This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

segunda-feira, 29 de fevereiro de 2016

Raspberry Pi 3 traz Wi-Fi, Bluetooth e processador mais rápido por US$35



PC World / EUA

Anunciado nesta segunda-feira, 29/2, novo modelo do aparelho é o primeiro substituto verdadeiro para o PC, afirma fabricante.

sexta-feira, 26 de fevereiro de 2016

Mikrotik - servidor hotspot com paginas de aviso

Configurando servidor MikroTik com Hotspot e páginas de aviso (atraso e bloqueio)




Tipologia da rede do MikroTik

Aqui usarei o seguinte:

ISP:
192.168.50.20/24

REDE:
192.168.1.1

MikroTik versão:
2.9.50

Note: Podem ser em outras também. 


Mikrotik - hotspot ativar ou desativar no user profile web-proxy

https://under-linux.org/showthread.php?t=111539&page=5


resumindo, só ative o transparente proxy se tiver que usar as telas de advertise.

quinta-feira, 25 de fevereiro de 2016

Wi-Fi - SSID oculta - mito





http://www.tecmundo.com.br/wi-fi/45693-mito-ou-verdade-esconder-o-ssid-deixa-sua-rede-wifi-mais-segura-.htm

WiFi - descobrindo redes ocultas (otimo artigo cuja fonte que não existe mais)

Descobrindo Redes Wi-fi "Ocultas"…

Quando uma empresa contrata um analista de infraestrutura ou segurança de dados para verificar os problemas que estão ocorrendo na rede Wifi da empresa, é normal que tais profissionais rodem uma ferramenta de análise de redes Wifi, identificando as redes (SSID) e os canais utilizados, sendo o problema mais comum a superutilização de um mesmo canal.
Pensando nisso, tive uma pergunta na cabeça, e em casos de redes com “Broadcast SSID” desabilitado, como será detectada somente através do software de escaneamento de redes (Ex.: Insider) ??? A resposta é simples, através de Sniffer, atuando em modo promíscuo.
Dediquei alguns minutos para mostrar que podemos estar com interferências em nossas redes WiFi e não estamos utilizando métodos ideais para detectar.
Conforme mostra a tela do Insider abaixo, temos algumas redes em canais diversos, e pensamos, poxa, que bom que não existem redes no canal 11, então vou escolher esse canal para o tráfego das minhas informações.

Significado IMEI IMSI E ICCID de celulares

https://www.quora.com/What-is-the-difference-between-ICCID-IMSI-and-IMEI-numbers

http://www.teleco.com.br/tutoriais/tutorialsim/pagina_1.asp

quarta-feira, 24 de fevereiro de 2016

PRTG - API

https://kb.paessler.com/en/topic/29983-how-to-export-a-list-of-devices-only

---- custom netflow channel definition
https://kb.paessler.com/en/topic/2143-can-i-add-custom-channels-to-standard-packet-sniffer-and-netflow-sensors

Mikrotik - avaliar scripts para hotspot

--- script para hotspot setup
http://adeelkml.net/mikrotik-hotspot-script/

https://aacable.wordpress.com/tag/mikrotik-hotspot-script/

--- avaliar uso para download de arquivos no mk
http://wiki.mikrotik.com/wiki/Manual:Tools/Fetch
http://forum.mikrotik.com/viewtopic.php?t=51229
http://forum.mikrotik.com/viewtopic.php?t=71517

Mikrotik - Configuração inicial de um hotspot


How To Configure Hotspot Server in MikroTik

Hotspot is a way to provide internet access to subscribers by means of an easy to use web login interface.  This gives the owner of the hotspot full control over download limitations, speed/bandwidth management,  billing without tension to configure each client machine.  Service of the hotspot can be access just entering the credentials in any type of browser without making any dialup connection.  Personally, I like hotspot very much it is very helpful in Wireless scenarios.  Today I will configure Hotspot for my wireless clients so, Lets start:

terça-feira, 23 de fevereiro de 2016

Mikrotik - Videos de treinamento

http://www.zafarlehri.blogspot.com.br/search/label/Mikrotik%20Training%20Videos

http://mk-auth.com.br/forum/topics/bastante-coisa-boa


https://under-linux.org/entry.php?b=4571

Mikrotik - Radius avaliar



We must instruct the wireless interface to use radius authentication and accounting, and we must tell it where to find the radius server (the IP address below). The Radius server and clients (the Mikrotik boxes) need a common secret, used to hash information in either direction. I enabled the incoming radius port, meaning that the radius server can contact the client as well. Normally the client initiates all exchanges.
/interface wireless security-profiles set default name=default radius-mac-accounting=yes radius-mac-authentication=yes /radius add service=wireless address=172.16.1.254 secret=whiteroad /radius incoming set accept=yes port=1700

estudar criação de vouchers

http://myconfigure.blogspot.com.br/2013/05/how-to-create-voucher-in-mikrotik-user.html

quinta-feira, 18 de fevereiro de 2016

Mikrotik - hAP RB951Ui-2nD

RB951Ui-2nD High Power 802.11n Wireless Router with POE input and output

The MikroTik RB951Ui-2nD is a wireless SOHO AP with a new generation Atheros CPU and more processing power. It has five 100mbit Ethernet ports, one USB 2.0 port and a power 2.4GHz 22dbm 802.11b/g/n wireless AP with antennas built in.
The RB951Ui-2nD has a 650MHz CPU 64MB of RAM and PoE output function for port #5 - it can power other PoE capable devices with the same voltage as applied to the unit. Maximum load on the port is 580mA.
Package contains RouterBOARD 951Ui-2nD in a plastic case and power adapter.
Features of RB951Ui-2nD:
  • CPU: Atheros AR9344 650MHz CPU
  • Memory: 64MB DDR2 onboard memory
  • Ethernet: Five independent 10/100 Ethernet ports
  • LEDs: Power, NAND activity, 5 Ethernet LEDs, wireless activity LED
  • Power in: PoE: 8-30V DC on Ether1 (Non 802.3af). Jack: 8-30V DC
  • Power out: PoE passive on port 5, same voltage as input
  • max tx power 22dbm
  • Dimensions: 113x138x29mm
  • Weight: Without packaging and PSU: 232g, full weight in package: 420g
  • Power consumption: Up to 7W
  • Operating Temp:-30C .. +70C
  • Operating System: MikroTik RouterOS, Level4 license
Package contains:
RouterBOARD in a plastic case, power adapter

segunda-feira, 15 de fevereiro de 2016

Modem ZTE MF823L - avaliação (vou ser obrigado a fazer hardening)


Pena que este modem esquenta demais chegando a tostar o SIMCARD.









Changing ZTE MF823 4G modem IP address – web interface hacking

Meraki - relatorios

https://documentation.meraki.com/MR/Monitoring_and_Reporting/Summary_Report_Overview

https://documentation.meraki.com/MR/Monitoring_and_Reporting/CMX_Analytics

domingo, 14 de fevereiro de 2016

Servidores DNS Públicos


Servidores DNS (Domain Name System, ou sistema de nomes de domínios) são os responsáveis por localizar e traduzir para números IP os endereços dos sites que digitamos nos navegadores.
Algumas vezes encontramos os servidores DNS do nosso provedor de internet congestionados ou com problemas de segurança. Usar um bom servidor DNS significa que sua navegação pode ficar mais rápida e segura.
Muitos serviços disponibilizam recursos de segurança, como detecção de sites falsos ou infectados. Também podem fornecer um sistema de proteção parental no qual sites de conteúdo adulto, por exemplo, são bloqueados.
E graças ao sistema de cache desses serviços, assim que seu computador requisitar um site, ele responderá de imediato. Porém, levar em conta a latência da sua máquina até o IP do servidor é um ponto importante na busca por desempenho.
Assim, sem precisar contar com os servidores lentos e inseguros que você pode estar usando atualmente, sua navegação deve ficar mais rápida. Infelizmente, a maioria dos mais populares serviços de resolução de nomes de domínio não se encontram no Brasil.
O OpenDNS responde a requisições da América Central e do Sul a partir de Miami, nos Estados Unidos. O Google Public DNS também deu adeus para a região recentemente e passa agora a responder as solicitações a partir dos Estados Unidos.
A seguir, você confere algumas opções mais populares seguidas por uma maneira de mensurar quais os melhores e mais rápidos servidores baseando-se na sua posição geográfica.

sábado, 6 de fevereiro de 2016

Ruckus - links

http://pt.ruckuswireless.com/press-release/Ruckus-apresenta-os-melhores-resultados-em-testes-recentes-de-Wi-Fi-realizados-pela

http://pt.ruckuswireless.com/press-release

http://pt.ruckuswireless.com/Projetando-para-alta-densidade-Est%C3%A1dios-e-arenas 

http://a030f85c1e25003d7609-b98377aee968aad08453374eb1df3398.r40.cf2.rackcdn.com/other/carnet-wifi-test-results-pt.pdf 

Ruckus - Hotspot

--- tem print anatel

https://cloud4wi.zendesk.com/hc/en-us/articles/200537566-Ruckus-Wireless-devices-Controller-mode-and-Cloud4Wi


https://cloud4wi.zendesk.com/hc/en-us/articles/200537586-Ruckus-Wireless-devices-Standalone-mode-and-Cloud4Wi

http://support.cloudruckus.net/Knowledgebase/Article/View/15/4/how-to-intergrate-cloud4wi-and-cloudruckus-zonemanager

terça-feira, 2 de fevereiro de 2016

HotSpot - captive portal android



All mobile OS just check a web page to decide whether they're behind a captive portal or not.
The mechanism is this:
  1. GET/POST http://foo.com/bar.html
  2. If bar.html == [expected content] > Open Internet
  3. If bar.html != [expected content] > Captive Portal
  4. If bar.html[status] != SUCCESS > No Network

segunda-feira, 1 de fevereiro de 2016

Wi-Fi - Point To Multi Point


Point to Multi Point (PtmP) is used alot in WISP setups
WISPS  =  Wireless Internet Service Provider
STARTING A WISP
Read these links:
http://www.triadwireless.net/index.p…log&Itemid=272
http://wndw.net/download.html
http://wiki.ubnt.com/Building_a_wisp
Example
Put a RocketM5 with omni  high at one end of the line. Set it to AP-WDS mode, on a channel in the 5800MHz range. This is your Internet feed radio.
At each receiving point, put a NanoStation Loco M5 facing toward the first one. Set each to station-WDS mode, all are in bridge mode.
Connect each of these M5 radios to 2.4GHz access point using a CAT5 jumper cable–LAN to LAN.
You need to set the 2.4GHz access points to AP mode, and on 20MHz channel width. Put them on different channels so they won’t interfere with each other. Use channels 1, 6 and 11 if possible. (need to be 5 channels apart to stop interference issues).
EXAMPLE
Beach Setup
All ‘Red Dote” zones are 5.8GHz AP’s configured as STATIONS that each link back to the centre AP facing them. Standard 2.4GHz AP’s are situated at every STATION to broadcast wireless to users.

MORE EXAMPLES
Hardware for Point-to-Multipoint Network
PtmP with bad download speed fixed with Channel width change
500m by 500m ptmp network


fonte: https://maitechnowiki.wordpress.com/point-to-multi-point/

Wi-Fi - User numbers

USER NUMBERS
There is no “hard limit” on the number of users. The more users, the slower the connection becomes. This is because they all poll the AP randomly so you get stronger signals overwhelming weaker ones and the AP has to try to make sense of it all. The generally recognized limit for public AP’s is 25-30.
What happens when 35 people attach? Their service generally slows to a crawl.
30 to 35 users is not an absolute hard limit. You can assign perhaps 50 casual users and have little contention. More than 35 actively connected users and you’ll start to see degraded service as the compete.
With a Rocket for non-Ubiquiti client radios, the maximum that Ubiquiti specifies is 50. For Ubiquiti clients using AirMax (PtmP), it’s about 150.
Useful formula: for all client traffic / 10 -%.
So if you have 40 client which provides 1 MB. The theoretical value of the network will be 40 * 1 MB = 40 MB and the average is 10% full – 4 MB
Different factors that effect user experience.
  1. In all cases the data rate available from the access point is limited to some maximum. It may be the limit of the Internet provider, or it may be the total combined data rate for all clients. Of course the lower of these two values is the limit.
  2. If clients are all to be provided a 10Mbps rate, an access point may be able to support only five or six clients (assuming the Internet source can also provide this rate).
  3. Regardless of the total data rate, the radio is also limited to a maximum number of clients. This is due to memory limitations; a Rocket has twice the memory of most other Ubiquiti radios, so it can handle 50 clients instead of 35 for the others.Naturally if the Rocket services 50 clients, the combined data rate is in the range of 50Mbps, or 1Mbps each, distributed evenly.
Your choices with Ubiquiti radios are about 35 users, or –with double the RAM (Rocket) –about 50 users (non AirMax)
The only difference between Rocket and lesser ‘M’ series radios is that it has
twice the RAM. Otherwise virtually the same radio.
Every AP (including Cisco, Aruba, etc, etc, etc) can only really handle 30 (ish) active users. This is a limitation of the 802.11 protocol. They can also only handle 10-15 HEAVY users per AP. Again, it effects all vendors
As a tip, on a campus, you typically want to run your APs on low power to limit the distance between clients on an AP. Google “Hidden Node” to learn more. Also, make sure to not space APs too close together or you get interference, collisions and the “Exposed Node” issue. This effects all vendors, though some handle it a smidge better than others.

Wi-Fi - WDS REPEATING


WDS Repeating is typically used in situations where creating Point to Point links between AP’s are not possible or using cable to all AP’s is out of the question, usually due to cost.
EXAMPLE FIRMWARE IMAGE
AP WDS Repeating Settings (nanoM2 5.5 firmware)


EXAMPLE

Red dot = Main router with internet connection
Yellow dot’s = Repeater’s
  1. Set all units to ap-wds
  2. Set all to bridge mode
  3. Enter different IP address for each repeater. 192.168.1.21,22,23
  4. Set all to the same channel
  5. Set 20mhz channel width
  6. Turn off airmax on all devices
  7. Use either wep encryption, or no encryption (WPA/WPA2 not supported)
  8. Now set the WDS Peer Addresses. In this example AP1 = Internet connected router, AP2-3-4 are Repeaters
  • Enter mac of AP 2, 3, 4 in WDS Peer field for AP1
  • Enter mac of AP1 in WDS Peer field for AP2, 3, and 4
NOTE:
If you want to share the same Ubiquiti ‘M’ series WDS access point with both Ubiquiti and non-Ubiquiti radios, you must use 20MHz channel width. (This is true of any ‘M’ series access point). If you use 40MHz channel width, only another Ubiquiti radio will be able to connect in nearly all cases.
AirOS_Wireless_Repeater_Configuration
PDF ubiquiti-access-point-wds-repeater setup
WDS repeating designed like this is the best practice, from internet connected router to repeater, not in a long chain, internet router > repeater > another repeater.
If you setup repeaters that repeat other repeaters you are bound to have big problems. Data rates are cut in half for each ‘hop. In this example as there is only one hop from main router with internet to each repeater, 1/2 the speed can be expected on the repeaters.
If you setup all four units in sequence (a chain, internet router > repeater > repeater > repeater) this would mean the last one has 1/8 the data rate of the original.
A better way if  you have to do this is to provide internet service to one of the access points in the middle, so there are less ‘hops’ in the repeating. The outer access points are configured to only communicate with the middle repeater otherwise serious looping problems could occur.
There would be a 50% degradation in data rates for the middle router with a still workable 25% on the outer repeaters.
Repeating is best used in only situations that require it. If at all possible point to point or point to multi points forming an internet back haul is always recommended.
EXAMPLES
Marina wants to do coverage with pico and pico repeaters

Wi-Fi Terms Explained

LOTS OF WI-FI TERMS EXPLAINED

A router is a network appliance.
An AP and Station are RF appliances. Ubiquiti RF appliances are radios.
An AP is your “base station”. It associates with clients that are generically called CPE (customer premise equipment) radios, and in UBNT lingo they are Stations and Motorola calls them an SU (subscriber unit) radio.
A client can only connect to an AP.
If the client mode can be bridged or routed.
You will often see
“~>” is wireless and “->” is wired.
Example: AP ~> [Sta -> AP] ~> [Sta -> AP] ~> Sta
A typical customer installation might look like this
AP ~> Sta (router mode) LAN 192.168.0.1 gateway
AP ~> Stat (bridge mode) -> on site router LAN 192.168.0.1 gateway
what is AP-WDS?  Access point with WDS protocol mixed in so it can share with other access points.
Explaining Data Rate:
This defines the data rate (in Mbps) at which the device should transmit wireless packets. If the Best (automatic) option is selected, then the rate algorithm will select the best data rate depending on the link quality conditions. You can fix a specific data rate between MCS 0 and MCS 7 (or MCS15 for 2×2 chains devices) also. Use Best (automatic) option if you are having trouble getting connected or losing data at a higher rate. In this case the lower data rates will be used by device automatically. If you select 20MHz Channel Spectrum width the maximum data rate is MCS7 (65Mbps) or MCS15 (150Mbps). If you select 40MHz Channel Spectrum width the maximum data rate is MCS7 (150Mbps) or MCS15 (300Mbps).
Refer to the section Advanced for the detailed information about rate algorithms. You can research more yourself here: http://wiki.ubnt.com/AirOS_5