P&T Luxembourg Tests Alcatel-Lucent’s Zero-Touch Vectoring

P&T Luxembourg is testing Alcatel-Lucent's Zero-Touch Vectoring to evaluate how the technology can help the operator meet the national government’s "Ultra High BroadBand" plan - which aims at providing all Luxembourg residents with broadband speeds of 100 Mbps downstream and 50 Mbps upstream by 2015.

VDSL2 Vectoring is a noise-cancelling technology that removes the interference between the multiple VDSL2 lines, so that each VDSL2 line can operate at its best and deliver higher data transmission speeds. P&T Luxembourg is already deploying Alcatel-Lucent’s GPON and P2P-based fiber access solution. http://www.alcatel-lucent.com

In October 2012, Alcatel-Lucent introduced new signal processing software developed by Bell Labs that promises to shake up the business model for VDSL2.

The new ‘Zero Touch Vectoring’capability eliminates the need to upgrade every CPE in a copper node whenever the first customer opts for faster broadband access delivered over a VDSL2 vectored line. Previously, a carrier choosing to deploy VDSL2 Vectoring was required to upgrade every modem on the network in order to properly handle the crosstalk elimination.

Alcatel-Lucent introduced the first commercial VDSL2 Vectoring solution in September 2011, delivering 100 Mbps over existing copper loop lengths of 400 meters. VDSL2 vectoring uses digital signal processing to remove crosstalk between copper pairs in a bundle, similar to noise cancellation in headphones. From line cards at the central office or DSLAM, the system measures the crosstalk from all the lines in the bundle and then generates an anti-phase signal to cancel out the noise. Alcatel-Lucent developed its own chipset and software. The VDSL2 vectoring is delivered via a 48-port Board Level Vectoring card, a 48-port System Level Vectoring card, and a Vector Processing card supporting up to 384 ports.

Read More

Path traversal in TP-LINK WR740 and possibly others

Summary

TP-Link WR740 routers are vulnerable to a path traversal vulnerability on the web administration interface. Unauthenticated users are able to read any file from the device.

Description

Models:	WR740N, WR740ND and possibly others. Update: People have been reporting on forums that models WR743ND,WR842ND,WA-901ND,WR941N,WR941ND,WR1043ND,WR2543ND,MR3220,MR3020,WR841N are also based on the same HTTP daemon but we haven't been able to test it ourselves.
Firmware:	3.12.11 Build 111130 Rel.55312n and possibly others
Date:	26/05/2012
Severity:	High
Impact:	Disclosure of configuration and password files.
Attack vector:	Remote. No auth required.
Solution:	N/A

The router TP-Link WR740ND/WR740N has a HTTP server running on port 80 handling the web management interface.

There exists a path traversal vulnerability in the URI "/help" that allows attackers to read any file including configurations.

It is possible to read other configuration files if the services have been configured previously. (No-IP, DyDNS, Samba, NFS)

POC

After further research we discovered that the URL was posted before on some russian forum, but not mentioned as a vulnerability and specifying another model.

Paulino Calderón
calderon()websec.mx

Read More

Technology Used Primarily for Next Generation Network/FTTH

With the progress in the Technology, larger bandwidths are required with the increasing complexities. Corporate Units, homes offices, ATM has forced FSAN group to look for better technologies. FSAN initiated the Gigabite Passive Optical Network (GPON) Standardization work in the Year 2001, for designing networks offering high data transmission with a transmission capacity as high as 1Gbps.. Another specialized feature of GPON is that it offers coverage data and voice service upto 2.5 Gbps, and so gives a big advantage over the other available schemes.

GPON:

EPON:

Ethernet equipment vendors formed Ethernet in the First Mile Alliance (EFMA) to work on a architecture for FTTH as Ethernet is a dominant protocol in Local Area Network. EPON based FTTH was adopted by IEEE standard IEEE802.3ah in September 2004. Adopting Ethernet technology in the access network would make uniform protocol at the customer end simplifying the network management. Single protocol in Local Area Network, Access Network and Backbone network enables easy rollout of FTTH.

EPON standards networking community renamed the term ‘last mile’ to ‘first mile’ to symbolize its importance and significance access part of the network. EFM introduced the concept of Ethernet Passive Optical Networks (EPONs), in which a point to multipoint (P2MP) network topology is implemented with passive optical splitters.

EPON, is largely vendor-driven standard and it is fundamentally similar to ATM-PON but transports Ethernet frames/packets instead of ATM cells. It specified minimum standardization and product differentiation, also it has decided not to standardize the Bandwidth allocation algorithm (DBA), TDM and ATM support, Security, Authentication, WDM Overlay Plan, support for Analog Video Protection, Diagnostics, Monitoring,, Compliance with existing OSS leaving these to the vendors to choose the best.

Read More

Multiple Ports / Flexible 100Base-FX Fiber Optical connective for Distance Extension Solution

Functional re-evolution! Enhanced Management Features PLANET FGSW-2624SF Managed Fiber Switch has excellent reputation from FTTx Service Providers by offering multiple high-speed fiber ports and high flexibility in network deployment. To bring users better and better performed Ethernet networking, PLANET introduces FGSW-2624SF update version with minor changes in hardware but greatly promoted management functions in firmware. The FGSW-2624SF features highly secure SSL function, Telnet command line management mode, and SNMP 4 RMON Groups (Statistics, History, Alarm and Event) besides the existing user-friendly WEB management interface.For L2 / L4 switching management, Q-in-Q (Double Tag) VLAN is included to fit the increasing demand in Metro Access application; IP DSCP QoS priority is also featured to enhance the VoIP streaming in the fiber-optic network. With these advanced networking features, the FGSW-2624F is most suitable for long-distance fiber-optic network deployment like IP surveillance system, campus, distance learning, FTTx, MDU (Multi-Dwelling Unit), MTU (Multi-Tenant Unit) and Metro markets.

Key Features:

• WEB / SSL / Telnet / SNMP Management
• IEEE 802.1Q / Q-in-Q VLAN
• IEEE 802.1w RSTP protocol / IEEE 802.3ad Link Aggregation
• IGMP Snooping v1, v2 and Query mode
• IP DSCP QoS and Bandwidth Control
• Layer 2 / 3 / 4 ACL and Port Security
• SNMP v1 / v2c and 4 RMON Groups

Application:

With 24 100Base-FX SFP ports and 2 Gigabit TP/SFP combo ports, the switch provides a cost-effective, high-performance for FTTx solutions. To build a network solution of FTTH (Fiber to the Home) or FTTC (Fiber to the Curb) for ISPs and FTTB (Fiber to the Building) for enterprise, the various distances of SFP (small-form factor) and Bidi (WDM) transceivers are optional for customers. Compared with traditional fiber switch that equipped fixed distance (2Km) and connection mode (SC only), the 24 SFP ports provides flexible solution for ISPs and enterprises. In addition, the two Gigabit TP/SFP combo ports can be used as uplink port which connects to the data centers and backbones.

Read More

Small Form-factor Pluggable (SFP)

Small form-factor pluggable (SFP) is a specification for a new generation of optical modular transceivers. The devices are designed for use with small form factor (SFF) connectors, and offer high speed and physical compactness. They are hot-swappable.

SFP transceivers are expected to perform at data speeds of up to five gigabits per second (5 Gbps), and possibly higher. Because SFP modules can be easily interchanged, electro-optical or fiber optic networks can be upgraded and maintained more conveniently than has been the case with traditional soldered-in modules. Rather than replacing an entire circuit board containing several soldered-in modules, a single module can be removed and replaced for repair or upgrading. This can result in a substantial cost savings, both in maintenance and in upgrading efforts.

Several companies have formed a consortium supporting the use of SFP transceivers to meet their common objectives of broad bandwidth, small physical size and mass, and ease of removal and replacement.

Read More