Categories
Lanzamientos Noticias

This is the world’s fastest professional NAS with 25G ports

Main features of this ultra-fast NAS

Rack-type NAS servers are usually very powerful, however, the main manufacturers such as QNAP or Synology have this type of servers of all ranges, in order to meet the needs of their customers. Today we are going to show you the latest NAS server that QNAP has launched, a top-of-the-range model that incorporates everything you need to be one of the fastest in the world, and one of the ones that can provide us with greater storage thanks to its 24 bays for hard drives.

CPU, RAM and Flash characteristics

This new NAS server has a very powerful AMD Ryzen 7 3700X processor, this processor has 8 cores and 16 threads of processing, at a speed of 3.6GHz with a turbo speed of 4.4GHz. This model uses a 64-bit x86 architecture, in addition, it has a floating point unit and also the AES-NI encryption engine to transfer data with protocols that use data encryption and AES as a symmetric encryption algorithm.

This server is sold with 32GB of DDR4 UDIMM RAM, in two modules of 16GB each, however, it allows to have up to 128GB of DDR4 RAM (4 modules of 32GB each), so we will be able to use a large number of virtual machines with Virtualization Station, host hundreds of microservices in Docker containers and much more. This RAM is ECC type, because this NAS server has the QuTS hero operating system, an operating system that uses the ZFS file system, one of the most advanced that we can currently have on a server.

Finally, this NAS server has 5GB of flash storage for the protection of the operating system with double boot, ideal in case we have any problem in the update of the operating system.

Storage

This NAS server is one of the most complete on the market, it has a total of 24 bays to accommodate 3.5 “or 2.5” hard drives, although it is also compatible with 2.5 “SSDs, which we can use as storage or as SSD cache to accelerate the overall performance of the NAS server. Of course, all their hard drive bays are hot swappable, and compatible with all large capacity hard drives and SSDs on the market.

Although this server does not have SSD caching with M.2 NVMe, what we can do is buy expansion cards from QNAP to provide this feature to the NAS server. Thanks to the incorporation of a total of 4 PCIe 3.0 ports of different bandwidths, we will be able to install QM2 cards with M.2 NVMe, and we can even buy 10G and 25G network cards to expand the possibilities of the server.

Connectivity

The connectivity of this NAS server is very complete, the first thing we have to say is that it incorporates a network card with two 10Gbps SFP + ports, therefore, we can achieve a bandwidth of 20Gbps if we use Link Aggregation. We also have two Gigabit Ethernet ports for the LAN, with support for Link Aggregation. Of course, all ports have support for 9K jumbo frames.

This QNAP TS-h2477XU-RP server has a total of 4 x 5Gbps USB 3.2 Gen 1 ports, that is, the typical USB 3.0 of always. It also has one USB 3.2 Gen 2 Type-C port at a speed of 10Gbps and other USB 3.2 Gen 2 Type-A port at a speed of 10Gbps.

Regarding the PCIe 3.0 ports that this high-performance server incorporates, we have the following expansion slots:

  • Slot 1: PCIe 3.0 x4
  • Slot 2: PCIe 3.0 x8 or PCIe Gen 3 x4
  • Slot 3: PCIe 3.0 x8 or PCIe Gen 3 x4
  • Slot 4: PCIe 3.0 x4

In the event that slot 1 is occupied, slot 2 will work at PCIe Gen 3 x4 instead of PCIe Gen 3 x8. If slot 4 is occupied, slot 3 will run at PCIe Gen 3 x4 speed instead of PCIe Gen 3 x8.

Thanks to these PCIe ports, we will be able to install network expansion cards to have a 25Gbps speed port, we can install M.2 NVMe cards to use them as SSD cache, 10GBASE-T Multigigabit network cards and even WiFi 6 cards and USB 3.2 Gen 2 expansion. Thanks to this connectivity, we will be able to expand the connectivity of this equipment and have a greater bandwidth in the professional local network.

Other features

Other characteristics of this model are that it needs a total of 4U in the rack to be installed, it measures 176.15mm high, 481.04 wide and 672.02mm deep, with a weight of 22.66kg. This model has two redundant 800W power supplies, ideal in case one of them stops working. The consumption at full performance is 144W, it has a total of 4 92mm fans in addition to the fans of the power supply. The sound level is 27.5dbA.

As you have seen, this NAS server model is one of the most powerful, fastest and with the largest storage that we will be able to have on a server. The QuTS hero operating system has the same configuration options and services as always, in this regard nothing has changed.

Categories
D-link Marcas

D-Link DSR-1000AC Professional Router Firmware: Full Review

What can we do with the firmware of the D-Link DSR-1000AC router?

The firmware of this professional router is very complete, it allows administration through the graphical user interface and also via CLI by console or by SSH, this model is managed through the HTTPS protocol to provide confidentiality and authenticity, there is no possibility of manage this router via HTTP because it is an insecure protocol. In addition, another very important aspect is that we can limit the administration of this router from certain IP addresses, certain VLANs created in the LAN, and even remotely via HTTPS.

This D-Link DSR-1000AC router by default has the LAN configured with the 192.168.10.0/24 subnet, therefore, we will have to access the firmware of this router through the IP address https://192.168.10.1, the name The default user name is “admin” and the password is “admin”, but in the first menu of the router it will force us to change this access password.

In the main firmware menu of this router we can see the general status of the router, all the LAN connections, the VLANs that we can configure, and also the status of the different VPN tunnels that we can configure with this professional router. At the top is where we will have the different submenus to make the different configurations:

  • Status: we will be able to see the general status of the entire router, the connected wired clients, WiFi clients, VPN clients that have successfully established a session and the complete log of the router where we can see the logs of different parts of the router.
  • Wireless: here we can configure the multiple SSID that this router has, and segment those SSIDs into a specific VLAN ID if we have previously created it, of course, we can also configure the 2.4GHz and 5GHz radio as if it were a home WiFi router. Finally, in this section we can configure the WDS in the two frequency bands and also the WPS, the latter is disabled by default to have the best possible security.
  • Network: This section is where we can configure everything related to the LAN, we can edit the default LAN and set the subnet that we want. We will also be able to configure VLANs with new subnets, and in each of these subnets we will have the possibility of configuring a DHCP server to dynamically provide IP, and even configure DHCP Relay. Other options available in this section are the possibility of configuring the 2 dedicated WANs that we have in this router, the DMZ through the WAN 2 port, and we can even configure the load balancing between the WANs and also a 3G / 4G modem to have FTTH fiber connection failover. This router is compatible with IPv6 networks, therefore, we will have all the usual configuration options that we find in routers. Finally, we will be able to create static routes, make use of the internal gateway dynamic routing protocols RIP and OSPF, as well as configure the redundancy VRRP in routers.
  • VPN: this professional router has different types of VPN, specifically, we will have IPsec with IKEv1 and IKEv2 both in remote access VPN mode as Site-To-Site VPN, PPTP both server and client, L2TP both server and client, and also OpenVPN, both in remote access VPN mode, client and even in Site-to-Site. Finally, the firmware also allows us to establish GRE tunnels.
  • Security: here we can configure the internal database of users and groups for authentication, configure an external RADIUS, an external POP3, LDAP, AD and NT domain. We can also filter the websites that we want through URL and keyword blocking, as well as activate dynamic filtering, but it requires an additional paid subscription. Finally, we can configure in detail all the firewall rules, both for IPv4 and IPv6 networks and also the bridge.
  • Maintenance: in this section we will have the main configuration options related to management, firmware update, saving and restoring the router configurations, configuring the logs of the different router services, and much more.

As you can see, this router has everything to become the center of the network, in addition, we have high-end hardware, since it incorporates 2 Gigabit Ethernet ports for the Internet WAN, 4 Gigabit Ethernet ports for the LAN and 2 multifunction USB 2.0 ports (print server, file server with SMB 1.0, possibility of updating the firmware via USB, saving and restoring router configurations, and you can even activate a function to automatically save all the configurations made in the router, to real-time backup mode).

This D-Link DSR-1000AC professional router has hundreds of advanced configuration options, since it is a team oriented to offices and also to small and medium-sized companies, we can make advanced and secure VPN tunnels to intercommunicate different company headquarters, and even allow that mobile users (with laptop, smartphone, tablet etc.) can remotely connect to the corporate network and access all shared resources easily and quickly. Although this router has IPsec, PPTP, L2TP and OpenVPN, we must take into account the non-security of the PPTP and L2TP protocols, the latter is normally used together with IPsec to add a layer of encryption and authentication of the data.

Discover all the configuration options in our video

In RedesZone we have recorded a complete video of the firmware of the professional router D-Link DSR-1000AC, the top model of the manufacturer D-Link that will provide us with outstanding performance in all network tests, and many advanced configurations as you can. see below in the firmware video.

Soon we will offer you tutorials on how to configure the firewall, the WiFi network, how to create VLANs with this advanced router, and you will even learn to configure a VPN server with both the IPsec protocol and OpenVPN.

Categories
Analisis Software

Monitor your entire local network for free with Network Meter for Windows

The first thing we are going to do is find out what the use of this program can bring us. Then we will see how to get it up and running and what are its minimum requirements for it to work. We will finish by seeing how Network Meter works to monitor our local network with examples, using one and several network interfaces.

What Network Meter offers to monitor our LAN

Network Meter we could define it as a free program Searching for network interfaces and adapters in the system for LAN monitoring. Thus, it is able to provide detailed information on each interface. Its way of operating is simple, each interface monitor has a view with simple statistics and a graphic screen that shows the time history. This would be an example of the main screen of the program to give you a better idea:

It is a tool to measure network traffic. Thus, we can use Network Meter to monitor our local area network in real time by selecting one or more network interfaces. It is an easy-to-use software in which simply to start working we will select one of the available Ethernet or Wi-Fi adapters, being able to work even with virtual ones.

In summary, we can affirm that it is not a complex application, and that it has been developed as an easy-to-use tool. It also offers us the inbound and outbound traffic, and also shows us the results in a graph. As for the license, it should be noted that it is free to use for both private and commercial users, so we could all use it.

Minimum requirements and use of the program

Regarding the minimum requirements, we need a computer with Windows 2000, XP, 2003, Vista, 7, Server 2008, 8, 8.1 or 10. Regarding the hard disk space, the version that we have used is 2.3.0, with 20 MB you will have enough. Therefore, on practically any computer from the last 20 years you could run this software without problems. The first thing to do is download it for free from from your website. Then you will see a screen like this:

In this case, what you have to do is click on the button Download, marked with a box and a red arrow to save it on your hard drive.

It should also be noted that, in addition to being free, it is portable. This means that once downloaded, we just have to unzip it and run it to start using it. If you do not have a file decompressor installed, Windows Explorer has one and files with a .zip extension, as is the case, can be decompressed without problems.

Get started with Network Meter

To start using this tool we must double click on the file NetMet which will be the only one we have after unzipping the file we downloaded.

The Network Meter tool to monitor our local network the first time we run it will look like this:

Do not worry if at first you see it very simple and you do not see any data on the screen. That is because we have not selected the appropriate options. The first thing we are going to see is the main menu with its main options, which you have marked in a red box. Here we have these sections:

  • File: we have the option to refresh the results, we can also do it directly using the F5 key.
  • Display: to select the network adapter that we want to monitor. You can select one or more.
  • View: here we will choose the display options and the graphics update period.
  • Help: used to check the version of the program and go to the developer’s website.

From the main menu we are going to see two in depth and in more detail, they are «Monitor» and «View». Next, if we click on Display We will see a screen similar to this:

Its operation is very simple, if we select an adapter that is working, we will immediately see a summary of its network traffic and current evolution. The first time you use it, we recommend simply selecting your Ethernet or Wi-Fi card. In our case it is a Gigabit Ethernet network card that I will press later. It also supports working with a virtual interface.

The next section of the main menu is View which offers us these options:

One is Update Period in which we can choose the update period in which the data is refreshed. It is best to leave it in normal so that it updates every second, and in fast every 0.5 seconds if we need more precise information. On the other hand, a section that I recommend activating is Interface View, then we would see the available interfaces.

Here we could do the same as in «Display«, That is, select our network interface. The only thing to keep in mind is that it will leave less space available to view the rest. Also, in that window you will be able to see the traffic that this adapter has generated in the categories of Download (download) and of Upload (rise). Also, on the right side you have a scroll bar to see the rest of the adapters when you have more than five.

On the other hand, in the Windows task bar, for greater convenience you can find a Network Meter icon to monitor your network traffic and that gives access to the program, in case you want to leave it in the background.

Practical examples of using Network Meter

Now we are going to select our Ethernet network card, then Network Meter will show us a graph, along with a summary of my network traffic statistics.

In the place where the name of the network card appears, we can see two elements to take into account. First “Transfer»Allows us to change to see the amount of MB sent and received through the network. The second “Speed»Refers to the transfer speed measured in Mbps. Also, by clicking on the button Properties A window will open that will offer us information about the network card and its configuration.

You can also provide information from multiple network interfaces at the same time. This is ideal, for example, if you are working with a virtual interface:

When there is no more space for the rest of the network adapters to view it, you will have to see them by moving the bar that you have located on the right.

As you have seen, Network Meter allows us to monitor our local network quickly and easily, in addition, it does so in a very complete way so that we can see in detail the download and upload traffic of the different network interfaces, ideal to know what is happening. We can also see the amount of traffic exchanged on the local network and the Internet, all in a very intuitive way.

Categories
Redes cable Tutoriales

How to have the same internet speed via Wi-Fi as via cable

Wired and Wi-Fi Internet speed

We generally tend to think that internet speed it is always going to be greater for cable than for Wi-Fi. We have the feeling that if we connect wirelessly we are going to have cuts, slowdowns and, ultimately, problems.

The truth is that as a general rule wired connection It will always be more stable, it will have better speed and we will have fewer problems. But of course, not everything is always like this. Depending on the circumstances, we can make our wireless network work as well as when we connect by cable and even better in some cases.

Therefore, as we will see below, the fact that use wired or wireless network it is not always going to be the main indication to achieve maximum speed. We can have problems in both cases or, looking at it another way, we can have the same speed either by Wi-Fi or by Ethernet.

What to do to achieve the same speed over Wi-Fi as over cable

If you have problems with Wi-Fi and you notice that speed is much slower that by cable, you can always take into account some recommendations. Having good adapters, a correct configuration and that the coverage is ideal, can perfectly make us have the same speed over cable as wirelessly.

Using a good wireless adapter

Something essential is to use a Wi-Fi network card make it good. This is something basic, since it is what will allow us to connect to the access point and have a higher or lower speed, as well as coverage. Sometimes a common problem is that we use an adapter that came with the laptop and it is not the right one.

To improve speed we can always use another Wi-Fi adapter that we can connect via USB, have a better antenna and thus achieve better performance. These devices are cheap and easy to configure, since generally it is enough to connect it to the port and automatically the computer detects it and we will be able to search for networks and connect.

The adapter is key as some have speed limitation of the Internet, beyond having better or worse coverage. If we see that by cable we have much more speed and despite being connected to the side of the router by Wi-Fi we get much less, this could be because of what we said, because we have a wireless card that cannot receive more speed.

Get optimal coverage

Logically it will also be necessary for the coverage be the best possible. For this, we can take into account some points such as placing the router well, using amplifiers or connecting near the access points and taking advantage of the signal more.

If Wi-Fi reaches less speed than cable, you have to see that the coverage is good. If we are connected too far from the router, we will never have as much speed as if we connect by Ethernet. To improve this we must place the router well. It has to be in a central area of ​​the house, from where it can distribute the signal well to other devices. Basically you have to put it where we are going to use it. It is useless to have it at one end of the house if we are going to connect on the opposite side.

But we can also use Wi-Fi repeaters. There are different types of devices that will help us improve coverage and thus connect to the Internet and have better speed. We can mention wireless amplifiers, Wi-Fi Mesh systems or even PLC devices.

  • Wireless amplifiers: Wi-Fi amplifiers or repeaters what they do is boost the signal in a certain place. For example, we can put it in an intermediate area between the router and the room from where we connect. This way the signal will get better.
  • Wi-Fi Mesh systems: in this case they are different devices. They are several and can be from two to many more. Unlike amplifiers, they do not connect directly to the router, but to each other. We can distribute them throughout the house and thus get better coverage in many more areas.
  • PLC devices: PLC devices are generally two devices. One of them connects to the power line, to any power outlet, and to the router. The other we put in another socket in any other place in the house. The Internet signal goes from one device to another through electricity and we can connect via Wi-Fi and have better speed.

Choosing the right band

Are you using the correct Wi-Fi band? If you don’t know, modern devices have two options for connecting: 2.4 GHz and 5 GHz band. Routers and access points can broadcast on both bands and the speed difference between connecting to one or the other can be quite significant.

If the Internet speed is very slow due to Wi-Fi and you think that everything is fine, that you have good coverage and we are using a good card, it is probably because you are using the 2.4 GHz band, which will not allow make the most of speed. It is a good option if we are going to connect away from the router, but do not expect to have great speed.

To have the Maximum speed you have to connect to the 5 GHz band. When we look for networks many times the two options will appear and we have to make sure we choose this one. Of course, we must bear in mind that if we connect away from the router, it will have worse coverage and there may be cuts.

The 5 GHz band is not always the best

Therefore, if we take into account all this that we have seen, we can achieve that the speed over Wi-Fi is the same as over cable in many cases. It could even happen that we have better speed in case the Ethernet card is not Gigabit or we use cables in bad condition.

We will not always have the same speed over Wi-Fi as cable

There are factors that can prevent us from having the same speed when we connect by cable or Wi-Fi. This can affect both one option and another and we will not always be able to solve it, since it may be due to hardware limitations.

If we compare the speed of a symmetric 300 Mbps fiber optic, for example, the normal thing is that if we have everything well configured and our devices have no problem, we achieve the same speed over cable and Wi-Fi. On the other hand, if we have contracted 1 Gbps symmetric fiber optic, things can change. By cable we should not have problems as long as we have one that is at least CAT 5E and that allows us to reach that speed. If we use an old cable we could not exceed 100 Mbps and we would be far from that figure.

Now, what about Wi-Fi? In this case, it is more normal that we have limitations. If we enter Configuration, we go to Network and Internet, we enter Adapter Options and click on the Wi-Fi card we are using, we will see the synchronization speed. That is the maximum speed at which our connection can go. It is very common that we have a card limited to 866 Mbps, so if we want to reach that Gbps we would not achieve it. We couldn’t have the same speed over cable as over Wi-Fi.

With Wi-Fi 6 and 160 MHz channel, in the 5 GHz band, we will be able to exceed 1 Gbps without problems. But of course, not all routers and not all network cards are compatible.

In short, although we can perfectly achieve that the Internet speed is as good by Wi-Fi as it is by cable, in certain circumstances they may not be comparable. This, as we have seen, can happen both on one side and on the other.

Categories
Analisis Software

How to view network card data with Adapter Watch

Why it is necessary to know the data of the network

In certain circumstances we will need to know network card specific data. For example, we may need to know the exact model to look for the drivers and update them, in case we have a problem and the equipment does not recognize it or stability-level failures.

We may also need data such as MAC address, the IP with which it synchronizes with the router, speed, etc. All this can help us to configure certain parameters, include the card in a white list in the router, know if the speed is adequate, etc.

To get this information we can use some programs such as Adapter Watch. This will allow us to have total control over the network card and to know at all times the data that we may need to configure something, to optimize speed or quality.

How to use Adapter Watch

Adapter Watch allows us to have detailed information of the network card. For example, we can see the MAC address of the device, the data transfer speed at all times or even release and renew the IP address. It is a simple program, easy to use, but with a lot of information.

Let’s see the main steps that we must give to start using this software. Keep in mind that it is available for Windows in its different versions. It is an alternative to using the information offered by the system itself, which is sometimes limited and does not solve what we really need.

Download the app

The first thing we have to do is to download the program. It should be noted that it is an application that does not need installation and we will only have to download the file and run it. We will quickly see all the data related to the different network cards that are installed in the computer, as well as the virtual adapters.

For this we have to go to the website of Nirsoft. There we will see the description of this program, its operation and, at the bottom, the button to download. We will also see that it is available in different languages, among which is Spanish.

The application takes up very little space, less than 1MB, and comes in a RAR folder that we have to unzip. There the main file will be opened, which we will only have to execute, and also another with the Help information.

Get started with Adapter Watch

Once we have downloaded the program, we will simply have to open it. The main application window will automatically appear, with the different tabs through which we can move. The first shows us the network adapters. There we can see the Ethernet network card, the Wi-Fi card, if we have any more or even the virtual ones.

If we move through the different tabs We will see the one corresponding to the TCP / UDP statistics, IP statistics, ICMP or the general tab. In some of them we will see changing data, since they are showing statistics, information that we send or receive.

In each of these sections we will see different types of data related to the cards. We can move from one to the other quickly. We will also see the buttons to manually refresh and update the information, as well as to create an HTML report.

Custom options

If we look at the menu above we will see the section of Choices. There we can configure some parameters and customize them. For example, the time for the data to be updated or the amount of information sent and received.

We can also copy the different cells and export them to a document in case we are interested in having the information present anywhere. Otherwise, Adapter Watch It is a very simple program, where we will not have many more options that we can customize, beyond the essential data related to our card.

What data does the Adapter Watch offer

If we focus more on the information that Adapter Watch is going to offer, we can mention that it tells us everything related to the adapter. For example we will see the exact model, the name of the adapter, the MAC address, the type of adapter (if it is Ethernet or Wi-Fi) …

We will also see more specific information related to data sent and received (measured in Bytes), when we start the connection, when will DHCP end, the DNS servers we are using or the IP address.

All this is very interesting to have a greater control over the network card. For example, we will be able to know if it works well, if the speed is adequate, know what IP it is using to avoid conflicts … This will help us to configure some parameters that are necessary to enhance the operation.

Know what DNS servers being used in a fast way may be useful in order to opt for different ones. If changes we can improve speed and even safety. Normally we use those offered by the operator itself, but we can use others such as those from Google or Cloudflare.

The adapter name, which is something of the most important that we can see, it will be necessary to solve certain problems and also to find the drivers. Sometimes our devices malfunction, we have failures related to a system update that has hung, and that will cause us to also update the network adapter drivers. We must apply it both in Ethernet and Wi-Fi.

In short, if we are looking for a simple program with which to view all the information related to network cards for Windows, Adapter Watch is an interesting option. It’s simple, it doesn’t have too many options, but it does offer everything you need to configure it, fix errors, and learn more about our connections.

Categories
Noticias Seguridad

why data may be at risk

Information theft when using Wi-Fi

Wi-Fi networks are available practically anywhere. We find them in shopping centers, stations, airports … Now, are they all safe? The truth is that no. We may come across wireless access points that are solely created to put our lives at risk. Privacy.

How could they spoof our identity by Wi-Fi? Basically what the attacker is going to do is collect all the data that we send or receive. For example if we log into a social network, in the mail, in a forum … Also even if we use an instant messaging program and send messages.

What the hacker is going to do is create a fake access point, which pretends to be a legitimate Wi-Fi network but actually controls it. In this way the entire connection can go through that attacker. This is known as the Man in the Middle attack.

Let’s say we make a payment on a certain website. This would occur if the process is done on an unencrypted page. Might steal the data of the bank card, to know our personal information and, later, to use it against us.

Therefore, to spoof our identity thanks to Wi-Fi networks, attackers will have to collect the information we send when browsing. This includes any process such as sending messages, emails, logging into pages, making a payment … This means that we must always be careful when using public networks.

Can we prevent data theft when using public networks?

This is an important question. We have talked about how we can find Wi-Fi networks that have been created solely to attack. In this way, cybercriminals could even reach impersonate our identity, create a profile on social networks with our name, make payments as if it were us, etc.

But yes, we can prevent this from happening. Logically, the first thing will be to connect only to wireless networks that we will fully trust. For example, we should never connect to open networks in public places, much less send data through it.

We must also take into account the possibility of using VPN services. What these programs do is encrypt our connection. In this way, everything we send and receive goes through a kind of tunnel and cannot be read by third parties. We could avoid the Man in the Middle attacks that we have indicated. Of course, we must always prevent the VPN from losing the connection.

Ultimately, a seemingly secure Wi-Fi network could become a real problem for users. It could be the entry point for hackers to steal personal data and, when the time comes, impersonate our identity. It is important that we are aware of the importance of preserving privacy and using certain tools such as VPNs for this.

Categories
Noticias Seguridad

Serious XSS security flaw in the Movistar HGU router

An XSS vulnerability affects Movistar’s HGU router

It is one of the models most used by fiber optic customers. It specifically affects the model HGU RTF8115VW manufactured by Askey, since Movistar has several similar-looking models. This is the most recent, so if you have contracted fiber with this operator or its subsidiary O2 in recent months, it is very likely that you are affected.

How does this problem work? This occurs when visit a url with the access interface to the router. Basically the form with which we put the username and password to enter the configuration and be able to change the Wi-Fi password, the name of the network, etc. Movistar’s HGU router is a widely used model and such a failure can affect many clients.

As indicated by the user bokanrb in GitHub, this security flaw was discovered five months ago, last February, and has not yet been corrected. There it shows how this vulnerability works and how a hypothetical attacker could take advantage of it and put our security at risk.

How to know if the router is affected

An attacker can use the URL http://192.168.1.1/cgi-bin/te_acceso_router.cgi?curWebPage=/settings-internet.asp";alert('xss')//&loginUsername=admin&loginPassword=admin where 192.168.1.1 would be the default gateway to access the router and alert (‘xss’) would be the JavaScript code it would execute. The name and password part would contain any value, since these are not validated.

In the event that our device is affected by this vulnerability, which will be normal if we use the RTF8115VW model of the Movistar HGU router, a dialog box by putting that url in the browser.

In this way, through this technique a possible attacker could execute malicious code in our team. It does this after it gets us to visit the URL with the bug. Logically with this it could sneak malware, enter our devices, steal information …

The vulnerability has been registered as CVE-2021-27403. At the time of writing this article, it has not yet been resolved, but it is expected that updates will be released soon to be able to solve it. That is why we always recommend having the latest versions of the devices. Updating the router is essential to maintain security.

In short, one of the most widely used fiber optic routers today has a major security flaw. At the moment it has not been corrected and those who have recently contracted fiber with Movistar or with O2 are very likely to have the HGU RTF8115VW model, manufactured by Askey, and should be aware to avoid problems that affect the network.

Categories
Lanzamientos Noticias

Features of this new WiFi 6 AP with Mesh

WAX630 Key Features

The main features of this new NETGEAR WAX630 WiFi access point is the incorporation of simultaneous tri-band with Wi-Fi 6 and AX6000 class. In the 2.4GHz band we can achieve a speed of up to 1,201Mbps, thanks to its four internal antennas in MU-MIMO 4T4R configuration and WiFi 6. In each of the two 5GHz frequency bands we can achieve a speed of up to 2,402 Mbps, thanks to its four internal antennas in MU-MIMO 4T4R configuration for each band.

This professional access point with WiFi 6 has all the latest generation wireless technologies, such as Beamforming to focus the wireless signal, MU-MIMO to transmit to several clients simultaneously, OFDMA to subdivide the channel into several subchannels and allow a optimization of the use of the wireless network when we have dozens of wireless clients connected. Of course, it also incorporates TWT to save battery in compatible IoT devices, smartphones, tablets and laptops, BSS Coloring to mitigate WiFi interference

This model has the possibility of using WPA3-Personal with 128-bit encryption, but it also has WPA3-Enterprise to authenticate clients to a local or remote RADIUS server, in this case, the security optionally rises to 192 bits, as dictated by the standard.

This NETGEAR WAX630 has a 2.5G Multigigabit port for connection to the professional local network, with the aim of not having any type of bottleneck in the wired network, because this model could exceed the Gigabit Ethernet speed without any problem. as it is triple band AX6000. This Multigigabit port supports the PoE ++ standard so as not to have any type of problem with the power consumption of the device. Finally, it also incorporates a Gigabit Ethernet port at 1Gbps speed, however, in normal circumstances we will use the 2.5G port that will provide us with more than double the speed. This port is usually incorporated in cases where we do not have a PoE Multigigabit switch, in this way, we could pull two cables and perform a Link Aggregation with a combined speed of 2Gbps (1Gbps and 1Gbps), since the Link Aggregation standard does not allow to have links with different sync speeds.

NETGEAR Insight Cloud Management

This new professional WiFi access point is integrated into the NETGEAR Insight cloud management platform, therefore, it is perfectly compatible with all the professional WiFi access points (either WiFi 6 or WiFi 5) that we currently have in the range by Insight. In addition, it is perfectly compatible with all its switches manageable through the cloud and also with its routers that will allow us to have a total centralized management of the network, from the router to the AP through advanced switches.

This professional AP allows us to configure Instant Mesh, a NETGEAR backhaul technology that allows access points to be interconnected via Wi-Fi, without the need to wire the access point from a PoE switch, it would only need power via PoE injector. Thanks to this, we will be able to have a dedicated frequency band specifically for the interconnection of access points, and use the other frequency bands for clients. In some scenarios this feature is really useful, such as in places where we are very far from the switch and we cannot wire the zone.

In this specific model, we can configure up to 16 SSIDs in an advanced way, configure VLANs, QoS for bandwidth control by wireless clients, client isolation and AP isolation, and many more advanced options.

We must remember that NETGEAR Insight cloud management will allow us to monitor, configure and manage the entire network remotely, it is only necessary to access the cloud platform with an Internet connection, either on a computer or on our smartphone, because we also have free applications for Android and iOS.

Categories
Seguridad Tutoriales

How to safely erase or remove a USB stick with programs

The first thing we are going to learn is why we must erase our USB memories safely and what consequences can not do it. Then we will see how we can erase a USB stick natively in Windows using two different commands. Finally, we will show some third-party software in case you prefer to dispense with the commands and have maximum security because it performs different random writes on the USB memory or hard disk to “crush” all the data that there was previously.

Why should we safely erase a USB stick or hard drive

When we delete a file, it is not completely deleted. If we use the right tools it is not difficult to recover it if it has not been a long time. The main condition for you to have a better chance of recovering it successfully is that no new files are located in that area. For this reason, when these things happen, the best we can do is use that USB memory as little as possible until proceeding with data recovery.

In that sense, if someone outside of us recovers that information, it can endanger both our privacy and security.

Regarding the reasons why you should safely erase a USB memory we have:

  1. Deleting the data and even performing the formatting of a USB memory, do not guarantee to completely eliminate the information contained in it. However, as we will see later, formatting with special parameters can also be useful, but options such as “quick format” cannot.
  2. Everything that we do not erase in a secure or permanent way is capable of being recovered. Therefore, if it is a USB memory that we take to many places, it is convenient that the important information is encrypted and protected by password. If not, this information could be recovered or used and harm our security.

As for when it is convenient to do a safe deletion of a USB memory we would have:

  • When we intend to give it away.
  • When we are going to stop using it because we have bought a faster or higher capacity one.
  • We plan to sell it.
  • We want to destroy the data they contain for greater security.

A drastic way to prevent any data from being recovered could be to physically destroy that memory. However, as we will see below, there are different specific tools that allow us to permanently delete the data, preventing it from falling into the wrong hands. Their way of working is usually to overwrite random data several times on top of the data that was in the storage, so that their recovery is impossible or very difficult. Now it’s time to see what we can do with native Windows tools.

All the methods to perform a secure erase on your USB drives or discs

Currently we have several methods to perform a secure erase on USB drives or directly on hard drives or SSD drives. This secure erasure will allow us not only to erase the current data, but to overwrite all the information in the storage to make it very difficult or almost impossible to proceed with data recovery through forensic software.

Next, we are going to show you how you can do it directly from Windows with the tools that come installed by default, and also with other third-party programs that are specifically focused on the secure erasure of data, with the aim that you can choose what method of all choose.

Cipher, Windows command for secure erase

Thanks to the command Cipher which is one of the tools included by default in Windows, we can work with certificates and data encryption from a command prompt window. Among the various functions that this command offers us, without a doubt, one of the most interesting is to safely erase a USB memory. Thus, after using it, the data stored in it could not be recovered or even using forensic tools.

If we want to use Cipher, the first step we must take is to go to Windows start menu and there we write Command Prompt. Then, before clicking on the application you have to click on Execute as an administrator.

This is an example of how it would be done.

Now inside the command prompt window we will execute Cipher with these parameters to see its options:

cipher /?

Then we will see your available options:

The operator or parameter that we are going to use is / W and as indicated in its description, it will ignore all options and delete all data contained in the volume. On the other hand, it will also overwrite all memory bits with random information, thus overwriting all previously erased data.

To do this, we will proceed by typing cipher, followed by the / W operator and then the drive letter.

For example, if we have a USB memory mounted on drive F, the following command will erase the free space on the drive:

cipher /W:F

This is an example of the cipher command while running with these parameters:

This process can take a long time, so you will have to be patient. With this we manage to safely erase a USB memory and once the process is finished, none of the data that it contained inside can be recovered with specialized recovery tools.

The Format command to safely delete

Another command that we could use to safely erase a USB memory is “Format”. However, it is not worth doing just any one as we mentioned before, it requires one using specific operators. The first, as in the previous case, requires that we know the drive letter with which we are going to work. The best way to do this is to look in the Windows file explorer for the one that corresponds to our USB memory.

The next step we are going to take is to open a command prompt window. Assuming that our USB memory is the letter “F” we would use this command:

Format f: /P:2

The parameter “P” refers to the number of writes that we want to carry out in the unit. After this, the volume will be overwritten the assigned number of times with a different random number each time. To start the process, press the «enter» key twice.

Third-party software to erase USB drives, disks, and more

It may also be the case that we do not like to use the commands and prefer to use third-party applications.

One of them is Eraser which is an advanced security tool for Windows that will allow us to completely eliminate confidential data from our USB memory by overwriting them several times with carefully selected patterns. If you want to try Eraser You can visit its official website by clicking on the previous link.

The other program that we could use is HDD Low Level Format. Here you have a screenshot of the program, its use is really very simple, we simply need to select the drive to erase, and click on «Continue» to continue with the secure deletion wizard.

As you have seen, it is very easy to safely erase our USB memories, hard drives or SSD drives, the most important thing to know is that it is not enough to perform a quick format or a complete format, it is necessary to overwrite all the data with random data, in order to make it difficult for the data recovery tools to do their work, in this way, we can protect our privacy by performing a secure deletion.

Categories
Redes cable Tutoriales

How to use the netsh command in Windows to view and configure IPv4 networks

The first thing we are going to do is learn about the netsh command and how we can use it. Then we will explain some of its basic parameters of use together with some examples of use with their corresponding syntax so that you can see and change the configuration of an IPv4 network.

What is the netsh command and how to use it

The command netsh We could define it as a command line utility that will allow us to display or modify the network configuration of a running computer. Its main functions are related to the visualization, modification, administration and diagnosis of a network configuration. This tool is available on Microsoft Windows operating systems in different versions like 2000, XP, 7, 8, 10, Server 2012 and more.

Regarding its form of execution, we can do it in two different ways:

  1. Windows PowerShell.
  2. Symbol of the system.

Next, we are going to put an example with each one, although throughout the tutorial we will do the examples using a command prompt window.

We are going to start with PowerShell for which we are going to follow these steps:

  1. We are going to windows start menu.
  2. We wrote Windows PowerShell and click on enter.

So we write the netsh command like this:

Its way of working is different from what we use in a command prompt window. After the symbol «> » we would put the parameters, in this case it would be the «?»To view command options. As you can see, it offers these results:

On the other hand, then we would have the option of working with the netsh command in a command prompt window for which we would follow these steps.

  1. We’re going to windows start menu.
  2. We type CMD and click on enter.

Here the way of working is different, the entire command is written at once and executed by pressing enter. The options are separated by entering the operators / (bar) or (simple dash). For example, like the previous case to see the options of the netsh command it would be the «?»And to enter it correctly it would be«/?«. Thus, the command that we should introduce is:

netsh /?

This is the answer we would get:

As can be seen, most of the options would be included in both, although it should be noted that the way of working would be different. In this tutorial we are going to work in the latter way, that is, with a command prompt window.

Netsh Syntax and Parameters

Each time a command is entered, a pattern must be followed, which is simply to follow the order established by its syntax. Then we have to go putting the parameters with their corresponding symbol, which is usually a bar «/ «Or a hyphen« – «.

This would be the syntax of the command:

netsh-a ArchivoDeAlias] [ -c Contexto ] [ -r EquipoRemoto] [ -u [ NombreDeDominio ] NombreDeUsuario ] [ -p Contraseña | *] [{ComandoNetsh | -f ArchivoDeScript}

We could use the netsh command with these parameters:

  • -to returns to the netsh prompt after the execution of the AliasFile.
  • AliasFile A that specifies the name of the text file that contains one or more netsh commands.
  • -c you specify the context you want to use, for example, WLAN.
  • -r you are indicating that you want the command to be executed on a remote computer.
  • -or you state that you want to use the netsh command on a specific user account.
  • -p to specify that we want to provide a password to the user account.
  • -F after executing a script exits netsh.

One way that can help us to know how we can combine the operators that we can use is by knowing the context of the principal. Therefore, if we wanted to know the commands available for wlan we would use:

netsh -c wlan

And then putting the ? We could see the commands that we can use:

Save and restore network settings with the netsh command

Thanks to netsh we can also export the network configuration to a text file. Thus, in case of network problems we could restore to the values ​​we had before, thanks to that backup. The first thing we have to do before exporting that network configuration is to create a network folder to store our backup file. In this case we are going to create in our drive C: a folder called «networks». So, to save our configuration in a file called configuration.txt we will execute the netsh command like this:

netsh dump >> c:redesconfiguracion.txt

Then if we double click on the file we can see its content:

In the event that we need to restore our network configuration we would use this:

netsh -f c:redesconfiguracion.txt

Other netsh commands we can use

An important command is the one that shows us the names of the interfaces that we have on our computer, from here we will point the name of the interface that we are going to configure:

netsh interface show interface

For example, we could choose our IPv4 interface and establish a static IP for our computer like this:

netsh interface ipv4 set address "Wi-Fi" static 192.168.1.40 255.255.255.0 192.168.1.1 1

Now we go to the netsh command in relation to the wireless networks. For example, if I want to find out the Wi-Fi network profiles that I have saved on my computer

netsh wlan show profiles

And then we would see that we have these Wi-Fi networks saved:

If we want to prevent a Wi-Fi network from connecting automatically we would have to use:

netsh wlan set profileparameter name=Nombre de red connectionmode=manual

In network name we would replace it with the name of our Wi-Fi network. On the other hand, if we want our Wi-Fi to connect automatically:

netsh wlan set profileparameter name=Nombre de red connectionmode=auto

Also using the netsh command we can see the configuration of the Wi-Fi interface:

netsh interface ipv4 show address Wi-Fi
netsh interface ipv4 show dns Wi-Fi

Instead of the Wi-Fi interface, we could also do the same with the equipment connected by network cable

netsh interface ipv4 show address ethernet
netsh interface ipv4 show dns ethernet

Here’s an example:

With respect to firewall we could also use a series of commands. In the case of wanting to open port 80, we would execute the following:

netsh advfirewall firewall add rule name= «Open Port 80» dir=in action=allow protocol=TCP localport=80

If we want to remove the rule from a port we would use this:

netsh advfirewall firewall delete rule name= rule name protocol=udp localport=500

We could also restore the firewall defaults like this:

netsh advfirewall reset

Now it’s the turn to work with the DNS servers. So we could establish the first DNS server:

netsh interface ipv4 set dnsservers "Wi-Fi" static 8.8.8.8 validate=no

We would put the secondary server this way:

netsh interface ipv4 add dnsserver "Wi-Fi" 8.8.4.4 index=2 validate=no

Parameter index you are going to assign an order number to the server. In the first DNS server after the IP we could have put index = 1 but it is not necessary.

We can also establish that the network configuration of the Wi-Fi interface was dynamic through DHCP. For which we would have to execute the nestsh command twice like this:

netsh interface ipv4 set address "Wi-Fi" dhcp
netsh interface ipv4 set dnsservers "Wi-Fi" dhcp

As you can see, using the netsh command we can see and modify many aspects of our network connection.