Author Topic: Pitanje u vezi sinhronizacije vremena unutar LAN  (Read 1667 times)

uporna_neznalica

  • Sr. Member
  • ****
  • Posts: 450
Pitanje u vezi sinhronizacije vremena unutar LAN
« on: September 30, 2015, 09:02:09 am »
ADSL modem Huawei HG532E, koji najveci srpski ISP daje korisnicima, nema opciju za promenu vremena u postojecem GUI interfejsu. (Cinjenica da nmap pokazuje da su na njemu podignuti telnet i ftp servisi nije mi od koristi, posto telnet login prompt ne prihvata GUI korisnika i password, ni default, ni promenjene.) Na modemu je instaliran neki Linux (kernel 2.6.15-2.6.26).

Huawei je inace open-sorsovao doticni modem u aprilu 2015, tako da ocekujem da ce u buducnosti na njemu moci da se potera OpenWRT, a mozda i neki *BSD.

Moja pitanja su:

1) Ima li neko ideju kako pristupiti modemu (osim hydra i preko serijskog kabla)?

2) Posto je modem u idiotskoj vremenskoj zoni (vidi se kroz log), neka +1 zona u odnosu na lokalnu, dakle, nije ni UCT ni Beograd, prema mom (ne)znanju, to fundamentalno bezbednosno kompromituje LAN (izuzev ukoliko i LAN ne prebacim na doticnu zonu), sto bi trebalo da bude u suprotnosti sa nekim RFC. Ima li neko ideju koji bi to RFC mogao da bude, ili slucajno zna i za neki scientific paper na tu temu?

'Fala unapred.



uporna_neznalica

  • Sr. Member
  • ****
  • Posts: 450
Odg: Pitanje u vezi sinhronizacije vremena unutar LAN
« Reply #1 on: September 30, 2015, 09:30:51 am »
U prilog diskusiji evo sa cisco foruma
https://supportforums.cisco.com/discussion/11599976/different-time-zones-network-and-ntp

I mali doprinos iz mog pflog u vreme konfigurisanja modema

Code: [Select]
#tcpdump -n -e -ttt -r /var/log/pflog | grep block
...
Sep 28 13:41:40.295839 rule 4/(match) block in on em0: 192.168.1.254 > 192.168.1.64: icmp: echo request
Sep 28 14:16:16.427960 rule 4/(match) block in on em0: 192.168.1.254 > 192.168.1.64: icmp: echo request
Sep 28 14:43:35.107055 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:35.856253 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:36.606235 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:37.356245 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:38.106580 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:38.855993 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:39.606083 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:40.355944 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:41.106484 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:41.140338 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:41.855942 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:41.887045 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:42.605801 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:42.637083 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:43.358361 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:43.386990 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:44.138487 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 201
Sep 28 14:43:44.138618 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 186
Sep 28 14:43:44.551735 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 50
Sep 28 14:43:45.295523 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 50
Sep 28 14:43:45.637189 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 186
Sep 28 14:43:46.043323 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 50
Sep 28 14:43:47.137116 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 186
Sep 28 14:43:48.637054 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 186
Sep 28 14:43:50.137212 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 198
Sep 28 14:43:51.137230 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 198
Sep 28 14:43:52.137108 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 198
Sep 28 14:43:53.137124 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 198
Sep 28 14:43:54.137338 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:54.886839 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:55.636640 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:56.386791 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:57.137158 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:57.886833 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:58.636632 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:43:59.386695 rule 4/(match) block in on em0: 192.168.1.3.137 > 192.168.1.255.137: udp 68
Sep 28 14:44:00.136911 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 186
Sep 28 14:44:00.137121 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 186
Sep 28 14:44:00.138115 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 216
Sep 28 14:44:01.543030 rule 4/(match) block in on em0: 192.168.1.3.138 > 192.168.1.255.138: udp 201
Sep 28 15:11:22.154799 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0xb17713aa flags:0x8000 [|bootp]
Sep 28 15:11:22.228770 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0xb17713aa flags:0x8000 [|bootp]
Sep 28 15:21:19.384726 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x8e39766e flags:0x8000 [|bootp]
Sep 28 15:21:31.886980 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x404984f5 flags:0x8000 [|bootp]
Sep 28 15:21:45.608532 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0xe7f74813 flags:0x8000 [|bootp]
Sep 28 15:23:32.795300 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x2d13922e flags:0x8000 [|bootp]
Sep 28 15:25:14.925349 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0xe612c177 flags:0x8000 [|bootp]
Sep 28 15:28:10.858088 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0xcf1dacca flags:0x8000 [|bootp]
Sep 28 15:49:20.542825 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x947715d5 flags:0x8000 [|bootp]
Sep 28 15:50:46.552319 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x9b02bada flags:0x8000 [|bootp]
Sep 28 15:57:54.972988 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x1d36e3f3 flags:0x8000 [|bootp]
Sep 28 17:39:22.088320 rule 4/(match) block in on em0: 192.168.1.65.40500 > 192.168.1.2.6889: udp 20
Sep 28 17:39:25.087986 rule 4/(match) block in on em0: 192.168.1.65.40500 > 192.168.1.2.6889: udp 20
Sep 28 17:39:26.589525 rule 4/(match) block in on em0: 192.168.1.65.59234 > 192.168.1.2.6889: S 456286934:456286934(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 17:39:27.090133 rule 4/(match) block in on em0: 192.168.1.65.59234 > 192.168.1.2.6889: S 456286934:456286934(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 17:39:27.584435 rule 4/(match) block in on em0: 192.168.1.65.59234 > 192.168.1.2.6889: S 456286934:456286934(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
Sep 28 17:43:30.280151 rule 4/(match) block in on em0: 192.168.1.65.40500 > 192.168.1.2.6889: udp 65
Sep 28 17:45:36.406510 rule 4/(match) block in on em0: 192.168.1.65.60525 > 192.168.1.2.50321: S 3799662784:3799662784(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 17:45:36.898972 rule 4/(match) block in on em0: 192.168.1.65.60525 > 192.168.1.2.50321: S 3799662784:3799662784(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 17:45:37.404655 rule 4/(match) block in on em0: 192.168.1.65.60525 > 192.168.1.2.50321: S 3799662784:3799662784(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
Sep 28 18:06:21.746762 rule 4/(match) block in on em0: 192.168.1.65.61488 > 192.168.1.2.6889: S 3807392198:3807392198(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:06:22.246137 rule 4/(match) block in on em0: 192.168.1.65.61488 > 192.168.1.2.6889: S 3807392198:3807392198(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:06:22.756260 rule 4/(match) block in on em0: 192.168.1.65.61488 > 192.168.1.2.6889: S 3807392198:3807392198(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
Sep 28 18:11:16.060306 rule 4/(match) block in on em0: 192.168.1.65.62670 > 192.168.1.2.50321: S 3151000454:3151000454(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:11:16.579624 rule 4/(match) block in on em0: 192.168.1.65.62670 > 192.168.1.2.50321: S 3151000454:3151000454(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:11:17.075966 rule 4/(match) block in on em0: 192.168.1.65.62670 > 192.168.1.2.50321: S 3151000454:3151000454(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
Sep 28 18:29:47.421956 rule 4/(match) block in on em0: 192.168.1.65.64577 > 192.168.1.2.6889: S 4218662887:4218662887(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:29:47.922682 rule 4/(match) block in on em0: 192.168.1.65.64577 > 192.168.1.2.6889: S 4218662887:4218662887(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:29:48.427762 rule 4/(match) block in on em0: 192.168.1.65.64577 > 192.168.1.2.6889: S 4218662887:4218662887(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
Sep 28 18:37:42.943713 rule 4/(match) block in on em0: 192.168.1.65.49355 > 192.168.1.2.50321: S 96478946:96478946(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:37:43.443133 rule 4/(match) block in on em0: 192.168.1.65.49355 > 192.168.1.2.50321: S 96478946:96478946(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Sep 28 18:37:43.943344 rule 4/(match) block in on em0: 192.168.1.65.49355 > 192.168.1.2.50321: S 96478946:96478946(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
Sep 28 19:07:22.449379 rule 4/(match) block in on em0: 192.168.1.1.54265 > 192.168.1.2.32517: R 1804834811:1804834811(0) ack 1802829370 win 8704 <nop,nop,timestamp 144485 2565160298> (DF)
Sep 28 19:28:43.540547 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x29fa7f10 flags:0x8000 [|bootp]
Sep 28 19:28:43.610266 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x2cdcb954 flags:0x8000 [|bootp]
Sep 28 19:28:43.681983 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x2cdcb954 flags:0x8000 [|bootp]
Sep 28 19:32:02.347908 rule 4/(match) block in on em0: 192.168.1.1.35626 > 192.168.1.2.42438: R 3347341132:3347341132(0) ack 806008205 win 8736 <nop,nop,timestamp 292472 3582091598> (DF)
Sep 28 20:25:06.054257 rule 4/(match) block in on em0: 192.168.1.1.48145 > 192.168.1.2.39240: R 2327972116:2327972116(0) ack 3326638916 win 8736 <nop,nop,timestamp 610839 4004745457> (DF)
Sep 28 20:25:42.927417 rule 4/(match) block in on em0: 192.168.1.1.36731 > 192.168.1.2.48986: R 2318878373:2318878373(0) ack 47325980 win 8672 <nop,nop,timestamp 614527 2549134867> (DF)
Sep 28 20:30:42.519055 rule 4/(match) block in on em0: 192.168.1.1.33434 > 192.168.1.2.41454: R 2461630224:2461630224(0) ack 303700767 win 8816 <nop,nop,timestamp 644486 3726458338> (DF)
Sep 28 20:30:57.565444 rule 4/(match) block in on em0: 192.168.1.1.41987 > 192.168.1.2.8952: R 2326106586:2326106586(0) ack 3383683754 win 9240 <nop,nop,timestamp 645990 3260149701> (DF)
Sep 28 20:48:53.507325 rule 4/(match) block in on em0: 192.168.1.1.42004 > 192.168.1.2.44085: R 3768223160:3768223160(0) ack 1901202117 win 8704 <nop,nop,timestamp 753583 2310837742> (DF)
Sep 28 20:55:32.027511 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x556e0663 flags:0x8000 [|bootp]
Sep 28 20:55:32.056716 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x220a0d53 flags:0x8000 [|bootp]
Sep 28 20:55:34.181424 rule 4/(match) block in on em0: 0.0.0.0.68 > 255.255.255.255.67: xid:0x220a0d53 flags:0x8000 [|bootp]
Sep 28 20:55:36.397166 rule 4/(match) block in on em0: 192.168.1.1.37844 > 192.168.1.2.11500: R 1035314065:1035314065(0) ack 1709396874 win 8752 <nop,nop,timestamp 9147 3234324981> (DF)
Sep 28 21:02:36.624248 rule 4/(match) block in on em0: 192.168.1.1.43898 > 192.168.1.2.3737: R 1031031435:1031031435(0) ack 3746266133 win 8656 <nop,nop,timestamp 51169 2704479490> (DF)
Sep 29 07:48:57.808792 rule 6/(match) block in on em0: 192.168.1.1.57552 > 192.168.1.2.16223: R 1856714390:1856714390(0) ack 1058518723 win 3432 <nop,nop,timestamp 2963122 3312884853> (DF)
Sep 29 07:53:16.387560 rule 6/(match) block in on em0: 192.168.1.1.48107 > 192.168.1.2.5753: R 1878785455:1878785455(0) ack 1784816652 win 9041 <nop,nop,timestamp 2988980 825141471> (DF)
Sep 29 13:21:12.694555 rule 6/(match) block in on em0: 192.168.1.1.39763 > 192.168.1.2.24973: R 3082002653:3082002653(0) ack 414616228 win 3432 <nop,nop,timestamp 210136 2959954777> (DF)
Sep 29 13:28:01.088116 rule 6/(match) block in on em0: 192.168.1.1.52860 > 192.168.1.2.11198: R 3349952492:3349952492(0) ack 3481829826 win 9420 <nop,nop,timestamp 250779 1545044769> (DF)
Sep 29 13:33:08.030307 rule 6/(match) block in on em0: 192.168.1.1.38506 > 192.168.1.2.42336: R 3450457641:3450457641(0) ack 2621821938 win 11583 <nop,nop,timestamp 281441 4237525731> (DF)

Stari modem je bio 192.168.1.254 a hg je 192.168.1.1

soxxx

  • Administrator
  • Hero Member
  • *****
  • Posts: 1438
Odg: Pitanje u vezi sinhronizacije vremena unutar LAN
« Reply #2 on: September 30, 2015, 01:48:07 pm »
Negde po netu nadjoh da se ide na:
Quote
You need to go into Advanced then SNTP.

If you put a tick in the box you should then get the configuration options.
pa ga uperi na neki NTP server.
The best way to learn UNIX is to play with it, and the harder you play, the more you learn.
If you play hard enough, you'll break something for sure, and having to fix a badly broken system is arguably the fastest way of all to learn. -Michael Lucas, AbsoluteBSD

uporna_neznalica

  • Sr. Member
  • ****
  • Posts: 450
Odg: Pitanje u vezi sinhronizacije vremena unutar LAN
« Reply #3 on: September 30, 2015, 03:56:28 pm »
Negde po netu nadjoh da se ide na:
Quote
You need to go into Advanced then SNTP.

If you put a tick in the box you should then get the configuration options.
pa ga uperi na neki NTP server.

Nemam uopste tu opciju u GUI. Lupam glavu kako da dodjem makar do setup wizard-a, probacu hard reset button prvo. Telekom support za sada nece da mi da informaciju.

uporna_neznalica

  • Sr. Member
  • ****
  • Posts: 450
Odg: Pitanje u vezi sinhronizacije vremena unutar LAN
« Reply #4 on: October 01, 2015, 10:26:50 am »
Od tehnicke podrske ISP dobio sam naziv root korisnika i sifru. Oni to rade samo po zahtevu korisnika, a taj zahtev treba da bude adresiran na njihovu tehnicku sluzbu sa e-mail naloga koji ISP otvara korisnicima po automatizmu, a koji pretplatnik konkretnog modema nije nikad otvrorio od kreiranja 2008.

Admin

  • Administrator
  • Hero Member
  • *****
  • Posts: 1367
    • http://www.bsdserbia.org
Odg: Pitanje u vezi sinhronizacije vremena unutar LAN
« Reply #5 on: October 01, 2015, 10:34:20 am »
Taj modem ima dva naloga - prvi je onaj koji ti daju da mozes da podesis WIFI i... nista mnogo vise od toga. Drugi je admin nalog koji dolazi sa default lozinkom i lako ga je "hakovati". Do sada sam naleteo na tri lozinke koje se koriste za pristup admin panelu:

username: admin
password: ztonpk

username: admin
password: tzlkisonpk

username: admin
password: admints

Nevidjeni krs od uredjaja. :D

If it moves, crypt it. Unless it's static - than you should double-crypt it

uporna_neznalica

  • Sr. Member
  • ****
  • Posts: 450
Odg: Pitanje u vezi sinhronizacije vremena unutar LAN
« Reply #6 on: October 02, 2015, 10:58:48 am »
...
Nevidjeni krs od uredjaja. :D

Ako imas sugestiju sta je bolje za te pare, reci, mozda ce biti aktuelno (ako fiber ne pretekne po dostupnosti i ceni)

http://www.netiks.rs/adsl-oprema

TP-Link TD-W8951ND je OpenWRT capable, mada ja preferiram bez wi-fi, ali nisam siguran da bilo koji od ponudjenih modela moze na OpenWRT. Mozda NetBSD moze na nekom od njih, nisam jos proucio.

Taj modem ima dva naloga - prvi je onaj koji ti daju da mozes da podesis WIFI i... nista mnogo vise od toga. Drugi je admin nalog koji dolazi sa default lozinkom i lako ga je "hakovati". Do sada sam naleteo na tri ...

Ako neko ima ideju kako da pogledam .conf fajl ovog modema neka javi, uudecode nece.

uporna_neznalica

  • Sr. Member
  • ****
  • Posts: 450
Odg: Pitanje u vezi sinhronizacije vremena unutar LAN
« Reply #7 on: October 03, 2015, 09:27:14 pm »
I ftp i telnet su u chroot, dakle, za pravi pristup modemu potreban je serial to usb, ili neka druga skalamerija.

Modem nije podesen u bridge modu, nego u modem/ruter modu i ono sto gledam unutra je vrlo zanimljivo. npr. CWMP protokol.