Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26
17281 posts

Uber Geek
+1 received by user: 4940

Trusted
Lifetime subscriber

  Reply # 1642525 29-Sep-2016 12:18
Send private message

Yeah I'm keen


17281 posts

Uber Geek
+1 received by user: 4940

Trusted
Lifetime subscriber

  Reply # 1673610 18-Nov-2016 14:22
Send private message

So I am wondering if you guys have seen issues with the E400's with using devices that connect via AN ?

 

We have had a number of customers and seen it ourselves, where devices connect at AN get an IP, and are then dumped from the system, connect again rinse and repeat. Reboot of the device itself doesn't resolve, but a reboot of the E400 usually does. 

 

Tried latest firmware same behaviour. Disabling 5GHz fixes it, but re-enabling, problem comes back?

 

 


18 posts

Geek
+1 received by user: 9

Cambium Networks

  Reply # 1673618 18-Nov-2016 14:29
Send private message

Hi networkn

 

Please log a case with support.

 

support@cambiumnetworks.com

 

If this is a know issue, the support team will advise and if not they will investigate and provide a fix.

 

Remember to take advantage of the current promo - buy 10 get three free.

 

Regards

 

Roy

 

 

 

 


17281 posts

Uber Geek
+1 received by user: 4940

Trusted
Lifetime subscriber

  Reply # 1673621 18-Nov-2016 14:42
Send private message

rwittert:

 

Hi networkn

 

Please log a case with support.

 

support@cambiumnetworks.com

 

If this is a know issue, the support team will advise and if not they will investigate and provide a fix.

 

Remember to take advantage of the current promo - buy 10 get three free.

 

Regards

 

Roy

 

 

 

 

 

 


Thanks, email sent. 

 

 


17281 posts

Uber Geek
+1 received by user: 4940

Trusted
Lifetime subscriber

  Reply # 1673630 18-Nov-2016 15:07
One person supports this post
Send private message

rwittert:

 

.

 

Remember to take advantage of the current promo - buy 10 get three free.

 

 

 

 

That's a good deal! I don't really want to carry that much stock though :)


'That VDSL Cat'
8103 posts

Uber Geek
+1 received by user: 1693

Trusted
Spark
Subscriber

  Reply # 1673719 18-Nov-2016 16:36
Send private message

networkn:

 

So I am wondering if you guys have seen issues with the E400's with using devices that connect via AN ?

 

We have had a number of customers and seen it ourselves, where devices connect at AN get an IP, and are then dumped from the system, connect again rinse and repeat. Reboot of the device itself doesn't resolve, but a reboot of the E400 usually does. 

 

Tried latest firmware same behaviour. Disabling 5GHz fixes it, but re-enabling, problem comes back?

 

 

 

 

 

 

When you say AN, do you mean 802.11n or 802.11ac?





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


1557 posts

Uber Geek
+1 received by user: 149

Trusted

  Reply # 1681010 2-Dec-2016 07:20
Send private message

Looks like new version released

 

https://support.cambiumnetworks.com/files/e400/#r1

 

E400/E500 Software Release 3.1.1 / 30-Nov-16




CPU: Intel 3770k| RAM: F3-2400C10D-16GTX G.Skill Trident X |MB:  Gigabyte Z77X-UD5H-WB | GFX: GV-N660OC-2GD gv-n660oc-2gd GeForce GTX 660 | Monitor: Qnix 27" 2560x1440

 

 


'That VDSL Cat'
8103 posts

Uber Geek
+1 received by user: 1693

Trusted
Spark
Subscriber

  Reply # 1681011 2-Dec-2016 07:27
One person supports this post
Send private message

Doesn't look like too much added tbh.

On the upside though, updated all APs from the train... Forget how handy that tool is.




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


182 posts

Master Geek
+1 received by user: 13

Subscriber

  Reply # 1682130 4-Dec-2016 20:30
Send private message

For some reason, since 3.1.1, my iOS devices are going bonkers by sticking to APs (and not roaming) like superglue.

 

Is anyone else having this problem?


1165 posts

Uber Geek
+1 received by user: 143

Trusted
Subscriber

  Reply # 1684533 8-Dec-2016 11:46
Send private message

From a related post on choice cheapies, if you have a business & website along with a few more requirements spelled out in the link, you could get a free poe switch just for attending a webinar valued at $1400. You should then be able to use that switch to power the access points without having to use the poe injector.

 

Details at https://meraki.cisco.com/freeswitch

 

This is a cloud managed switch (just like the access points), however, it comes with a 3 year licence. I'm not sure what happens at the end of 3 years - does it just stop working, retain the last configuration? At least they probably won't pester you about firmware having to be at a certain level every single time you log onto the cloud management site despite previously seeing and dismissing that notice.

 

 

 

 




Meow
7534 posts

Uber Geek
+1 received by user: 3642

Moderator
Trusted
Lifetime subscriber

2690 posts

Uber Geek
+1 received by user: 346

Trusted
Lifetime subscriber

  Reply # 1711050 28-Jan-2017 15:32
Send private message

I've got an extra one available if anyone is interested. It is surplus to requirements: http://www.geekzone.co.nz/forums.asp?forumid=77&topicid=208095





My views (except when I am looking out their windows) are not those of my employer.

1557 posts

Uber Geek
+1 received by user: 149

Trusted

  Reply # 1759534 8-Apr-2017 16:58
Send private message

Potential vulnerability in SNMP

 

 

 

 

 

Cambium SNMP Security Vulnerabilities

AFFECTED PRODUCTS

Cambium ePMP 1000
Cambium ePMP 2000
Cambium PMP XXX
Cambium ForceXXX models
Potentially all other models

IMPACT

These vulnerabilities may allow an attacker to access device configuration
as well as make unauthorized changes to the device configuration.

Disclosure Timelines

First reported to ICS-CERT - Sep 12, 2017
Latest vendor response - Apr 5, 2017
Fix planned for Q2 2017
Public Disclosure - Apr 6, 2017


BACKGROUND

Through its extensive portfolio of reliable, scalable and secure wireless
narrowband and wireless broadband networks, Cambium Networks makes it
possible for all service providers; industrial, enterprise, government, and
service providers to build affordable, reliable, high-performance
connectivity. Our wireless networks enable industrial Internet of things
(IIoT) connectivity, and for service providers to improve customer
satisfaction and efficiency.

SNMP Feature

SNMP is a standard protocol employed by many types of Internet protocol
based products and allows centralized and remote device management
capabilities. One of the many standard SNMP capabilities enables users to
manage the product, including accessing device configuration, making
changes, as well as triggering back up and restore.

Specific to Cambium devices:

* It is possible to access full device configuration using SNMP. Device
configuration includes usernames, passwords, SSIDs, keys, certificates,
syslog config, and other network & wifi specific details.
* It is possible to trigger configuration backups, which can then be
retrieved using SNMP.
* It is possible to wipe out and / or make changes to the device
configuration remotely.

VULNERABILITY OVERVIEW

A. SNMP COMMUNITY STRINGS PRIVILEGES ARE NOT ENFORCED CORRECTLY

It is possible to use SNMP ReadOnly community string to access MIBs that
should only be accessible using ReadWrite community string (for example
Wireless key). Different versions leak different pieces of RW-only
accessible information. Current version (at the time of reporting 3.2)
allowed RO string to read WPA2 key.

For example:

snmpget -v2c -c public <IP> 1.3.6.1.4.1.17713.21.3.8.2.4.0


B. DEVICE CONFIGURATION BACKUPS – ACCESS CONTROL ISSUES

Using SNMP, device configuration backups can be remotely triggered. Using
specific MIBs, we can:
1. trigger the backup, and
2. identify exact backup file name, & location.

In case any backup file(s) are already present, their names & locations can
also be retrieved.

Trigger backup
snmpset -v2c -c private <IP> 1.3.6.1.4.1.17713.21.6.4.10.0 i 1
iso.3.6.1.4.1.17713.21.6.4.10.0 = INTEGER: 1

Get backup file location & name
snmpget -v2c -c public <IP> 1.3.6.1.4.1.17713.21.6.4.13.0
iso.3.6.1.4.1.17713.21.6.4.13.0 = STRING: "
http://IP/dl/3.2.2_00000000000000.json"

All the backup files are uploaded on the web server root directory /, and
lack any access control. Anyone can enumerate & dump the backup
configuration file(s) directly. Using the information in device
configuration, it may be possible to gain access to the device, and / or
its clients (wireless devices and users).

+++++
Metasploit module will be released shortly.
+++++





CPU: Intel 3770k| RAM: F3-2400C10D-16GTX G.Skill Trident X |MB:  Gigabyte Z77X-UD5H-WB | GFX: GV-N660OC-2GD gv-n660oc-2gd GeForce GTX 660 | Monitor: Qnix 27" 2560x1440

 

 


1557 posts

Uber Geek
+1 received by user: 149

Trusted

  Reply # 1885755 18-Oct-2017 15:09
Send private message

KRACK Advisory

 

http://community.cambiumnetworks.com/t5/Enterprise-e4XX-e5XX-series/Security-Advisory-on-Key-Reinstallation-Attacks-KRACK/td-p/79130





CPU: Intel 3770k| RAM: F3-2400C10D-16GTX G.Skill Trident X |MB:  Gigabyte Z77X-UD5H-WB | GFX: GV-N660OC-2GD gv-n660oc-2gd GeForce GTX 660 | Monitor: Qnix 27" 2560x1440

 

 


'That VDSL Cat'
8103 posts

Uber Geek
+1 received by user: 1693

Trusted
Spark
Subscriber

  Reply # 1885982 18-Oct-2017 22:20
Send private message

mentalinc:

 

KRACK Advisory

 

http://community.cambiumnetworks.com/t5/Enterprise-e4XX-e5XX-series/Security-Advisory-on-Key-Reinstallation-Attacks-KRACK/td-p/79130

 

 

great to see their on the ball..





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


1 | ... | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Hawaiki Transpacific cable ready-for-service
Posted 20-Jul-2018 11:29


Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.