FireRack Dual-Mini - ADSL2+ Router / Firewall

The FireRack Dual-Mini is a firewall/router designed for bonding two ADSL/ADSL2+ lines.

Hardware Specification

• AMD Geode LX800 500MHz processor
• 512MB DDR400 RAM
• 2 x ADSL2+ Ports
• 2 x 10/100 Ethernet Ports
• 2 x USB ports (one external)
• Mini PCI socket
• Compact Flash socket
• RS-232 Serial

Industry standard line bonding

Although most of our customers use the FireRack Dual-Mini on the Netservers ADSL network, the device itself is compatible with any ADSL service that supports the industry standard Multilink-PPP protocol (MLPPP). This is the very same protocol used by Cisco and other standards compliant routers.

Annex-A and Annex-M support

Up until relatively recently, all ADSL in the UK was "Annex-A". This provides up to 24Mbps download and up to 1.3Mbps upload rates. The difference with Annex-M is that the upload rates can go as high as 2.5Mbps. This is done by trading some of your download bandwidth for additional upload bandwidth.

Comparing Annex-A to Annex-M

	Max. Download Rate (per line)	Max. Upload Rate (per line)
Annex-A	24Mbps	1.3Mbps
Annex-M	16Mbps	2.5Mbps

The FireRack Dual-Mini fully supports both Annex-A and Annex-M standards.

Read More

Setting Up Your DSL Modem to a Single Computer

How to Setup Your DSL Modem to Your Computer This guide will help you step by step setting up a single computer to a DSL modem. If you are setting up a network please review the article for setting up with a router.

To begin you will need your Comtrend DSL modem/router, a phone cable, an Ethernet cable, the power adapter to the Comtrend, and a computer.

1.] First, we will need to get your Comtrend DSL modem/router. As pictured below it should look similar to the modem here.

2.] Now we will want to get the phone cable, and then plug one end into the LINE port on the Comtrend DSL modem. Once you have done this it should look the same as pictured below.

3.] Now that we have one end of the phone cable plugged into the Comtrend modem, we are going to take the other end and plug it into the phone jack that was dedicated for your DSL.

4.] Next we will want to hook up the Ethernet cable, this cable could be multiple colors. Once you have located the Ethernet cable, we will then plug it into LAN 1x on the Comtrend DSL modem/router.

5.] Now that you have the Ethernet cable plugged into the Comtrend, we will take the other end and plug it into your computer into the Ethernet port. As you can see here we used a laptop, on a desktop computer the Ethernet port is almost always located in the back of the computer.

6.] At this point you should have a setup that looks very similar to what we have shown here. You should have the blue Ethernet cable coming from LAN 1x on the Comtrend to the laptop computer. Then we have the phone cable plugged into the LINE port going into our wall jack that is dedicated for DSL.

7.] We are now ready to plug the power into the Comtrend modem. Once you have located the power adapter, plug one end into the Comtrend, and the other end into your wall outlet or surge protector. We recommend that you plug all your devices into a surge protector if you have one.

8.] If everything is hooked up correctly, you should see a light sequence like shown below. The power light should be solid green, the LAN 1x should blink to indicate data is moving, and the ADSL light should be solid to indicate the service is synced up to our Central Office and your location.

Read More

Jazztel Bonding the new alternative to VDSL

Since the launch by Jazztel of 30/1.5 (now 3) over VDSL, users are away from their central longed for access to this service in order to obtain maximum performance in their lines.

But the strict conditions of employment for VDSL so far have not allowed that dream can become a reality. The only hope for these users on copper pair, almost the majority, and not eligible modalities Cable / FTTH, is that ADSL operators implemented the ADSL bonding as an alternative.

At this point, all plants covered Jazztel VDSL are prepared and ready to start offering turn bonding. As confirmed by the Director of the Division of Residential and CMO Jazztel, Luis del Pozo, in an exclusive interview to bandaancha.eu (and soon to be available on the cover of this page) from the first half of the next 2011, Jazztel plans to launch its marketing Bonding + service, which will offer its existing users synchronization values ​​similar to those enjoyed by lucky customers with coverage for VDSL2.

Bonding +, the alternative to VDSL Jazztel

According to the Well, Jazztel "always attentive to the suggestions of its customers, has decided to launch this new modality, to bring those most affected by the distance factor solution both an economic and high quality. Currently our team technical closely with Huawei technicians, working around the clock for final tuning of Jazztel DSLAM and interesting alternative to offer this in the first third of 2011 "

Recall that the ADSL bonding involves using two lines on copper loop, doubling the theoretical maximum speed of ADSL2 +. This, in addition to the core, and require two physical copper pairs connected to two DSLAM ports, the subscriber must have a router compatible with this standard, from which hang two microfilters, one per line.

Net equipment: Comtrend NexusLink 5631Hg

The company chosen to provide new equipment for customers who sign this new option has been, as it was almost predictable, Comtrend which in turn is working hard to adapt their new NexusLink 5631Hg to the requirements of the operator and the deadlines set by this.

Thus, the new router must support IPv6, be compatible with the standard N and take at least one Gigabit Ethernet port, which lacks elements Based Comtrend model, which itself has two USB port ready to connect external storage devices or usb printer.

Until then, the limited beta tester of this new modality being used to test the latest tuning its predecessor, the NexusLink 5631 , the same team that the British operator BE is provided its users with bonding.

Source photo beusergroup.co.uk / technotes / index.php? xusLink_5631 you ...

Note that although the new method is not intended Bonding + exceed benefits Premium VDSL2 mode, in some lines in tests has achieved up to 40 Mbps in the downstream channel, as we can see here

The price

The trading prices of Jazztel Bonding + are defined yet, but according to the Well, should not exceed the service VDSL, although the cost of keeping the two lines and the launch of the service in the customer's home could reach somewhat expensive product, but, in his own words "along with the usual policy of Jazztel try to strive, as far as possible in the least possible impact these costs to the end user"

Recall that the cost of Jazztel VDSL, right now (final price and without promotions) only exceeds in just 2 € to 20 Mbps service to the operator's intention would then be to not beat this price for users Bonding + hire.

In the coming days we will have more details and information on this interesting scoop that we advance here more summary, on the cover of bandaancha.eu

Read More

Comtrend Launches two NexusLink ADSL2+ Bonded Routers

NL-5631Hg

Comtrend Corporation, a global supplier of advanced networking solutions, today announced the availability of two new NexusLink bonded routers. The new products include the NL-5631Hg wireless ADSL2+ bonded router with HPNA and the NL-5630u wired ADSL2+ bonded router. Both new products help to broaden the depth of the popular NexusLink line of products.

The NexusLink 5631Hg Wireless ADSL2+ Bonded Gateway is the perfect solution for triple play applications. It features dual ADSL2+ bonded ports (up to 48Mbps of downstream bandwidth), four Fast Ethernet ports, a USB host port and 802.11b/g WLAN Access Point (AP).

The NL-5631Hg also includes industry standard HomePNA 3.1 (ITU G. 9954) for supporting triple-play services over existing coaxial cables. Backward compatibility with the HomePNA 3.0 extends network reach to legacy equipment.

NexusLink-5631 and 5630u

HomePNA technology provides data rates up to 320 Mbps with guaranteed Quality of Service (QoS), remote management and diagnostics capability enabling service providers to meet the growing demand for new services such as IPTV and VoIP.

The NexusLink 5631 Wireless ADSL2+ Bonded Router is Comtrend’s leading solution for triple play applications. It features dual ADSL2+ bonded ports that provide twice the bandwidth (48Mbps) over comparable single-port models. It is equipped with four Fast Ethernet ports, two USB ports and an 802.11b/g WLAN Access Point (AP).

The NL-5630u is a wired version of the ADSL2+ bonded router and includes all the features of the NL-5631 except the 802.11b/g WLAN Access Point and USB client port.

Both new NexusLink routers include value-added features such as enhanced security, VPN-pass through and Remote Management (TR-069). A Stateful Firewall (with DoS protection) and NAT/PAT protect the LAN from external threats. IP and MAC address filtering provide fine-grained access control to or from the network. QoS allows classification, control, and prioritization of diverse traffic types for pristine video, toll-quality voice, and error-free data transmissions, while TR-069/TR-098/TR-111 standards compatibility ensures interoperability with central office remote management equipment.

Comtrend was a pioneer and first to market with bonded ADSL2+ CPE products in 2005. The technology of bonded ADSL2+ gives telecom companies an alternative to fiber by utilizing existing copper telephone lines at speeds of up to 48 Mbps of downstream throughput speed. ADSL2+ extends the capability of basic ADSL by doubling the number of downstream bits through combining two or more copper pairs as a single connection. At 1/20 the cost of fiber deployment, ADSL2+ gives carriers the ability to deliver high speed services at long distances from a Central Office.

“Since its debut, the NexusLink gateway has seen strong demand from service providers who appreciate the combination of performance and value in a single device,?says John DiFrenna, Vice President of Sales of Comtrend. “We’ve listened to the suggestions from our clients who requested different versions of the original NexusLink gateway, and the two new products are our quick response to their input. We look to continue expanding the NexusLink line as market needs dictate.?_ Learn more about the NexusLink products at http://www.comtrend.com.

Read More

DualWAN WR-500V Snap Review

More than a dozen years ago, in a wireless card also seventy-eight one thousand times, because the demand for internal assessment, I was able to long-term play. I remember that COMPAQ PCMCIA card, because it was not easy to get a wireless router, only through WINGATE software to a network share, but also very happy to experience the fun of wireless Internet.

For a wireless router, in this forum, I can not be called professional, but the kind of person who likes to share inexplicable taste appealing to me. The hands of the router, as long as the brush, and never let go.

Because at any time with an idle laptop when HTPC, taking into account 24 hours a day, of course, the way When the download, NAS uses. Community network or the WIMAX merge bandwidth (WIMAX concession period after play download, DualWAN very practical, this allows me around the house in Cable Internet (50M / 5M), not renewal), and make full use of the resources.

Beginning to recognize DualWAN, get their hand easily achieved router to test ASUS WL-520GU LINKSYS the WRT54GS machine tried to use although the effect can be, but always think it is flawed, really encountered a small problem when, too embarrassed to ask too much. After all, this is a free firmware release, developers zd under no obligation to support not paid subscribers.

Forbearance for a year, a lot of exclusive features see DualWAN WR-500V own models really get antsy, and finally take the initiative to contact with zd a few weeks ago, originally hoped to buy a WR-500V returned to Taiwan to play later heart read temporary turn, why not buy a few, when a small agent?

With zd discussion, basic maintenance protection generally no problem, because of cross-strait transportation, this is often do things my own company. Zd more concerns, will not cause the price steady growth? I'd not worried because I was originally a fun starting point, as long as the basic freight, customs clearance fees play level, that's no problem.

Much gossip, WR-500V hand has been a period of time, zd simple English version of firmware installed, I posted the first photo, and come back slowly added!

The packaging of these things, the machine body, detachable antenna, network cable and power supply. (Can be used directly in the Taiwan voltage)

Manual yes, but in fact, this product, because the firmware update function is also very complex, so it's really familiar, still have regular official website implementation.

DualWAN, the name suggests, the most important function of course, is the dual WAN port load balancing. A similar machine, I used CISCO RV042, D-LINK LB604, but the two are wired models, the price is too high, if not professional purposes (company MIS), most people just want to play, or less cost-effective.

The DualWAN WR-500V 150M 802.11N wireless transmission capacity is more than enough in everyday applications, Cable used in my 50M/5M, basically can ran at full speed on the test.

I think the fun is the so-called single-line double-dial function, the WAN port can be an entity, continuous dial, made two different IP on the line, superimposed bandwidth purposes. Of course, the same ISP account after continuous dialing is not able to achieve the purpose of bandwidth doubling eventually look at your ISP lock bandwidth.

My side Cable MODEM Internet is automatically assigned an IP automatically obtain the two-wire connection.

WR-500V hardware specifications

System Name DualWAN
Machine Model DualWAN WR-500V
CPU Model Ralink SoC
CPU frequency 320MHz
Flash capacity 8MB
RAM: SDRAM 32M
Wireless: 802.11n 150Mbps
Antenna: detachable SMA 3db
Power: DC 12V
Packing: color box packaging
NAT performance: 94.4Mbits / s

Observed lock bandwidth, not superimposed, but there is an unexpected discovery. I used to use the Next TV TV box, whether it is bandwidth how much, whether it is connected directly to the SWITCH or share HD High Definition channels is very easy to get stuck. But through after WR-500V (single two dial), turned out to be very smooth, a little unexpected.

Read More

BiPAC 5210S Dual Port ADSL2+ Modem Router

Billion's BiPAC 5210S with one Ethernet port and one USB port is an easy-to-use yet economical ADSL router that complies with the latest ADSL industry standards: ADSL2 and ADSL2+, for high-speed Internet access.

The 5210S router can connect directly to two computers, or more by using a switching hub, through USB and Ethernet ports, users can easily benefit from express speed and better data transmission performance via firmware upgrade to ADSL2 / ADSL2+NOTE. Powerful SOHO Firewall features are integrated to protect against hacker attacks while accessing the Internet.

Universal Plug-and-Play compliance and the Webbased user interface make network management easy. The BiPAC 5210S is truly a value-for-money model designed for home and SOHO Users.

Features & Specifications

ADSL Compliance

• Compliant with ADSL Standard
• Full-rate ANSI T1.413 Issue 2
• G.dmt (ITU G.992.1)
• G.lite (ITU G.992.2)
• G.hs (ITU G.994.1)
• ADSL over ISDN/U-R2

• Compliant with ADSL2 Standard
• G.dmt.bis (ITU G.992.3) ADSL2 Annex M (ITU G.992.3 Annex M) (Available for BiPAC 5210SA only)

• Compliant with ADSL2+ Standard
• G.dmt.bisplus (ITU G.992.5) ADSL2+ Annex M (ITU G.992.5 Annex M) (Available for BiPAC 5210SA only)

Network Protocols and Features

• NAT, static routing and RIP-1/2
• NAT supports PAT and multimedia applications
• Multi-to-multi NAT
• Transparent Bridging
• Dynamic Domain Name System (DDNS)
• SNTP
• DNS relay

Top Firewall & Virtual Private Network (VPN)

• Built-in NAT Firewall
• Prevents DoS attacks including Land Attack, Ping of Death, etc.
• Anti probe function
• Packet filtering
• Password protection for system management
• VPN pass-through

Management

• Web-based configuration
• Firmware upgrades and configuration data upload and download via HTTP/FTP
• SNMP v1 & v2c, UPNP, SNTP supported
• Supports DHCP server/client/relay

ATM and PPP Protocols

• ATM Adaptation Layer Type 5 (AAL5)
• Multiple Protocol over AAL5 (RFC 2684, formerly RFC 1483)
• Bridged or routed Ethernet encapsulation
• VC and LLC based multiplexing
• PPP over Ethernet (PPPoE)
• PPP over ATM (RFC 2364)
• OAM F4/F5
• ATM QoS: UBR, CBR, VBR-rt, VBR-nrt

Operating Environment

• Support for OS: Windows 98/ 98SE, 2000, ME, XP, NT, Vista, Linux
• Operating temperature: 0 - 40 °C
• Storage temperature: -20 - 70 °C
• Humidity: 20 - 95% non-condensing
• Can run in the range: 100~240V AC

Hardware Specifications

• Physical Interface
• LINE: ADSL port
• USB: Complies with USB v1.1
• LAN: 10/100Mbps auto-crossover (MDI/MDI-X) switch
• Factory default reset button
• Power jack
• Power switch

• Physical Specifications
• Dimensions: 5.20" x 3.70" x 1.38” (132mm x 94mm x 35mm) Power Requirements
• Input: 15VDC 0.7A

• Models & Standards Supported
• BiPAC 5210SA: Support Annex A and Annex M
• BiPAC 5210SU: Support U-R2 and Annex B
• Annex A and Annex M: ADSL over POTS
• Annex B and Annex U-R2: ADSL over ISDN

Accessories: 01 Splitter, 01 power adapter, 02 RJ-11 cable, 01RJ-45 Cable, 01 USB cable, 01 CD Disk, User manual. Firmware Download here.

Note:
1. The router may require firmware modification for certain ADSL2/2+/ Annex M DSLAMs.
2. Specifications in this datasheet are subject to change without prior notice.

Read More

How-To Bonding Tomato/MLPPP Router

Tomato/MLPPP is a fork of the popular Tomato firmware (http://www.polarcloud.com/tomato) for consumer broadband routers. The primary goal is to enable users to bond multiple DSL connections using MultiLink PPP (MLPPP), and/or to circumvent Bell Canada's DPI-based throttling by using MLPPP on a single DSL line.

This documentation will only cover differences between this fork and the original Tomato firmware. For information on things not covered here, please consult the Tomato website (linked above).

Obviously, your ISP must support MLPPP in order for this firmware to be of any use. Currently, TekSavvy (http://teksavvy.com), Velcom (http://www.velcom.ca), Acanac (http://www.acanac.ca), Caneris (http://www.caneris.com), LOGIX (http://www.logix.ca), and NetFlash (http://netflash.ca) are known to support MLPPP, while Electronic Box (http://www.electronicbox.net) is currently working on enabling MLPPP support. If your ISP supports MLPPP and you can confirm that you have it working, please contact us and we'll add it to this list.

This video shows how to (real) bond two DSL lines using Tomato/MLPPP on a Linksys router. Your ISP must support MLPPP (few do).

Attached to this post, you will find v1.19-mp1 of the firmware, as well as the source.

This firmware has only been tested on the WRT54GL v1.1, but should run on the following routers:

- Linksys WRT54G v1-v4, WRT54GS v1-v4, WRT54GL v1.x, WRTSL54GS (no USB support)
- Buffalo WHR-G54S, WHR-HP-G54, WZR-G54, WBR2-G54
- Asus WL500G Premium (no USB support)

Download Tomato/MLPP firmware tomato-mlppp-1.19-mp1.rar

Download Zeroshell/MLPP firmware zeroshell-mlppp-mz1alpha1.tar.bz2

Attached to this post you will find the first release of Tomato/MLPPP, a fork of the popular Tomato firmware for various consumer broadband routers. It allows you to bond two or more DSL lines to multiply your speed, and also circumvents Bell's throttling even if you only have one DSL line.

Read More

Cisco Model EPC2425 EuroDOCSIS 2.0 Wireless

Cisco Model EPC2425 EuroDOCSIS 2.0 Wireless Residential Gateway with Embedded Digital Voice Adapter

The Cisco® Model EPC2425 EuroDOCSIS 2.0 Wireless Residential Gateway with Embedded Digital Voice Adapter (EPC2425) is a high performance home gateway that combines a cable modem, two-line digital voice adapter, router and wireless access point in a single device providing a cost-effective voice and networking solution for both the home and small office.

The EPC2425 has been designed to meet EuroPacketCable™ 1.5 and EuroDOCSIS™ 2.0 specifications. In addition, the EPC2425 is fully backward compatible for use on both EuroDOCSIS

Features

• Compliant with EuroDOCSIS 2.0, 1.1, and 1.0 standards along with EuroPacketCable specifications to deliver high-end performance and reliability
• High performance broadband Internet connectivity to energize your online experience
• Two-line embedded digital voice adapter for wired telephony service
• Four 10/100BASE-T Ethernet ports to provide wired connectivity
• 802.11g Wireless Access Point with 4 service set identifiers (SSIDs)
• Wireless Protected Setup (WPS), including a push button switch to activate WPS for simplified and secure wireless setup
• Two RJ-11 telephony ports for connecting to in-home wiring or directly to conventional telephones or fax machines
• Dual antenna design - one internal and one detachable external
• User configurable Parental Control blocks access to undesirable Internet sites
• Advanced firewall technology deters hackers and protects the home network from unauthorized access
• Attractive compact design that allows for vertical, horizontal, or wall-mounted operation
• TR-068 compliant color-coded interface ports and corresponding cables simplify installation and setup
• DOCSIS-5 compliant LED labeling and behavior provides a user and technician friendly method to check operational status and act as a troubleshooting tool
• Allows automatic software upgrades by your service provider

Cisco Model EPC2425 EuroDOCSIS 2.0 Wireless Residential Gateway with Embedded Digital Voice Adapter Manual

Read More

CISCO WPS PIN Brute Force Vulnerability

Cisco Response

On December 27th, 2011 US-CERT released VU#723755 available here:
http://www.kb.cert.org/vuls/id/723755

The US-CERT Vulnerability Note describes a vulnerability that exists in the Wi-Fi Alliance Wi-Fi Protected Setup (WPS) certification program. The WPS certification program is based on the Wi-Fi Simple Configuration protocol, in which an Access Point (AP) has a static PIN that allows access and configuration from an External Registrar (ER). An AP with WPS enabled and configured to use a static PIN will allow a WPS-capable ER, that provides the correct PIN, to join a properly secured network. A weakness in the protocol affects all APs that have a static PIN, and may allow an unauthenticated, remote attacker to use brute force calculations to determine the AP's PIN in a short amount of time.

The vulnerability is due to a flaw that allows an attacker to determine when the first four digits of the eight-digit PIN are known. This effectively reduces the PIN space from 107 or 10,000,000 possible values to 104 + 103, which is 11,000 possible values. The eighth digit of the PIN is utilized as a checksum of the first seven digits and does not contribute to the available PIN space. Because the PIN space has been significantly reduced, an attacker could find the WPS PIN in as little as a few hours.

The affected devices listed below implement a 60-second lockout after three unsuccessful attempts to authenticate to the device. While this does not substantially mitigate this issue, it does increase the time to exploit the protocol weakness from a few hours to at most several days. It is our recommendation to disable the WPS feature to prevent exploitation of this vulnerability.

Vulnerable Products:

Product Name	Is the WPS feature enabled by default?	Can the WPS feature be permanently disabled?
Access Points
Cisco WAP4410N	Yes	No
Unified Communications
Cisco UC320W	Yes	Yes (See Note 2)
Wireless Routers/VPN/Firewall Devices
Cisco RV110W	Yes	Yes
Cisco RV120W	No	Yes
Cisco SRP521W	Yes	Yes
Cisco SRP526W	Yes	Yes
Cisco SRP527W	Yes	Yes
Cisco SRP541W	Yes	Yes
Cisco SRP546W	Yes	Yes
Cisco SRP547W	Yes	Yes
Cisco WRP400	Yes	No

Note 1: The Cisco Valet product line is maintained by the Cisco Linksys Business Unit. Information concerning the Cisco Valet line as well as information on Linksys by Cisco products is available at http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&articleid=25154

Note 2: The UC320W series devices can be configured to disable WPS through a Platform Modification File (PMF). A PMF to accomplish this has been posted as DisableWPS.pmf at the following link: https://supportforums.cisco.com/docs/DOC-16301

Products Under Investigation:

Product Name	Is the WPS feature enabled by default?	Can the WPS feature be permanently disabled?
Cable and DSL Home Access Products
Cisco DPC/EPC2320	Under Investigation	Under Investigation
Cisco DPC/EPC2325	Under Investigation	Under Investigation
Cisco DPC/EPC2325R2	Under Investigation	Under Investigation
Cisco DPC/EPC2420	Under Investigation	Under Investigation
Cisco DPC/EPC/DPQ2425	Under Investigation	Under Investigation
Cisco DPC/EPC2425R2	Under Investigation	Under Investigation
Cisco DPC/EPC2434	Under Investigation	Under Investigation
Cisco DPC/EPC3825	Under Investigation	Under Investigation
Cisco DPC/EPC3827	Under Investigation	Under Investigation
Cisco DPC/EPC/DPQ3925	Under Investigation	Under Investigation

Products Confirmed Not Vulnerable:

Product Name	Not Affected Reason
Access Points/Wireless Bridges
Cisco AP541N	Does not support WPS
Cisco WAP200	Does not support WPS
Cisco WAP200E	Does not support WPS
Cisco WAP2000	Does not support WPS
Cisco WET200	Does not support WPS
Unified Communications
Cisco UC500 Series	Does not support WPS
Wireless Cameras
Cisco WVC210	Does not support WPS
Cisco WVC2300	Does not support WPS
Wireless Routers/VPN/Firewall Devices
Cisco SA520W	WPS not enabled by default Does not support PIN-ER configuration Mode
Cisco RV220W	Does not support WPS
Cisco WRV210	Does not support WPS
Cisco WRVS4400N	Does not support WPS

Additional Information

Workarounds:
Disable the Wi-Fi Protected Setup feature on devices that allow the feature to be disabled, as listed in the Vulnerable Products table. Cisco Systems has verified that the products that support disabling the WPS feature do indeed disable it and are not vulnerable once the feature has been disabled from the management interface.

Fixed Software:

Product Name	Fixed Software
Cisco WAP4410N	To Be Released
Cisco RV110W	To Be Released
Cisco RV120W	To Be Released
Cisco UC320W	To Be Released
Cisco SRP521W	To Be Released
Cisco SRP526W	To Be Released
Cisco SRP527W	To Be Released
Cisco SRP541W	To Be Released
Cisco SRP546W	To Be Released
Cisco SRP547W	To Be Released
Cisco WRP400	ETA: February 2012

Note: The Cisco Valet product line is maintained by the Cisco Linksys Business Unit. Information concerning the Cisco Valet line as well as information on Linksys by Cisco products is available at http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&articleid=25154

Exploitation and Public Announcements:

Exploit code and functional attack tools that exploit the weakness within the WPS protocol have been released.

This vulnerability was discovered by Stefan Viehbock and Craig Heffner.
Status of this Notice: Final

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.

Revision History

Revision 4.0	2012-February-29	Updated the Can the WPS feature be permanently disabled? column of the table in the "Vulnerable Products" section for WAP4410N: changed from Yes to No. PSIRT would like to thank Bill Sanderson for pointing out this document error. Corrected the "Fixed Software" section to include the full product name of the WAP4410N.
Revision 3.0	2012-January-27	Updated text for clarity. Updated the Cisco UC320W WPS Disable status to Yes due to release of DisableWPS.pmf. Added Cable and DSL access products currently under investigation. Added a link to Linksys product documentation.
Revision 2.0	2012-January-18	Updated information for the Cisco WRP400.
Revision 1.1	2012-January-11	Corrected text mistakes in researcher's name.
Revision 1.0	2012-January-11	Initial public release.

Cisco Security Procedures

Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.

Read More

Anne Curtis ASAP 18 Controversial Strapless Dress

Anne Curtis's sexy outfit during her performance in “ASAP 18” on Sunday, February 24 did not escape the eye of the Movie Television Review and Classification Board (MTRCB).

MTRCB called the attention of the Sunday noontime variety show for its “provocative number.”

Anne performed Rihanna’s “Diamond” while being drenched with water, wearing a black strapless gown with a very high slit. Her performance and outfit soon went abuzz online.

MTRCB posted the following on its official Twitter account on Tuesday, February 26.

Anne on controversial outfit: 'I was completely protected'

Anne Curtis posted a photo of her black strapless dress on Tuesday, February 26, to clarify the issue.

Anne explained that her outfit designed by Boom Sason was a “bodysuit with a hidden tangga.” She assured everyone that no wardrobe malfunction happened, contrary to what many believed.

On Tuesday afternoon, February 26, Anne posted, “TAAAADAAA! I present to you the controversial @boomita outfit I wore for my birthday number on ASAP. As you can see we have a bodysuit with a hidden tangga to make way for the sky high slit skirt. It is made out of 2 pieces. In fact the "tangga" is made out of swimsuit material which Boom Sason is also known for making. I was completely protected.

It may have seemed like a wardrobe malfunction to many but I can assure you, after making the mistake of not securing myself once I wouldn't let that happen to me again. :) So to settle all your minds I just had to post this. Thank you to everyone that was concerned! To everyone that's trying to make an issue out of it! Thank you! ABSCBN news just told me its their most clicked on video on their site ever! Just relax everyone! Wearing a tangga is no newbie in the industry! It's been around since the 80's :)”

Read More

'Wowowillie' summons over gender-sensitivity issues

After summoning ABS-CBN and GMA-7 over provocative numbers in its respective show, the MTRCB (Movie and Television Review and Classification Board) is calling the attention of TV5, this time on gender-sensitivity issues raised in its noontime variety show “Wowowillie.”

The program recently made news after main host-producer Willie Revillame reprimanded fellow hosts Ethel Booba and Ate Gay on air for allegedly getting irked for losing in the “Mini-concierto” talent contest. This, in turn, led to a confrontation among the three parties in the Feb. 28 edition of the show.

Portrayal of women

MTRCB Chair Eugenio Villareal told Yahoo! Philippines OMG! in a phone interview that he summoned TV5 executives to his office to discuss the said episode as well as other viewers' complaints regarding the portrayal of women on the noontime variety show.

“The summon to TV5 over “Wowowillie” was further to the Memorandum of Understanding (MOU) between MTRCB and the networks, ABC included, on the portrayal of women in media as well as on account complaints of on-air decorum we received through social media and based on our own monitoring. It concerns a recent episode where there was an on-air castigation of a female talent, as well as that female talent’s use of unsavory language in referring to a talent from another network. To be tackled too is the manner how women appear in the said show,” Villareal said. MTRCB and TV5 representatives will meet over the said issue on Wednesday, March 13.

“We sent them already a notice for inquiry and that would be on Wednesday, 2pm. We will be having a panel for that, an ad hoc committee,” Villareal added. - source

Read More

Sabah: Unresolve Thousand Stateless Childrend

SANDAKAN: Sabah’s image is getting a severe beating as a result of the increasing number of stateless children, Deputy Minister in the Prime Minister’s Department, VK Liew, said.

He added that it was imperative that the government give this issue its urgent attention.

“We must find ways to resolve this outstanding issue once and for all.

“Al Jazeera (news channel) showed ugly scenes of stateless children sniffing glue in Sabah. These scenes were taken in the city (Kota Kinabalu) and the nearby Pulau Gaya.

“These stateless children do not represent the Malaysian society in Sabah.

“They are here because many of their parents, who are illegal immigrants, have either abandoned them or left them when they were arrested or deported to their countries of origin.”

Stateless children are a by-product of the massive influx of illegal immigrants into Sabah.

According to an Asia Foundation December report, the demand for cheap labour in Sabah’s palm oil plantations and its labour-intensive production processes have kept the migrants coming since the 1970s.

The report noted that as at 2009, Sabah was home to about 52,000 stateless children and the numbers were steadily increasing.

These children were mainly from Indonesian and Philippines plantation workers who grew up on palm oil plantations.

“Others spend their childhood on the streets, as child labourers, and are exposed early to social ills like glue sniffing, drugs, petty crime, or child abuse,” noted the report.

Serious issue

Speaking to reporters here after his “Bringing service to people” programme, Liew said the central issue was the massive illegal immigrant population in Sabah.

“This issue has plagued us for decades. We can no longer pretend and hope that the problem will go away one day.

“These children are a serious issue. They will grow up in our society. The issue is not going to disappear if we don’t do something.

“We need a pro-active approach to these children without names. They must be identified and pursued without fail,” said Liew, who is also Sandakan MP.

Liew, who is also Liberal Democratic Party (LDP) president, is among a rare few Sabah Barisan Nasional (BN) leaders who have openly called for a solution to the perennial issue which has ripped apart Sabah’s socio-political and economic fabric.

Another BN ally, Parti Bersatu Sabah (PBS), had recently warned the federal and state governments that the people of Sabah would no longer stand idly by if the security situation within the state degenerates into chaos due to illegal immigrants.

Sabah has the highest number of poor in the country and an increasing crime statistic.

PBS had also warned that BN stood to lose Sabah over the illegal immigrant issue.

The illegal immigrants population currently exceeds native Sabahans.

Call for RCI

According to Common Interest Group Malaysia (CigMA)chiarman Daniel Jambun, there are currently “1.7 million illegals in the state and this is the mother of all issues in Sabah”.

“Today, the 1.5 million Sabahans have effectively been marginalised and disenfranchised in their own land by the illegal immigrants because the federal government chooses to do nothing.”

Both CigMA and opposition PKR have called for the setting up of a Royal Commission of Inquiry to resolve the illegal immigrant issue.

But the federal goverment has refused to response to the call. Many believe that this is primarily because Umno was allegedly involved in legalising illegal immigrants in the 1990s.

Sabah Chief Minister Musa Aman was allegedly the director of Sabah Umno Task Force from 1919-1993 and charged with recruiting foreigners as voters by granting then Malaysian citizenship.

Currently, many of the theories being bandied around is that both Sabah Umno and PBS need the illegal immigrant votes to stay in power and ensure a BN win in the parliamentary polls. - source

Read More

Halaw: What happens now to the children of Sabah?

Commentary

Halaw in Malay-Bahasa means “driven away” and until very recently had not been given a face until news of the Lahad Datu standoff hogged the headlines in early February. In the early 80s, halaw was used to describe persons whose heads were shaved to identify them as those to be “deported” from the port of Sendakan in Malaysia.

Students of the Stairway to Hope Learning Center in Kota Kinabalu, an alternative learning center for Filipino

Recent news on Filipinos fleeing Sabah over reports of police brutality and random crackdowns, while alarming and disturbing, remain unchecked, and so has the plight of the children that have been driven away from this island off the Sulu-Celebes seas.

In 2011, the Commission on Filipinos Overseas reported a 124 percent increase of irregular migrant Filipinos in Malaysia from 200,000 in 2010 to 447,590 in 2011. The Philippine Embassy in Kuala Lumpur last year reported that 569,451 or 18.2 percent of the 3,117,405 total population of Sabah are Filipinos, both documented and undocumented. A Federal Task Force in Sabah, in turn, estimated that there are more than 30,000 children of undocumented Filipinos in Sabah whose births were not registered by their parents.

Being undocumented, most of these children are denied access to education as the Malaysian Ministry of Education almost exclusively offers schooling to Malaysians.

Why Sabah?

Apart from the historical and cultural nuances of the Sultanate of Sulu's claims on the disputed island, Sabah, a boat ride away from Bongao in Tawi-Tawi, contributes 23 percent of Malaysia's Gross National Product or (GNP). More than 80 prcent of the 1,669 hectares have been developed with industries ranging from wood, rubber products, food, metal, plastics, ceramic and automotive parts.

These industries have lured many Muslims from Tawi-Tawi, Sulu and Basilan as well as other parts of Mindanao to take on jobs they would otherwise not find in the desolation of the region amid the insurgency and banditry that continue to plague some areas.

Malaysians since the 1990s have viewed the growing number of Indonesians and Filipinos in the islands as a threat to job opportunities intended for Malaysians. Thus the massive crackdowns and document checking that Malaysian police are known to conduct. Those found with “no documents” are loaded on boats toward the wharf in Zamboanga and are called halaw.

Stateless children

Most of these Filipino workers arrive in Sendakan, the second largest city in Sabah, with no papers or identity cards and move onward to find work through a network of kinship and easily mix in with the local residents. Most go to Sabah in their twenties and start receiving 400 to 600 ringgits (P5,000 to P8,000) a month with two free meals a day as they work for plantations, factories or restaurants and hotels.

Since their ancestors used to move from Bongao and Jolo port with no worries about legal papers or border crossing, many continue to believe what has been culturally ingrained in them that Sabah is part of the Sultanate of Sulu.

While they learn Bahasa for work, among themselves they speak Tausug or Sama and, intermittently, Tagalog.

And in the island and the network of Filipinos in the community, they marry among themselves, bear children and fail to go through the trouble of the mundane task of birth registration—leaving their children stateless with no passports and no rights to their basic requirements such as basic health and education.

Bayanihan for the stateless children

From Kota Kinabalu to Lahad Datu, Filipinos have pooled their resources to address the problem of the lack of access to education of Filipino school-age children.

Informal learning facilities managed by Filipino community leaders have been set up. They have put up makeshift classrooms, called for volunteer teachers, and continue to find ways to go beyond the basic reading, writing and arithmetic classes they now provide.

The Philippine Embassy has even made arrangements with an Indonesian foundation that operates in Lahad Datu. A number of the Filipino children go to these Indonesian learning centers that are funded by the Indonesian government, follow the Indonesian curriculum and are recognized by the Ministry of Education in Indonesia in view of the large number of Indonesian workers in the plantation.

In Semporna, the nonprofit Humana Child Aid Society started operating alternative learning centers in plantations in Lahad Datu in 1991. It provides basic informal education that serves Indonesian and Filipino children, children of the Bajau Laut (an ethnic group of Malay origin whose members have for centuries lived out their lives almost entirely at sea, plying a tract of ocean between Malaysia, the Philippines and Indonesia), construction workers, drivers and plantation workers. Of the 10,000 children in their schools, 1,500 are Filipinos.

Beyond ceasefire toward more uncertainty

While the Aquino administration and the Kirams fight it out in the media, the glaring truth is, many of those displaced by the standoff face more uncertainty.

Not exactly OFWs or overseas Filipino workers because they left using the backdoor without registering with the Philippine Overseas Employment Administration or the Overseas Workers Welfare Administration, the halaw cannot qualify for emergency assistance and face the difficult task of reintegration.

The National Commission on Muslim Filipinos (NCMF) has set up emergency desks that are expected to provide about P20,000 to 30,000 in financial assistance to families arriving from Sabah but with no homes, no work and nowhere to go.

The uncertainty can be difficult to bear. And sooner or later, many of those who arrive will find ways to go back to Sabah not only for work but because they have left family behind in the mad dash for safety.

The children, on the other hand, while born to Filipino parents have never set foot in Mindanao and, worse, are not even considered Filipino. Onsite birth registration centers from National Statistics Office and an inter agency team from the Department of Social Welfare and Development, Department of Education and the NCMF would be helpful to assess their emotional, health and educational needs.

Already, talks abound that an emergency Pantawid Pamilyang Pilipino Program where conditional cash transfers will be provided to those arriving from Sabah is being put in place by the DSWD. But with 400,000 irregulars coming from Malaysia, will this be a tenable solution?

Beyond the registration and CCTs, government should look at facilities at the Zamboanga, Bongao, and Sulu ports for health centers, shelter units and alternative learning centers for these children and their families.

Moreover, multilateral organizations such as United Nations Children's Fund, United Nations High Commissioner for Refugees and the International Organization for Migration would best look at their portfolios to look at realigning their 2013 budgets toward becoming more responsive to this vulnerable group's needs.

With the numbers expected to increase as the standoff continues, local government units at the receiving end of newly arrived, displaced Filipinos should also be assisted in improving their capacities to address the increasing needs of their “new constituency.”

(Cherry Joy Veniles has more than 10 years experience in Filipino migration and was head of the Policy Planning and Research Division of the Commission on Filipinos Overseas. VERA Files is put out by veteran journalists taking a deeper look at current issues. Vera is Latin for "true.")

Read More

Filipino refugees claim of police brutality in Sulu roundup

KUALA LUMPUR, March 10 ― Thousands of Filipinos are reportedly fleeing Sabah for the Philippines, gripped with fear over horror tales of torture and violence allegedly used by the Malaysian police on Suluks and suspected followers of the Kiram clan.

Refugees interviewed by The Philippine Daily Inquirer yesterday claimed they fled their homes in east Malaysia after witnessing aggressive acts used by authorities here during widespread operations to flush out the Sulu invaders earlier this week.

One refugee said Filipino men were dragged from their homes and beaten, then forced to run while the police shot arbitrarily at them, even after they produced immigration documents to prove their stay in Malaysia was valid.

Reports have also reached the self-proclaimed Sulu “Sultan” Jamalul Kiram III, whose brother Agbimuddin Kiram is leading the armed incursion in Sabah, that Malaysians of Tausug descent were being singled out in the operations and brutalised at the hands of the police, including those who held MyKads.

The Tausug are also known as the Suluk people, who come from Sulu in the Philippines.

“[The Malaysians] claim they are enforcing maximum tolerance, but there’s no truth to that. Instead, maximum violence is what’s happening. Even women, pregnant women, and children are being fired upon by Malaysian forces,” Jamalul’s daughter, “princess” Jacel Kiram, was quoted as saying in a report on Manila Standard Today.

The Sultanate’s spokesman, Abraham Idjirani, claimed that a pregnant woman, who was rounded up during the operation, even went into labour while under arrest in Kampung Tanduo, Lahad Datu, where the Sulu army’s hideout was at the time.

“The pregnant woman gave birth at the police station, but the newborn died shortly after… People are being manhandled by the police,” Idjirani said, according to Manila Standard Today. “They are arresting not only Filipinos and supporters of the sultanate, but also rounding up even their own citizens.”

In the Inquirer, a 32-year-old Filipino named Amira Taradji said her brother was killed at the hands of the Malaysian police during their rounding-up of suspected supporters.

“They dragged all the males outside the house, kicked and hit them,” she told the daily in a phone call from Patikul, Sulu, shortly after she arrived in the Philippines on Friday night along with some 200 other refugees.

Taradji claimed that Malaysian security forces stormed villages in the coastal constituency of Sandakan where she was staying on Monday night, and in the ordeal, her brother Jumadil was allegedly gunned down after he was forced by the police to run as fast as he could.

According to the Inquirer, officials said there are now close to 1,000 refugees who have fled Sabah for Sulu and Tawi-Tawi, while more are expected to arrive over the next few days as Malaysia continues operations flush out the Sulu invaders.

Taradji also reported of horror tales that Malaysian authorities are deliberately starving those currently detained on suspicion of their connection or support for the Sulu incursion.

“Even if you have valid immigration document, you will not be spared. If you are lucky to reach the jail, you will die of starvation because they will not feed you,” she said, according to the Inquirer.

Taradji is reportedly a MyKad holder and has lived in Sandakan since she was six-years-old, but said she still decided to flee Sabah after witnessing the use of aggression by the police on Filipinos.

Another refugee, 47-year-old Carla Manlaw, told the Inquirer that she left Sabah after news spread like wildfire through the villages that the police were rounding up Filipinos and arbitrarily shooting at them.

“My employer has no problem with having a Filipino employee. But what bothered me was the police,” she was quoted as saying.

Jolo Mayor Hussin Amin told the Inquirer that he had spoken to many of the evacuees from Sabah and was told repeatedly of the alleged abuses by the Malaysian security personnel.

“Soldiers and policemen stormed their houses and even those with legitimate working papers like passports and IC papers were not spared. These documents were allegedly torn down before their eyes. Men were told to run and were shot if they did. Those who refused were beaten black and blue. Filipinos inside the jail were executed,” he said.

“We are asking our government to investigate now. Refugees from Sandakan and Sabah share [the same] ordeals. If indeed what they have been telling us is true, then Malaysian authorities were not just targeting the Kirams in Lahad Datu,” Amin added, according to the Inquirer.

The Malaysian government repeated its stand yesterday that it will continue hunting down Sulu invaders in Lahad Datu until every single militant is flushed out of the country.

Home Minister Datuk Seri Hishammuddin Hussein pointed out that the militants have refused to back down despite the all-out assault on their group by Malaysian security forces, The Star Online reported.

“They have not laid down their arms unconditionally, so this will go on,” he was quoted as saying yesterday, before adding that all those on duty to clear the bodies off the gunmen must prioritise their safety.

“We heard about people saying there were booby traps on the blast sites so my advice is plan your moves properly and make sure safety is the top priority on the list,” he added.

Hishammuddin also confirmed that the current Sulu death toll was at 53 but said there may be more lives that have yet to be accounted for.

Malaysia launched an all-out assault on the Sulu group on Tuesday morning, using fighter jets to rain down bombs on Kampung Tanduo where the Sulu group had been hiding.

After the airstrike, ground troops moved in for the “mopping up” operations, going from door-to-door and advancing slowly over the uneven terrain surrounding the coastal village to hunt down the armed militants.

Despite reports of the rising number of Sulu deaths, however, the Kiram clan said on Friday it believes that only 10 of its men have fallen, suggesting the use of propaganda by Malaysia to claim success over its attack on the Filipinos.

Spokesman Idjirani said the family wanted Malaysia to permit foreign journalists, including those from the Philippines, to enter the conflict zone in Lahad Datu, Sabah, to confirm the Sulu death toll.

“You must allow the foreign and local media into the conflict areas to verify their claims. Until that is done, everything is subject to debate,” he was quoted in The Philippine Star as saying in a Friday report.

Agbimuddin last contacted his family in the Philippines at 2.30 pm Friday, according to the Philippine Daily Inquirer, saying he and his men were still alive and on the run but were suffering from hunger. - source

Read More

Researchers publish open-source tool for hacking WiFi Protected Setup

On December 27, the Department of Homeland Security's Computer Emergency Readiness Team issued a warning about a vulnerability in wireless routers that use WiFi Protected Setup (WPS) to allow new devices to be connected to them. Within a day of the discovery, researchers at a Maryland-based computer security firm developed a tool that exploits that vulnerability, and has made a version available as open source.

WiFi Protected Setup, a standard created by the WiFi Alliance, is designed specifically for home and small business users of wireless networking to easily configure devices without having to enter a long password. Offered as an optional feature on WiFi routers from a number of manufacturers, it automates the setup of the WiFi Protected Access 2 (WPA2) authentication between the router and a wireless device. One of the standard's methods of establishing connection that is supported by all WPS-capable routers is the use of a personal identification number, usually printed on the wireless router itself, to authenticate the device.

But as security researcher Stefan Veihbock found and reported to US-CERT, the PIN implementation is susceptible to "brute-force" attacks because of the way routers respond to bad requests, and the nature of the PIN itself. When a PIN request fails, the message sent back to the wireless device attempting to connect contains information that can help an attacker by revealing whether the first half of the PIN is correct or not—reducing the number of guesses that an attacking system would have to make. Additionally, the last number of the PIN is a checksum for the the rest of the PIN. As a result, an attacker could get the PIN within 11,000 guesses. Veihbock demonstrated the vulnerability with a proof-of-concept tool he wrote in Python, available for download from his site.

That wouldn't be as much of a problem for security if wireless access points locked out devices after repeated bad PIN entries. But on many WPS wireless routers, there is no lockout feature. That means attackers can continue to attempt to connect at their leisure.

And unlike passwords, the PIN is something that can't usually be changed by the router's owner. That presents a huge security loophole for attackers—once they've gained the PIN, they can reconnect at will to the network, even if the administrator has changed the password or service set identifier (SSID) for the network. And on access devices that have multiple radios in them providing network connectivity for different SSIDs with different passwords, the PIN can provide access to all of the wireless networks on the router.

According to a blog post by Tactical Network Solutions' Craig Heffner, this type of attack is one that researchers at the Columbia, Maryland based security firm have been "testing, perfecting, and using for nearly a year." Now the company has released an open-source version of its tool, Reaver, which Heffner says is capable of cracking the PIN codes of routers and gaining access to their WPA2 passwords "in approximately 4 [to] 10 hours." The company also is offering a commercial version of the tool that offers features like a web interface for remote command and control, the ability to pause and resume attacks, optimized attacks for different models of wireless access points, and additional support.

The routers most vulnerable to these attacks—the ones without PIN lockout features—include products from Cisco's Linksys division, Belkin, Buffalo, Netgear, TP-Link, ZyXEL, and Technicolor. None of the vendors has issued a statement on the vulnerability, or replied to inquiries from Veihbock.

Read More