas with a total market value of P90,000.

    Seized from Galinato was an LTE modem worth P10,000.

    Mula and Aguelo were also caught with 10 LTE modems with power cord, 10 LTE antennas, and 10 LAN cords worth P100,000.

    It was only after the entrapment that Globe Telecom found out that the four suspects were working as their sub-contractors.

    The modems that were sold were supposed to be distributed to Globe Telecom’s subscribers for their Internet installation.

    Reporters tried to get a statement from any of the four suspects but they all declined to be interviewed.

    A complaint for estafa is expected to be filed against the suspects.

    They are currently detained at the CIDG 7 stockade. - Sunstar

    Jun 21, 2014

    8866 2288 6600 8800 9966 7700

    Ever heard of domains such as 8866.org, 2288.org, 6600.org, 8800.org, 9966.org, and 7700.org? Me neither -- well, at least not until recently.


    The latest zero-day exploit, which affects Microsoft Word, drops a Trojan that tries to connect to a host at 3322.org. Turns out that these particular domains are IP forwarders -- e.g. they let you register any available host at the domain and forward traffic to whichever IP address you prefer. Sounds like a great way for cyber criminals to keep their real attack systems on the move.

    I learned about this over at F-Secure, where they explain a bit more about these domains.

    When you see these domains in your URL filtering or Web access logs they should send up gigantic red flags in your mind. In my opinion they should be completely blocked unless you have a real good reason not to block them. Better safe than sorry. You can check this forum the Exploits that leads to Trojan Perkesh.

    Jun 19, 2014

    P&T Luxembourg Tests Alcatel-Lucent’s Zero-Touch Vectoring

    P&T Luxembourg is testing Alcatel-Lucent's Zero-Touch Vectoring to evaluate how the technology can help the operator meet the national government’s "Ultra High BroadBand" plan - which aims at providing all Luxembourg residents with broadband speeds of 100 Mbps downstream and 50 Mbps upstream by 2015.

    VDSL2 Vectoring is a noise-cancelling technology that removes the interference between the multiple VDSL2 lines, so that each VDSL2 line can operate at its best and deliver higher data transmission speeds. P&T Luxembourg is already deploying Alcatel-Lucent’s GPON and P2P-based fiber access solution. http://www.alcatel-lucent.com

    In October 2012, Alcatel-Lucent introduced new signal processing software developed by Bell Labs that promises to shake up the business model for VDSL2.

    The new ‘Zero Touch Vectoring’capability eliminates the need to upgrade every CPE in a copper node whenever the first customer opts for faster broadband access delivered over a VDSL2 vectored line. Previously, a carrier choosing to deploy VDSL2 Vectoring was required to upgrade every modem on the network in order to properly handle the crosstalk elimination.

    Alcatel-Lucent introduced the first commercial VDSL2 Vectoring solution in September 2011, delivering 100 Mbps over existing copper loop lengths of 400 meters. VDSL2 vectoring uses digital signal processing to remove crosstalk between copper pairs in a bundle, similar to noise cancellation in headphones. From line cards at the central office or DSLAM, the system measures the crosstalk from all the lines in the bundle and then generates an anti-phase signal to cancel out the noise. Alcatel-Lucent developed its own chipset and software. The VDSL2 vectoring is delivered via a 48-port Board Level Vectoring card, a 48-port System Level Vectoring card, and a Vector Processing card supporting up to 384 ports.

    Path traversal in TP-LINK WR740 and possibly others

    Summary

    TP-Link WR740 routers are vulnerable to a path traversal vulnerability on the web administration interface. Unauthenticated users are able to read any file from the device.

    Description

    Models: WR740N, WR740ND and possibly others.
    Update: People have been reporting on forums that models WR743ND,WR842ND,WA-901ND,WR941N,WR941ND,WR1043ND,WR2543ND,MR3220,MR3020,WR841N are also based on the same HTTP daemon but we haven't been able to test it ourselves.
    Firmware: 3.12.11 Build 111130 Rel.55312n and possibly others
    Date: 26/05/2012
    Severity: High
    Impact: Disclosure of configuration and password files.
    Attack vector: Remote. No auth required.
    Solution: N/A

    The router TP-Link WR740ND/WR740N has a HTTP server running on port 80 handling the web management interface.

    There exists a path traversal vulnerability in the URI "/help" that allows attackers to read any file including configurations.

    It is possible to read other configuration files if the services have been configured previously. (No-IP, DyDNS, Samba, NFS)

    POC


    After further research we discovered that the URL was posted before on some russian forum, but not mentioned as a vulnerability and specifying another model.

    Paulino Calderón
    calderon()websec.mx

    Jun 17, 2014

    Technology Used Primarily for Next Generation Network/FTTH

    With the progress in the Technology, larger bandwidths are required with the increasing complexities. Corporate Units, homes offices, ATM has forced FSAN group to look for better technologies. FSAN initiated the Gigabite Passive Optical Network (GPON) Standardization work in the Year 2001, for designing networks offering high data transmission with a transmission capacity as high as 1Gbps.. Another specialized feature of GPON is that it offers coverage data and voice service upto 2.5 Gbps, and so gives a big advantage over the other available schemes.

    GPON:


    EPON:


    Ethernet equipment vendors formed Ethernet in the First Mile Alliance (EFMA) to work on a architecture for FTTH as Ethernet is a dominant protocol in Local Area Network. EPON based FTTH was adopted by IEEE standard IEEE802.3ah in September 2004. Adopting Ethernet technology in the access network would make uniform protocol at the customer end simplifying the network management. Single protocol in Local Area Network, Access Network and Backbone network enables easy rollout of FTTH.

    EPON standards networking community renamed the term ‘last mile’ to ‘first mile’ to symbolize its importance and significance access part of the network. EFM introduced the concept of Ethernet Passive Optical Networks (EPONs), in which a point to multipoint (P2MP) network topology is implemented with passive optical splitters.

    EPON, is largely vendor-driven standard and it is fundamentally similar to ATM-PON but transports Ethernet frames/packets instead of ATM cells. It specified minimum standardization and product differentiation, also it has decided not to standardize the Bandwidth allocation algorithm (DBA), TDM and ATM support, Security, Authentication, WDM Overlay Plan, support for Analog Video Protection, Diagnostics, Monitoring,, Compliance with existing OSS leaving these to the vendors to choose the best.

    Multiple Ports / Flexible 100Base-FX Fiber Optical connective for Distance Extension Solution

    Functional re-evolution! Enhanced Management Features PLANET FGSW-2624SF Managed Fiber Switch has excellent reputation from FTTx Service Providers by offering multiple high-speed fiber ports and high flexibility in network deployment. To bring users better and better performed Ethernet networking, PLANET introduces FGSW-2624SF update version with minor changes in hardware but greatly promoted management functions in firmware. The FGSW-2624SF features highly secure SSL function, Telnet command line management mode, and SNMP 4 RMON Groups (Statistics, History, Alarm and Event) besides the existing user-friendly WEB management interface.For L2 / L4 switching management, Q-in-Q (Double Tag) VLAN is included to fit the increasing demand in Metro Access application; IP DSCP QoS priority is also featured to enhance the VoIP streaming in the fiber-optic network. With these advanced networking features, the FGSW-2624F is most suitable for long-distance fiber-optic network deployment like IP surveillance system, campus, distance learning, FTTx, MDU (Multi-Dwelling Unit), MTU (Multi-Tenant Unit) and Metro markets.

    Key Features:
    • WEB / SSL / Telnet / SNMP Management
    • IEEE 802.1Q / Q-in-Q VLAN
    • IEEE 802.1w RSTP protocol / IEEE 802.3ad Link Aggregation
    • IGMP Snooping v1, v2 and Query mode
    • IP DSCP QoS and Bandwidth Control
    • Layer 2 / 3 / 4 ACL and Port Security
    • SNMP v1 / v2c and 4 RMON Groups
    Application:
    With 24 100Base-FX SFP ports and 2 Gigabit TP/SFP combo ports, the switch provides a cost-effective, high-performance for FTTx solutions. To build a network solution of FTTH (Fiber to the Home) or FTTC (Fiber to the Curb) for ISPs and FTTB (Fiber to the Building) for enterprise, the various distances of SFP (small-form factor) and Bidi (WDM) transceivers are optional for customers. Compared with traditional fiber switch that equipped fixed distance (2Km) and connection mode (SC only), the 24 SFP ports provides flexible solution for ISPs and enterprises. In addition, the two Gigabit TP/SFP combo ports can be used as uplink port which connects to the data centers and backbones.

    Small Form-factor Pluggable (SFP)

    Small form-factor pluggable (SFP) is a specification for a new generation of optical modular transceivers. The devices are designed for use with small form factor (SFF) connectors, and offer high speed and physical compactness. They are hot-swappable.


    SFP transceivers are expected to perform at data speeds of up to five gigabits per second (5 Gbps), and possibly higher. Because SFP modules can be easily interchanged, electro-optical or fiber optic networks can be upgraded and maintained more conveniently than has been the case with traditional soldered-in modules. Rather than replacing an entire circuit board containing several soldered-in modules, a single module can be removed and replaced for repair or upgrading. This can result in a substantial cost savings, both in maintenance and in upgrading efforts.

    Several companies have formed a consortium supporting the use of SFP transceivers to meet their common objectives of broad bandwidth, small physical size and mass, and ease of removal and replacement.

    Jun 14, 2014

    Passive Optical LAN (POL) : The Future LAN

    Technology has began a transformation into the new age with passive optical lan. Take your business into the green zone by taking advantage of this modern updated way of replacing the old copper wires with modern fiber optics. Among the industry of upgrades.


    As things move so fast that the world cannot keep up with the changing technology, POL makes a progressive attempt at reducing power consumption. First you need to understand this is the most green initiative around. POLwill save in your energy costs providing a very important money saving method for any business. While the cost of power is saved on a day to day basis, there will be a longer lasting effect for the longevity of your equipment. In respect to fiber optics the POL will bring about nearly five times more life that once existed with the old standby copper.

    The benefits of the new fiber optic systems will not only be in the longer life they provide but in the speed they are able to add to any older system. In an economy that seems to flounder in an attempt to survive saving money in Capital expense ( CapEX ) and operating costs (OpeX ) are some of the top rated needs for all businesses. One source of money saving potential will come with the amount of heat and power that are eliminated using the POL deployment as opposed to copper wires.


    With the technology you are provided the efficient fiber optic connectivity to any and all Ethernet end points. Bringing about a simplified LAN as this system replaces copper infrastructures with its POL. The new installation not only saves on the amount of heat generated and power needed but can save a business in space due to the compact design of the new POL, which in turn will save more money.


    Installation of the passive optical lan will simplify your operations to a much easier manageable rate of working by the elimination of the necessary fees charged annually for licensing and service of the traditional system. With this form of passive optical network you receive the simplest, safest and most secure series of possibilities that the market offers at this time.


    Passive Optical Lan is tested and a proven technology, more than 1 Million ONT has been shipped and Joint Interoperability Test Command (JITC) approval lays groundwork for U.S. Department of Defense to immediately begin deployments of Motorola’s proven all optical LAN solution.

    Jun 5, 2014

    Understanding Fiber optic cables

    Transcript I find this a fascinating object: Its a fiber optic cable for a stereo. If I shine this laser pointer down the cable, it guides the light out the other end. These cables are used to connect our world today, and are capable of transmitting information across countries and oceans, but first, let me show you how it works.


    I have a bucket that I modified with a window in front. And on the other side, I put a stopper in this hole right here. I have a bottle of propylene glycol with a just a little bit of creamer in it. A ring stand. And, of course, a laser pointer. Now keep your eye on this plug when I turn out the lights.

    That's wonderful! The light follows the liquid's flow all the way to the bucket! Amazing. It does this because of total internal reflection.

    As the light enters the stream it is reflected as soon as it hits the interface between air and liquid. You can see here the first reflection, and then the second and the third. This occurs because there's a difference between the index of refraction of the guide material - here propylene glycol - and the outside - air in this case.

    Recall that any time light strikes a surface it can either be absorbed by the material, reflected from it or pass into and through it - the latter we call refraction. Its easier to see from a top view. Reflection and refraction can happen at the same time, but if a light ray hits the surface at an angle greater than the critical angle it will be completely reflected and not refracted. For this propylene glycol and air system as long as a beam hits the surface at an angle greater than 44.35 degrees measured from the normal it will propagate down the stream via total internal reflection.

    To create this same effect in an optical fiber engineers create a core of glass - usually pure silicon dioxide - and an outside layer called "cladding" which they also typically make from silicon dioxide, but with bits of boron or germanium to decrease its index of refraction. A one percent difference is enough to make a fiber work.

    To make such a long, thin piece of glass engineers heat a large glass preform. Its center is the pure core glass and the outside the cladding. They then draw or ΄pull‘ a fiber by winding the melt onto a wheel at speeds up to 1600 meters per second. Typically these drawing towers are several stories tall: The height allows the fiber to cool before being wound onto a drum.

    One of the greatest engineering achievements was the first ocean-spanning fiber optic cable. Called TAT-8 it extended from Tuckerton, New Jersey following the ocean floor over 3,500 miles until branching out to Widemouth, England and Penmarch, France. Engineers designed the cable carefully to survive on the ocean floor. At its center lies the core. Less that a tenth of an inch in diameter it contained six optical fibers wrapped around a central steel wire. They embedded this in an elastomer to cushion the fibers; surround it with steel strands, and then seal it inside a copper cylinder to protect it from water. The final cable was less than an inch in diameter, yet it could handle some 40,000 simultaneous phone calls.

    The essence of how they send information through a fiber optical cable is very simple. I could have a pre-arranged code with someone at the end - perhaps we'll use Morse code - and I just block the laser so that the person at that end sees flashes that communicate a message. To transmit an analog signal like voice from a phone call along the cable engineers use pulse code modulation.

    We take an analog signal and cut it up into sections and then approximate the wave's loudness or amplitude as best we can. We want to make this a digital signal, which means discrete values of loudness and not just any value.

    For example, I'll use four bits, which means I have sixteen possible values for the loudness. So the first four sections of the signal could be approximated by about 10, 12, 14 and 15. We then take each section and convert its amplitude to a series of ones and zeros. The first bar of value ten when encoded becomes 1-0-1-0. We can do this for each section of the curve. Now, instead of looking at the green waveform, or even the blue bars, we can think of the signal as a series of ones and zeros organized by time. And it is that sequence that we send through a fiber optic cable: A flash for a one and nothing for a zero. Of course, the exact method of encoding is known at the receiving end, so it is a trivial matter to decipher the message.

    Now, you may be wondering how a laser pulses can travel nearly 4000 miles across the ocean: It doesn't without some help because the light will escape from the sides of the fibers.

    Look back at our propylene stream. Here's how the light attenuates as it travels. You can see here a narrow beam in the bucket, that broadens a bit when it enters the stream. And then after the first bounce the beam leaves even broader then it entered: That's because the interface with the air is uneven and the rays that make up the beam strike at slightly different angles. When that beam makes its second reflection those individual rays diverge even more, until by the time it reaches the third bounce many of the rays are no longer at the critical angle and can exit from the sides of the stream. Here it happens in a few inches, but in a cable like TAT-8 the signal travels a stunning 50 kilometers before it needs to be amplified.

    Absolutely amazing! I'm Bill Hammack, via the engineer guy.

    Mar 31, 2014

    Installing Android 4.3 Jellybean on Windows PC

    Google recently announced the latest version of android 4.4 , Kitkat . While there’ is a lot of time left for android 4.4 to arrive . lets tinker around a bit with Android 4.3 in the meanwhile . Today Android is definitely the most popular and domination operating system on cell phones and tablets . but even then, the latest version of android 4.3 is only available on a bunch of high end android phones.


    The only way you can enjoy android 4.3 on your phone is by rooting it and installing a custom android 4.3 ROM . But again Android 4.3 wont run on most low end android phones and even there are no custom Roms for low end android phones . But its not only phones that can run android . How about installing and using android 4.3 from your desktop computer ?

    Yes android 4.3 can be installed and run on a windows computer running windows xp, windows vista, windows 7 or windows 8 , courtesy of Android-x86 , an unofficial initiative to port Google’s Android mobile operating system to run on devices powered by Intel and AMD x86 processors . I have installed the android 4.3 on my computer and its running with all its bells and whistles . Let me guide you through the process of installing android 4.3 on your windows computer . Before we start lets keep a list of things that we will be needing for installing android 4.3 on your computer.

    What we need ?
    • Oracle Virtualbox
    • The latest Android 4.3 image from Android-X86 project.
    Note: You might need to enable virtualization in your computers BIOS . You can enable it from your PC’s bios as shown on this screenshot.

    Zyxel N4100 Wireless Hotspot Gateway with SP300E Ticket Printer review

    Zyxel's N4100 is an Ethernet WAN router, with four 10/100Mbit/s LAN ports and 2.4GHz 300Mbit/s 802.11b/g/n wireless. It comes with a LAN-connected ticket printer and a web interface that makes it easy to configure the printer to generate tickets of different pre-set durations at the touch of the button.

    For each issued ticket, it’ll create a new user with time-limited internet access privileges on its internal database. Up to ten printers can be connected to the N4100 via an Ethernet switch. Up to 100 users can be connected at the same time, although this can be boosted to 200 via a paid-for software upgrade but this adds hundreds of pounds more to the cost.

    The router is designed to make it virtually impossible for devices connected via wireless to access anything connected to the LAN ports, which adds an extra layer of security. In any case, the router should ideally have a dedicated internet connection instead of sharing the same internet connection as the rest of your business.

    All the configuration tools you'll need to set up the N4100 are built into its web interface. As well as guiding you through standard options like setting up a wireless password, it'll also help you through selecting what rights your users will have, such as using your SMTP server for their outgoing mail and whether they'll have to use their entire purchased usage time in one go or not.

    Both of these are particularly useful yet uncommon options for a ticketing system. You can also decide whether you want to use Zyxel's own printer to produce access codes or generate them using a web interface and print them out on a different printer, which is an unexpected but useful option.

    The Advanced menu is a bit more daunting, but contains a wealth of powerful and flexible options for everything from taking payment to directing users to a custom portal page and defining their maximum available upstream and downstream bandwidth. Unfortunately, although it has plenty of features, the router's interface is ugly and unwieldy; the advanced settings menu lists all the various options without any apparent logical order, which makes it frustratingly time consuming to navigate.

    The many options include configuring credit card payment processing directly from your gateway portal using Authorize.net, iValidate.net, Secure Pay, WorldPay or PayPal. One can also create a "walled garden" of sites that users will be able to access without having to log in - handing for linking to your advertising affiliates or just providing a useful news portal for your guests. Up to three different pricing plans can be configured to suit your needs.

    Naturally, one can block undesirable websites by IP address or URL. There's no keyword blocking, though, so you can't implement any blanket policies to prevent users from accessing porn, hacking tools or other dubious content.

    Once set up, the whole system worked reasonably well and produced some impressive data transfer speeds at short-to-mid range, although these started to drop off noticeably at greater distances. We saw throughput of 35Mbit/s at 1m, 34Mbit/s at 10m and 10Mbit/s at 20m. You’ll probably want to invest in multiple wireless repeaters if you’re going to use the system over large areas anyway.

    Verdict:
    Overall, Zyxel's WiFi ticketing system didn’t impress us. Aside from the N4100's confusing and poorly laid out menu system, the printer itself, with its white body and big blue buttons, feels flimsy and looks like something made by Fischer-Price. The system works well enough, but there’s no reason to buy it when you can get easier-to-configure hotspot ticketing systems that also cost less.