1. World Wide Packets Lightning Edge 46 Manual 2016
2. World Wide Packets Lightning Edge 46 Manual Download

Greetings,LONG VERSION:I have recently inherited the management of an undocumented network (failed FTTH provider) which utilizes World Wide Packets' LightningEdge 427 (16 port GBIC switch) and 311v (24/4 port Ethernet/GBIC switch) switches. We've swapped out a 427 so that we can rebuild it, push it back into the network, and repeat, until everything is under our control.Trouble is, the lack of documentation extends to passwords, the nature of which preclude any hope of getting in to the switch without resetting to defaults. Fortunately, I can do this without issue, since it is not in active service.I reset a spare 311v to defaults, but cannot log in to it with any of the logical default passwords. I can only assume the same will be true of the 427.Sadly, it seems World Wide Packets is now owned by a new company, who will not provide simple documentation without a full support contract.

I got them to grudgingly provide the documentation for the customer premise devices (LightningEdge 47's), but my pleas for the switch documentation (and the management software that I believe WWP provided for free) has fallen on deaf ears. I don't have the budget to blow on a support contract just to get one default password (Who would?).SHORT VERSION:Does anyone know the default passwords for World Wide Packets 427 and 311v switches?I will most definitely owe anyone with an answer a beer or four next time they visit Seattle. By the way, the default username/password for the LightningEdge 47 and other WWP CPEs is su/pureethernet. Hopefully that will save someone else some pain.:-)Best Regards,Nathan EisenbergDobbins, Roland06.01.10 0:26. One should think the fact that there are default passwords at all should be a cause for alarm, in and of itself.I must not have been very clear.

I'm resetting these switches to factory defaults using the hardware reset button, and attempting to log in using whatever the factory default passwords are. No cause for alarm - the devices as deployed DO NOT have the default passwords on them (probably. Without having the factory default passwords for the devices, it's hard to say.)Anyways, does that make sense?Nathan Eisenberg06.01.10 0:59. On Jan 6, 2010, at 3:44 PM, Nathan Eisenberg wrote: I must not have been very clear. I'm resetting these switches to factory defaults using the hardware reset button, and attempting to log in using whatever the factory default passwords are.Right - what I'm saying is the fact that there are default passwords at all is horribly insecure, and that the vendor in question should be prodded to change this dangerous practice.-Roland Dobbins // Injustice is relatively easy to bear; what stings is justice.- H.L. MenckenBenjamin BILLON06.01.10 1:03.

On Wed, Jan 06, 2010 at 08:26:25AM +0000, Dobbins, Roland wrote: Does anyone know the default passwords for World Wide Packets 427 and 311v switches? One should think the fact that there are default passwords at all should be a cause for alarm, in and of itself.As much as they're a definite security risk, I can't imagine what otheroption there is. The closest I can come to a solution is to set a randompassword and flash it using a front-panel LED using morse. MattGeorge Bonser06.01.10 1:24. On Jan 6, 2010, at 4:18 PM, Matthew Palmer wrote: The closest I can come to a solution is to set a random password and flash it using a front-panel LED using morse. HehNo password at all, operator prompted at the console during startup unless/until he sets one. No IP address, et.

Until a password is set.-Roland Dobbins // Injustice is relatively easy to bear; what stings is justice.- H.L. MenckenDobbins, Roland06.01.10 1:26.

On Jan 6, 2010, at 4:24 PM, George Bonser wrote: having physical access pretty much trumps any other security measure.The fact that there's a factory default means that lots of folks won't change it when they configure the unit with an IP address; they follow this with failing to implement iACLs, and it's pw3nt1me!;-Roland Dobbins // Injustice is relatively easy to bear; what stings is justice.- H.L. MenckenGeorge Bonser06.01.10 1:43. -Original Message- having physical access pretty much trumps any other securitymeasure. The fact that there's a factory default means that lots of folks won't change it when they configure the unit with an IP address; they follow this with failing to implement iACLs, and it's pw3nt1me!I suppose it is a philosophical thing with me. I don't believe inprotecting people from their own stupidity. If you try to enforce that,you end up with organizations making up their own 'default' passwordswhich can be little better than manufacturer defaults.Nathan Eisenberg06.01.10 1:49.

Right - what I'm saying is the fact that there are default passwords at all is horribly insecure, and that the vendor in question should be prodded to change this dangerous practice.I don't see how there's a security problem with equipment coming from the factory with factory default passwords.In my opinion, a breach caused by a reset of equipment to default configuration/passwords would suggest far more basic security issues, which are not at all mitigated by eliminating the existence of default passwords.I generally try to mitigate the issues further down the stack. I doubt factory default passwords are going anywhere, but even if they did go away, I would still strictly control access to my management interfaces, as well as the reset holes on my equipment, and so I would argue that I would be no more or less secure than I am now.But maybe I'm missing something?Best Regards,Nathan EisenbergJim Burwell06.01.10 11:12. On 1/6/2010 01:23, Dobbins, Roland wrote: On Jan 6, 2010, at 4:18 PM, Matthew Palmer wrote: The closest I can come to a solution is to set a random password and flash it using a front-panel LED using morse. heh No password at all, operator prompted at the console during startup unless/until he sets one.

No IP address, et. Until a password is set.Yeah. And for devices with no console, only network interfaces, adefault IP address, no default password, and no default route (just incase they plug it into a real LAN instead of a laptop.:p ).Steven Bellovin06.01.10 14:13.

BEGIN PGP SIGNED MESSAGE-Hash: SHA1An option I saw years ago (I forgot on whose equipment) was a defaultpassword which was a function of the equipment's serial number. So youhad to have the algorithm and you needed the serial number which was notrelated to the MAC. So if you didn't have physical access, you were notin a good position to learn the password.I suspect this was a support nightmare for the vendor and I bet theywent to a more standard (read: the same) factory password.At the end of the day, minimizing support costs for the vendor (not tomention likely annoyance for the customer) trumps providing 'default'security for the folks who won't change the default password.-Jeff- -Jeffrey I. SchillerMIT Network Manager/Security ArchitectPCI Compliance OfficerInformation Services and TechnologyMassachusetts Institute of Technology77 Massachusetts Avenue Room W92-190Cambridge, MA 617.253.0161 - Voice-BEGIN PGP SIGNATURE-Version: GnuPG v1.4.9 (GNU/Linux)Comment: Using GnuPG with Mozilla -iD8DBQFLRRuk8CBzV/QUlSsRAuEEAJ4vFWYnMqK3AP1q9y46HzIIMeasoQCfSAkbCobOYgNelNkZL2ePmd6jwpMzBKR-END PGP SIGNATURE-Nick Hale06.01.10 16:13. On Jan 6, 2010, at 6:24 PM, Jeffrey I. Schiller wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 An option I saw years ago (I forgot on whose equipment) was a default password which was a function of the equipment's serial number. So you had to have the algorithm and you needed the serial number which was not related to the MAC.

So if you didn't have physical access, you were not in a good position to learn the password. I suspect this was a support nightmare for the vendor and I bet they went to a more standard (read: the same) factory password. At the end of the day, minimizing support costs for the vendor (not to mention likely annoyance for the customer) trumps providing 'default' security for the folks who won't change the default password.The MyFi apparently does this. According to 'The network password is printed right there on the bottom of the MiFi itself.'

-Steve Bellovin,Joel Esler06.01.10 17:41. At the end of the day, minimizing support costs for the vendor (not to mention likely annoyance for the customer) trumps providing 'default' security for the folks who won't change the default password. The MyFi apparently does this. According to 'The network password is printed right there on the bottom of the MiFi itself.'

At least it's not '0000'. But yes, my Mifi.had. the password on the bottom.In a lot of cases, physical access = you're screwed anyway. What's thedifference if the password is printed on the box?If you can't physically protect your kit, that's something else, but asidefrom things like WAP's which are routinely in 'the open' surely youprotect your equipment inside secure racks/cabinets/datacentres such thatthe physical labelling is inaccessible to those who aren't authorised.?Matthew Palmer06.01.10 17:54. As long as the passwords are reasonably secure (ie not generated to a simplepattern that can be easily brute forced) and they can be changed, I'dconsider that to be pretty reasonable security. I've been in training with the WWP folks for the last two days (VERYGOOD TRAINING, BTW!) and they got quite a chuckle out of this thread.They say if a customer is willing to pay they can change theinitialization method. But I'm guessing that anyone willing to paywould be the type to actually secure the box once it's turned-up.If you got some serious layer 2 stuff to do, these boxes have a reallyinteresting architecture and some trick features (unix type shell, forone.)-Joe-Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474Dobbins, Roland06.01.10 19:19.

On Wed, Jan 6, 2010 at 1:12 PM, Jim Burwell wrote:snip Yeah. And for devices with no console, only network interfaces, a default IP address, no default password, and no default route (just in case they plug it into a real LAN instead of a laptop.:p ).Ah. Don't worry about default routes. Proxy ARP will 'fix it'.when combined with a suitable router that does it by default, andhelp make sure the default-pw'ed device can still be reached by thebad guys.As murphy would have it, default device IP happens to correspond to avalid LAN IP address formerly used by a server, that the neglectedperimeter firewall still forwards port 80 traffic to.You know. An extra port isn't so expensive these days. Equipmentvendors could just make one of the network ports be labelled'Manage', ship the units with management access disabled, except onthat port.Don't allow normal traffic forwarding to/from that port by default.On first login, require a password change to be made before all otherchanges, such as enabling full management are even allowed,including turning the manage port into a normal port (if it's evennecessary).Device should shutdown the manage port, until reboot, via 'managementport security'.

When the first frame is received, memorize the MACaddress, as long as carrier is still detected.If later a second MAC address is detected as the source on any frame,or any multicast frame at all is received, other than an ARP forswitch's default IP.Light up an orange LED for 'security violation' or a 'user error'light.:)-JGeorge Bonser06.01.10 20:06. -Original Message- From: Dobbins, Roland Sent: Wednesday, January 06, 2010 7:23 PM To: NANOG list Subject: Re: Default Passwords for World Wide Packets/Lightning Edge Equipment On Jan 7, 2010, at 10:19 AM, Dobbins, Roland wrote: Which goes to show that they just really don't get it when it comes to security. Maybe they should look here at all the entries for 'default credentials': Actually, should be 'default password'.One of the problems I have seen is an organization where someone usessomething stupid just to get something up and running (say a password of'password' or 'foo' or something) with every intention of coming back tofix it later but forgets to. That is what I meant yesterday about anorganizational 'default' password that can be just as bad as themanufacturers default.At least with some manufacturers you can log in from the console withthe factory 'default' password but can't log in over the network unlessyou have set one.Joe Hamelin06.01.10 20:38. On Wed, Jan 6, 2010 at 7:19 PM, Dobbins, Roland wrote: Which goes to show that they just really don't get it when it comes to security.

Maybe they should look here at all the entries for 'default credentials':Roland, this isn't the home wi-fi market we're talking about. Anyonethat's going to buy one of these puppies is going to have a clue aboutputting their password in. BTW: You have to be on the console or themanagement port on them to use the default password (ok, you could geton the right VLAN too.) Problem solved, except for those cases wherethe operator is a total idiot. Trust me, the shop I'm working forisn't that way, not with the size of the roll-out we're doing (25k+switches.)I liked what you said about firewalls vs. Servers but, to be honest, inthis thread you're really beating a dead horse.-Joe-Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474Joe Greco06.01.10 20:45. On Wed, Jan 6, 2010 at 7:19 PM, Dobbins, Roland wrote: Which goes to show that they just really don't get it when it comes to security. Maybe they should look here at all the entries for 'default credentials': Roland, this isn't the home wi-fi market we're talking about.

Anyone that's going to buy one of these puppies is going to have a clue about putting their password in.You apparently missed the recent thread on NANOG where this guy was askingfor some help with 'Default Passwords for World Wide Packets/Lightning EdgeEquipment'. Apparently not everyone has the 'clue' you expect them to. JG-Joe Greco - Network Services - Milwaukee, WI -'We call it the 'one bite at the apple' rule.

Give me one chance and then Iwon't contact you again.' - Direct Marketing Ass'n position on e-mail spam(CNN)With 24 million small businesses in the US alone, that's way too many apples.Matthew Palmer06.01.10 21:32.

On Wed, Jan 06, 2010 at 10:45:32PM -0600, Joe Greco wrote: On Wed, Jan 6, 2010 at 7:19 PM, Dobbins, Roland wrote: Which goes to show that they just really don't get it when it comes to security.?Maybe they should look here at all the entries for 'default credentials': Roland, this isn't the home wi-fi market we're talking about. Anyone that's going to buy one of these puppies is going to have a clue about putting their password in. You apparently missed the recent thread on NANOG where this guy was asking for some help with 'Default Passwords for World Wide Packets/Lightning Edge Equipment'.

Apparently not everyone has the 'clue' you expect them to.To be fair, he was just asking about factory resetting the device becausethe current password was unknown, then reconfiguring the device (I'm willingto be generous and assume that the reconfiguration included setting a new,secure password).- MattJoe Greco06.01.10 21:56. Matthew Palmer To be fair, he was just asking about factory resetting the device because the current password was unknown, then reconfiguring the device (I'm willing to be generous and assume that the reconfiguration included setting a new, secure password).Thank you - You're correct. The administration and security of these devices is hardly magic - but one has to be able to access them in order to secure them. The devices haven't even left my hotel room for the production site, and you would already be SOL if you didn't have access to the either the (management interface AND the Very Long Password) or the (reset button AND the management interface AND (the default password)).Dobbins, Roland Which goes to show that they just really don't get it when it comes to security.So are you specifically opposed to globally default passwords, or are you opposed to being able to reset a device to factory defaults and somehow get into the device? Because while I still maintain there's no real security issue with the former (if there is, there's a bigger issue), all that I'm really gung ho for is the ability to get into a piece of equipment I need to operate, even if I don't have credentials to it.Nothing grinds my gears more than equipment that has to be thrown out because there is no recovery mechanism.

I frankly don't much care if the default password on my WWP LE427 is 'wwp' or 'wwpserial-number-which-is-printed-on-the-back' - as long as I can get it so I can get in and change it, I'm happy.Steven Bellovin And we all suffer from p0wned devices, because they get turned into bots. Roland is 100% right.Eh. I think this is confusing cause and effect. We all suffer, but the fact that a device is compromised because of a default password is, at the root of the chain, the result of a faulty Operator. Why was the password left at default? Why was it possible to access the management interface to utilize the default password? I would argue that the solution is to replace or modify the defective operator, rather than replacing, eliminating, or modifying the tool they misused.Joe Hamelin I've been in training with the WWP folks for the last two days (VERY GOOD TRAINING, BTW!) and they got quite a chuckle out of this thread.Are they still around, or are they Ciena employees?

My understanding was that they were completely acquired. If you got some serious layer 2 stuff to do, these boxes have a really interesting architecture and some trick features (unix type shell, for one.)Yep, they're rock solid devices. Every deployment I've seen of them as worked very well.

Ciena certainly got a good deal out of buying them! I'm actually not sure how much of the WWP gear is still manufactured.Thank you all again for helping me sort out what the factory default WWP passwords are so that I can now have a secure and documented deployment out here! I've received a couple offers of technical assistance from WWP veterans that I may well take up moving forward.Best Regards,Nathan EisenbergSean Donelan07.01.10 6:33. On Thu, 7 Jan 2010, Dobbins, Roland wrote: Which goes to show that they just really don't get it when it comes to security. Maybe they should look here at all the entries for 'default credentials': Actually, should be 'default password'.Default credentials may be a more generic description of the problem(although 'default password' is a better search term). A problem withdefault credentials is history has demonstrated even an expert (i.e.the vendors own technical support) aren't always certain they'vefound and changed every default credential possible on complex devices.Its not just the usual console access, but also snmp protocalspublic/private, http protocols admin, ldap cn=admin, postscript none,decnet mop, and so on. Even if you think you know every possibleprotocol, some vendors have had the habit of adding new protocols inupdates with its own set of defaults for new remote access protocols.Multiple protocols, using multiple authorization sources, with defaults.Its not a suprise why old-timers get annoyed with vendor gear withdefault remote access methods enabled before the user configured theaccess credentials for the access method.

Eventually you'll get bit bysome device, some protocol, that has something enabled without yourknowledge. If you require your vendors not to ship stuff with remoteaccess enabled by default, its not a substitute for your own duedilgence, but in practice it helps reduce unexpected incidents.Jason Shearer07.01.10 6:42. I kind of liked the way the Symantec Vraptor (piece of junk) firewalls used to do it. Factory reset from the front panel, set addressing and it generates new passwords displayed on the LCD.Jason. NOTICE-The attached communication contains privileged and confidential information. If you are not the intended recipient, DO NOT read, copy, or disseminate this communication. Non-intended recipients are hereby placed on notice that any unauthorized disclosure, duplication, distribution, or taking of any action in reliance on the contents of these materials is expressly prohibited.

If you have received this communication in error, please delete this information in its entirety and contact the Amedisys Privacy Hotline at 1-866-518-6684. Also, please immediately notify the sender via e-mail that you have received this communication in error.Steven Bellovin07.01.10 8:51.

On Jan 6, 2010, at 11:38 PM, Joe Hamelin wrote: On Wed, Jan 6, 2010 at 7:19 PM, Dobbins, Roland wrote: Which goes to show that they just really don't get it when it comes to security. Maybe they should look here at all the entries for 'default credentials': Roland, this isn't the home wi-fi market we're talking about. Anyone that's going to buy one of these puppies is going to have a clue about putting their password in.Again, look at - while consumer devices were much worse, there was a noticeable problem on enterprise devices and a significant problem with VoIP devices, and I suspect that those latter are largely enterprise-based.-Steve Bellovin,Ricky Beam07.01.10 21:58. On Wed, 06 Jan 2010 18:24:26 -0500, Jeffrey I. Schiller wrote: An option I saw years ago (I forgot on whose equipment) was a default password which was a function of the equipment's serial number. So you had to have the algorithm and you needed the serial number which was not related to the MAC.

So if you didn't have physical access, you were not in a good position to learn the password.Gadzoox used to do that. The management modules for their hubs hadfactory set random passwords. It's provided on a sticker with the card,so you can put it where you want - just don't lose it, because that'sonly place it exists (without breaking out a JTAG debugger.)Yes, their later gear has standard default passwords.-RickyRicky Beam07.01.10 21:58. On Wed, 06 Jan 2010 19:13:28 -0500, Nick Hale wrote: I think the vendor you're thinking of was Cabletron (now Enterasys).

I had to call them and give them the Serial Number for them to provide me with the default password to the system after a hard reset (this was for an ELS100-24TXG 'switch').And their CPE gear had a 5 minute password reset window after power on.We hated the customers who'd figured that out.While we're on the subject, a lot of leibert gear has a dip switch/jumperblock to turn passwords off entirely. (of course, that requires physicalaccess and a power cycle.)-RickyJoe Greco07.01.10 23:22. While we're on the subject, a lot of leibert gear has a dip switch/jumper block to turn passwords off entirely. (of course, that requires physical access and a power cycle.)So do a lot of HP/Compaq servers with integrated lights out management.Don't think you even need to power cycle (whether you're brave enough togo poking around the deep innards of an energized server is anothermatter).

I know the DIP switch on older DL385's is a micro DIP switchand it's inconveniently located in the middle of the server behind somestuff.The good part is that you can clear out unknown passwords as long as youhave access to the chassis innards. The bad part is that I've seen theseleft in password bypass mode (though the BIOS thoughtfully warns you ofthe status if you do that). JG-Joe Greco - Network Services - Milwaukee, WI -'We call it the 'one bite at the apple' rule. Give me one chance and then Iwon't contact you again.' - Direct Marketing Ass'n position on e-mail spam(CNN)With 24 million small businesses in the US alone, that's way too many apples.Bill Stewart12.01.10 17:50. A password recovery method I've found very frustrating is to use theserial number or similar value that's on a label on the bottom of theequipment.

On Tue, 12 Jan 2010 17:50:37 PST, Bill Stewart said: A password recovery method I've found very frustrating is to use the serial number or similar value that's on a label on the bottom of the equipment.Related pet peeve: Inventory and asset control people that stick a sticker onhardware and then expect to be able to scan the barcode at a later date. Worksfine if the barcode sticker actually ends up facing the front or the back ofthe rack. But occasionally, the sticker ends up stuck on an empty space on theprinted circuit board of a upgrade blade that's plugged into a chassis.gordon b slater12.01.10 23:56. We have an internally written app that allows us to either find where inthe data center a server is, or pull up a rack and see what's in it. Itwouldn't be a very big leap to assign each rack a bar code and have an app(you could even write it as a smartphone app) that scans the bar code andlooks up what's in the rack. Of course, without access to (authenticationis required) the web app front end for the database of what's where, justscanning the bar code wouldn't get you anything but a rack serialnumber.so you don't have to worry about random people scanning the rackbar code.BTW.a friend who works for a mostly failed.com patented something likethis some years ago. I think his patent was actually for a system inwhich a bar code on the front of a server could be scanned by a portabledevice, and you'd get current system health information for that system.-Jon Lewis I routeSenior Network Engineer therefore you areAtlantic Net for PGP public keyNathan Eisenberg13.01.10 10:13.

-Original Message- From: Matt Simmons mailto: Sent: Wednesday, January 13, 2010 9:55 AM To: Barry Shein Cc:; Bill Stewart Subject: Re: Default Passwords for World Wide Packets/Lightning Edge Equipment That would be excellent for both the administrator, and anyone walking down the row with a wand in their pocket.I'm not sure there's an attack vector utilizing inventory ID numbers. Even if there is, they can just as easily scan a barcode or read a label from that distance, so I'm not sure there's a huge difference.Best Regards,Nathan EisenbergBarry Shein13.01.10 10:15. There seem to be a lot of misconceptions about RFID tags. On Wed, 13 Jan 2010, Barry Shein wrote: The big advantage of RFIDs is that you don't need line of sight access like you do with bar codes, they use RF, radio frequency.Which is also a big disadvantage in a datacenter. Ever tried to use aradio in one?The RF noise generated by digital equipment seriously erodes signalquality. Considering the relatively weak signal returned from RFID tags,I'd be surprised if you'd get any kind of useful range.Has anybody tried it out?Brett Frankenberger13.01.10 11:22. On Jan 13, 2010, at 1:45 PM, Barry Shein wrote: There seem to be a lot of misconceptions about RFID tags.

I'm hardly an expert but I do know this much: RFID tags are generic, you don't put data into them unique to your application.Part of the original (or at least early) context for this thread was recovery of default passwords. If the password is F(ser#), it's only learnable if you know both F and ser#. The vendor knows F - who knows ser#? If it's in an RFID tag, or is DBlookup(tag#,vendordb), being able to read this admittedly-arbitrary number may indeed be a threat.-Steve Bellovin,Brandon M. Lapointe13.01.10 11:38.

I have something akin to experience in this arena at least as it appliesto the ambient RF environment and the security of the data transferred.As a matter of fact the two usually go hand in hand. The issue that Iusually see is how to protect your new drivers license / passport / IDbadge (with embedded RFID) from someone stopping next to you at a subwaystation with an RFID reader hidden in their briefcase, although denselypopulated CoLo's wouldn't be much different. The preferred standard isusually the FIPS 201 standard and is deployed at 13.56Mhz which ensuresyou have to be pretty darn near the transceiver to 'get a read' but alsomakes the problem of ambient (RF) noise pretty much a non-issue. Theissue arises in tags placed so close together that they are in the readfield at the same time causing multiple emitters in the same channel.Recent implementations have a built in collision avoidance mechanismthat eliminates the issue entirely in my testing (understanding channelcontention for this exercise is at most dozens of transmitters, andwouldn't scale up to anything larger). These same recent implementationsuse 3DES to secure the open-air channel, reducing prevalence ofman-in-the-middle type attacks. Finally, it is common now to retrievethe encrypted contents of the RFID tags and require that a CA hierarchyvalidate both sides of the transaction prior to decryption which cancontain 4K in the data sectors or more.Brandon L.I have something akin to experience in this arena at least as it appliesto the ambient RF environment and the security of the data transferred.As a matter of fact the two usually go hand in hand. The issue that Iusually see is how to protect your new drivers license / passport / IDbadge (with embedded RFID) from someone stopping next to you at a subwaystation with an RFID reader hidden in their briefcase, although denselypopulated CoLo's wouldn't be much different.

The preferred standard isusually the FIPS 201 and is deployed at 13.56Mhz which ensures you haveto be pretty darn near the transceiver to 'get a read' but also makesthe problem of ambient (RF) noise pretty much a non-issue. The issuearises in tags placed so close together that they are in the read fieldat the same time causing multiple emitters in the same channel. Recentimplementations have a built-in collision avoidance mechanism thateliminates the issue entirely in my testing (understanding channelcontention for this exercise is at most dozens of transmitters, andwouldn't scale up to anything larger). These same recent implementationsuse 3DES to secure the open-air channel, reducing prevalence ofman-in-the-middle type attacks. Finally, it is common now to retrievethe encrypted contents of the RFID tags and require that a CA hierarchyvalidate both sides of the transaction prior to decryption which cancontain 4K in the data sectors or more.Brandon L.Stefan13.01.10 11:43.

Steven Bellovin wrote: On Jan 13, 2010, at 1:45 PM, Barry Shein wrote: There seem to be a lot of misconceptions about RFID tags. I'm hardly an expert but I do know this much: RFID tags are generic, you don't put data into them unique to your application.Not true, the simplest rfid tags are energized and play back whateverstring is embedded, passive tags, however, plenty of device that fallunder the moniker rfid are at a minimum field programmable. Moreoverwhen you get beyond passive tags, the devices can be found with full onjava stacks, challenge response system, fips certified crypto engines,flash for stored value etc.

Part of the original (or at least early) context for this thread was recovery of default passwords. If the password is F(ser#), it's only learnable if you know both F and ser#. The vendor knows F - who knows ser#? If it's in an RFID tag, or is DBlookup(tag#,vendordb), being able to read this admittedly-arbitrary number may indeed be a threat.Steve Bellovin,Valdis.@vt.edu13.01.10 12:00. On Jan 13, 2010, at 2:47 PM, Nathan Eisenberg wrote: Not if you change the default password like any sane admin does.This is from the OP:I have recently inherited the management of an undocumented network (failed FTTH provider) which utilizes World Wide Packets' LightningEdge 427 (16 port GBIC switch) and 311v (24/4 port Ethernet/GBIC switch) switches.Does anyone know the default passwords for World Wide Packets 427 and 311v switches?Lots of gear has a button/jumper/poptheCMOS battery/otherphysicalpresencemagic to reset things to factory state, including the default pw. The threat went on to why default passwords are bad, to passwords on the bottom of the device, to RFIDs because the devices of interest to this community are racked and stacked - and back to theme #2: default passwords are bad.-Steve Bellovin,Graeme Fowler13.01.10 12:34. On Wed, 2010-01-13 at 15:12 -0500, Steven Bellovin wrote: Lots of gear has a button/jumper/poptheCMOS battery/otherphysicalpresencemagic to reset things to factory state, including the default pw.

The threat went on to why default passwords are bad, to passwords on the bottom of the device, to RFIDs because the devices of interest to this community are racked and stacked - and back to theme #2: default passwords are bad.And somewhere in the dim and distant past (Jan 6th), Nathan announcedthat he'd sorted out his original problem and now had the defaults.What a peculiar bunch we are. And this from the group lauded asanonymously and peacefully co-existing to hold the Internet together,eh?GraemeNathan Eisenberg13.01.10 12:50. From: Graeme Fowler mailto: And somewhere in the dim and distant past (Jan 6th), Nathan announced that he'd sorted out his original problem and now had the defaults. What a peculiar bunch we are. And this from the group lauded as anonymously and peacefully co-existing to hold the Internet together, eh? GraemeI think the impulse to challenge and question assertions probably tends to be a common personality feature in (good) network admins. The resulting conversations are often lively, oddly passionate arguments - but I firmly believe that there is a friendly nature behind it all.NathanValdis.@vt.edu13.01.10 13:55.

World Wide Packets Lightning Edge 46 Manual 2016

Spokane-based (WWP) will announce Monday that it has raised $15.7 million in a third funding round. The access gear maker has raised $105.7 million to date since its inception in January 2000.CEO David Curry says there will be a second close on the third round, one that will result in a 'consequential' contribution to WWP's funding pile.

The company's new investors include and, which led the round. WWP says several existing investors also participated in the round, including.WWP will use the money to expand its sales force and to kickstart a more indirect business model and distribution system for its products. The company started out selling directly to U.S.-based municipalities and utilities (see ).

World Wide Packets Lightning Edge 46 Manual Download

Later, it expanded to target some European and Asian carriers, and now, according to Curry, WWP would like to work toward handling all sales and fulfillment through partners in some parts of the world (see ).Curry, one of WWP's original individual investors, became the company's CEO about a year and a half ago. WWP's outspoken founder, no longer has day-to-day responsibilities at the company.Curry categorized WWP's latest financing as a 'down round' and a 'recapitilization,' but declined to go into detail as to how significantly the earlier investors were diluted. 'The initial capitalization of the company in 2000 reflected year 2000 valuations,' he explains.But the important part here is that WWP does have funding and can keep going. The last time Light Reading caught up with WWP, it was in the process of raising money while closing on three big deals in Europe with (NYSE: KPN), (Nasdaq: TWSTY), and (see ).In the Telewest bid, WWP beat out several competitors including, (Nasdaq: CSCO), (Nasdaq: FDRY), and (NYSE/Toronto: NT).WWP's product line includes a central office box - the LightningEdge Access Distributor – which allows service providers to connect with subscribers over standard Gigabit Ethernet or 10-Gbit/s Ethernet links.

It aggregates up to 120 standard Gigabit Ethernet connections from Access Portals or Access Concentrators.At the subscriber end is the LightningEdge Access Portal, which has up to eight 10/100-Mbit/s Ethernet connections for PCs, IP phones, or other appliances. The Access Portal can support up to two POTS lines.In between sits the Lightning Edge Access Concentrator, which aggregates up to 24 10/100-Mbit/s Ethernet connections, from either Access Portals or other Access Concentrators, on a single platform.

That device connects to the LightningEdge Access Distributor via four, singlemode fiber Gigabit Ethernet links.The whole kit is managed by the LightningEdge Network Supervisor, management and provisioning software allowing voice, video, and data to become provisioning options from the service provider to its subscriber base, rather than individual applications from separate providers (see ).WWP now has more than 60 customers for its gear worldwide. In 2004, the company says it expects to have a 'steady stream of customer announcements' and that it will be more vocal on the active vs. Passive access gear approaches. Translation: They're kicking off a PR war against the PON vendors, WWP's main competitors.Curry says WWP was indeed one of the company's that sought (NYSE: VZ) FTTP business, which was eventually awarded to (Nasdaq: AFCI). The decision came down to a 'religious issue,' he says.

'It was largely a result of Verizon using APON to protect their legacy investment in.With appropriate irony, Verizon will use the new FTTP technology, built on legacy gear, in greenfield applications first.What Curry can't seem to get is why PONs such as those built by AFC are still called passive. DLCs have active electronics, as do the customer premises devices receiving the bandwidth on the subscriber end of PONs. Wonders Curry: 'What's this issue of carrier's saying they want no actives in the field?' — Phil Harvey, Senior Editor. Re: World Wide Packets Bags $15.7MBobbyMax wrote:'It is not about bagging money. The WPP had a lot of problems with Alcatel which paid a lot of money to acquire WPP but was cheated as the product never worked. Verizon may not have given to WPP in view of its past history.'

Then truelight wrote:'WWP is not proven and is not a player in real telecom acces - you will see. RBOCs are for legacy players not new age companies.' Both posts puzzle me.First, BobbyMax' post:I'm not sure what Alcatel has to do with Worldwide Packets - their FTTP products are very different (active vs. Is there some history from several years ago that I'm not aware of? I haven't heard of any recent relationship - I thought they were competitors.Second, truelight's post:Worldwide Packets has been shipping FTTP products longer than most FTTP vendors. Provo Power did an extensive field trial using WWP gear, then an evaluation of other vendors' products prior to further deployment. They were favorably impressed by WWP.

Sounds like a proven product to me. There are other power utilities using WWP in FTTP deployments, also.Since WWP's products are active, not passive, they don't fit the 3 largest Bells' stated FTTP requirements. But then you could legitimately argue that, so far, the '3 Amigos' are 'not proven' FTTP providers and thy are 'not. Players in real telecom access' (to use truelight's words).A.B. Re: World Wide Packets Bags $15.7MI believe that Bobby was refering to Packet Engines, Daines previous Ethernet company which was aquired by Alcatel for around $300M. They later discontinued the product.Depending on who you ask, either the product sucked and Alcatel got ripped off, or Alcatel ruined a great company. Either way, there is no love between Daines and Alcatel, and there were some disagreements on whether or not Daines was re-using some intellectual property that he sold to Alcatel.I don't know if Packet Engines was a good company or not, but the trade show booth shaped like a train was certainly an interesting use of startup funding.I have to laugh at Curry's complaint that they lost to APON because Verizon protecting their existing network was a 'religious issue.'

Quite the opposite. It was a business issue that ignored Danies religious beliefs that resistance to Ethernet was 'futile.' The better technology does not always win. The company is trying to make a profit and is considering their overall costs, not just the cost of the equipment in question.Expecting a company to throw away their existing network just because you have a better solution to one small part of that network.now THAT takes some religous faith. Re: World Wide Packets Bags $15.7MMy post puzzles you because you have no experience in access.

Let me clarify for you;-)FTTP is nothing new it has been available of DLCs for many years and well before WWP came out of the closet. Active electronics in the loop is nothing new since this is exactly what a 3GDLC is as part of extending the CSA of a CO.Sadly WWP offers no 'new' alternatives to the RBOC that is more compelling than a DLC with a PON offering, which is the current percieved market.

The DLC is also a lot cheaper and offers traditonal services without the 'packet' challenges.If WWP customer validation is by a 'utility' customers - mmmmm I cannot restrain myself from laughing.If I don't get a higher rating for this 'trump' then LR does not know anything about access either.TL. Re: World Wide Packets Bags $15.7Mtruelight wrote:My post puzzles you because you have no experience in access. Let me clarify for you;-)FTTP is nothing new it has been available of DLCs for many years and well before WWP came out of the closet.

Active electronics in the loop is nothing new since this is exactly what a 3GDLC is as part of extending the CSA of a CO.Sadly WWP offers no 'new' alternatives to the RBOC that is more compelling than a DLC with a PON offering, which is the current percieved market. Re: World Wide Packets Bags $15.7Mtruelight wroteFTTP is nothing new it has been available of DLCs for many years and well before WWP came out of the closet. Active electronics in the loop is nothing new since this is exactly what a 3GDLC is as part of extending the CSA of a CO.Sadly WWP offers no 'new' alternatives to the RBOC that is more compelling than a DLC with a PON offering, which is the current percieved market. The DLC is also a lot cheaper and offers traditonal services without the 'packet' challenges.Please post more information (or links) on how you're handling cable TV programming and services for FTTP with your 3GDLC approach you're advocating.AB.