Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Redirect SNMP Traps in haxoware ?
#1
what does it actually do ? mines is unticked, some people say it should be ticked.
Reply
#2
http://lmgtfy.com/?q=snmp+traps+explained


from the old haxorware manual
6. Here you can change what Vendor, Model, and software version the modem reports when it is SNMP
scanned and when it requests a HFC DHCP lease. For example, if you are using the MAC address of a ambit,
it is a good idea to change these to reflect an Ambit modem to prevent suspicion.Clearing any of these
boxes will return that box to the default Motorola values.
7. Since ISP’s mainly do snmp scanning on the default SNMP ports (161 and 162), changing these will
essentially block any snmp probes from the ISP. The default “stealth” ports are 225 and 226 for the snmp
and trap ports respectively.
__________________________________________________________________________________
******new discord chat link https://discord.gg/5BQQbsb*******
Reply
#3
(31-10-2009, 01:05 AM)drewmerc Wrote: http://lmgtfy.com/?q=snmp+traps+explained


from the old haxorware manual
6. Here you can change what Vendor, Model, and software version the modem reports when it is SNMP
scanned and when it requests a HFC DHCP lease. For example, if you are using the MAC address of a ambit,
it is a good idea to change these to reflect an Ambit modem to prevent suspicion.Clearing any of these
boxes will return that box to the default Motorola values.
7. Since ISP’s mainly do snmp scanning on the default SNMP ports (161 and 162), changing these will
essentially block any snmp probes from the ISP. The default “stealth” ports are 225 and 226 for the snmp
and trap ports respectively.

hhmmm, interesting, thanks mate.

so let me see, in the screenshot provided.

if this haxoware is on a surfboard 5101e and the person is getting intermitant disconnections and using what are good solid ambit macs, are the settings in the screenshot wrong then ?

just trying to figure this out if thats a strong reason why theres intermitant disconnects, heres some of the log here when it happens >

Event Log
Time Priority Code Description
2009-10-30 23:10:20 Warning D103.0 DHCP RENEW WARNING - Field invalid in response
2009-10-30 23:09:37 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:12 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 23:09:11 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 23:09:11 Critical Resetting the cable modem due to docsDevResetNow
2009-10-30 23:09:06 Warning D103.0 DHCP RENEW WARNING - Field invalid in response
2009-10-30 23:08:21 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:14 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 23:07:53 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 23:07:53 Critical Resetting the cable modem due to docsDevResetNow
2009-10-30 05:15:23 Warning D103.0 DHCP RENEW WARNING - Field invalid in response
2009-10-30 05:14:54 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:13 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 05:14:30 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 05:14:30 Critical R004.0 Received Response to Broadcast Maintenance Request, But no Unicast Maintenance o
2009-10-30 05:13:56 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:15 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 05:13:30 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 05:13:30 Critical Resetting the cable modem due to docsDevResetNow
2009-10-30 05:12:14 Warning D103.0 DHCP RENEW WARNING - Field invalid in response
2009-10-30 05:11:46 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:12 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 05:11:24 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 05:11:24 Critical R004.0 Received Response to Broadcast Maintenance Request, But no Unicast Maintenance o
2009-10-30 05:10:50 Error E206.0 Improper Configuration File CVC Format
2009-10-30 05:10:50 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 05:10:24 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 05:10:24 Critical Resetting the cable modem due to docsDevResetNow
2009-10-30 05:09:32 Warning D103.0 DHCP RENEW WARNING - Field invalid in response
2009-10-30 05:08:35 Error E206.0 Improper Configuration File CVC Format
2009-10-30 05:08:33 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
2009-10-30 05:08:25 Notice M572.0 Dhcp Renew Failed - Reinitialize MAC...
2009-10-30 05:07:27 Critical R004.0 Received Response to Broadcast Maintenance Request, But no Unicast Maintenance o
2009-10-30 05:06:52 Error E206.0 Improper Configuration File CVC Format
2009-10-30 05:06:51 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
2009-10-30 05:06:42 Notice M572.0 Dhcp Renew Failed - Reinitialize MAC...
2009-10-30 04:47:41 Warning D103.0 DHCP RENEW WARNING - Field invalid in response
2009-10-30 04:46:43 Error E206.0 Improper Configuration File CVC Format
2009-10-30 04:46:41 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
2009-10-30 04:46:32 Notice M572.0 Dhcp Renew Failed - Reinitialize MAC...
2009-10-30 04:45:34 Critical R004.0 Received Response to Broadcast Maintenance Request, But no Unicast Maintenance o
2009-10-30 04:44:56 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:11 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 04:44:35 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 04:44:34 Critical Resetting the cable modem due to docsDevResetNow
2009-10-30 04:44:34 Warning D103.0 DHCP RENEW WARNING - Field invalid in response
2009-10-30 04:43:59 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:11 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 04:43:36 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 04:43:36 Critical Resetting the cable modem due to docsDevResetNow
2009-10-30 04:43:32 Error E206.0 Improper Configuration File CVC Format
1970-01-01 00:00:11 Critical D003.0 DHCP WARNING - Non-critical field invalid in response.
1970-01-01 00:00:05 Notice M571.1 Ethernet link up - ready to pass packets
2009-10-30 04:43:12 Notice M573.0 Modem Is Shutting Down and Rebooting...
2009-10-30 04:43:11 Critical Resetting the cable modem due to docsDevResetNow
2009-10-30 04:42:14 Error E206.0 Improper Configuration File CVC Format


Attached Files Thumbnail(s)
   
Reply
#4
Quote:I believe the 'Code Verification Certificate' Is one of the certificates stored in a stock modems firmware. It is defined by the manufacturer and model of modem you are using, and is stored in your modems firmware...getting overwritten if you flash it with a 2mb dump....but not if you just install the firmware itself (hint).

When you reg on the VM network without valid BPI/BPI+ certificates, the modem is told by the config file to download updates to its firmware / certs securely..using RSA encryption and all sorts of nastiness.

However, to even initiate this secure download, the CVC of your modem is mathematicaly compared to a string in the config file downloaded. If it's a match, the modem attempts to set up the secure download of its update.

If not...either due to hacked FW having the wrong CVC, or say a stock a250 downloading a Motorola config file, validation will fail and the BPI certs will not be updated. This never used to be much of a problem, but with BPI being enforced properly now....that's what's fking us over with the later model configs.

altho it can be caused by the the modem your trying to spoof being to near (the next ubr)
or trying to use a 50meg config (this is the only time i've seen it myself)

http://www.techwatch.co.uk/forums/57478-...ssage.html
__________________________________________________________________________________
******new discord chat link https://discord.gg/5BQQbsb*******
Reply
#5
(31-10-2009, 11:53 AM)drewmerc Wrote:
Quote:I believe the 'Code Verification Certificate' Is one of the certificates stored in a stock modems firmware. It is defined by the manufacturer and model of modem you are using, and is stored in your modems firmware...getting overwritten if you flash it with a 2mb dump....but not if you just install the firmware itself (hint).

When you reg on the VM network without valid BPI/BPI+ certificates, the modem is told by the config file to download updates to its firmware / certs securely..using RSA encryption and all sorts of nastiness.

However, to even initiate this secure download, the CVC of your modem is mathematicaly compared to a string in the config file downloaded. If it's a match, the modem attempts to set up the secure download of its update.

If not...either due to hacked FW having the wrong CVC, or say a stock a250 downloading a Motorola config file, validation will fail and the BPI certs will not be updated. This never used to be much of a problem, but with BPI being enforced properly now....that's what's fking us over with the later model configs.

altho it can be caused by the the modem your trying to spoof being to near (the next ubr)
or trying to use a 50meg config (this is the only time i've seen it myself)

http://www.techwatch.co.uk/forums/57478-...ssage.html

thanks mate.

so first of all, with regards to my last post (post 3) and attached screenshot etc, is that part looking set up ok ?

secondly, what youve just posted about the cvc, how can me get the proper details written into the formware then ?? is it impossible ? its a bit of a pain in the ass if we cant as it diconnects every now and again, its strange though as it can be solid for like 2 days, then other days its bombarded going on/off all the time, you think thats what causing the disconnects ?

and thirdly, can you show me the main screenshots of how all the settings and things in haxoware should be properley set, ive got a feeling ive not got some things right here.
Reply
#6
i'd change change the modem identifiers to match your mac eg spoof an ambit
and your reboots seem like a mac issue (ubr to close) and they dont turn there modem on to often
__________________________________________________________________________________
******new discord chat link https://discord.gg/5BQQbsb*******
Reply
#7
(01-11-2009, 05:15 PM)drewmerc Wrote: i'd change change the modem identifiers to match your mac eg spoof an ambit
and your reboots seem like a mac issue (ubr to close) and they dont turn there modem on to often
thanks mate.

the macs iam using are defo not from same ubr etc, good macs they are. (iam forcing a 50Mb config remember)

as for changing the modem identifiers, ive done what i thinks best, but have a look, ive attached the original page from ambit modem and the edit page from the surfboard/haxo, what do you think ??


Attached Files Thumbnail(s)
       
Reply
#8
your version spoof is wrong
HW_REV: 1.19; VENDOR: AMBIT; BOOTR: 3.1.6d; SW_REV: 2.94.1015; MODEL: E08C007
(mine but i'm not forcing 50mb but you get the idea)
plus you will lose the decimal for the hw_rev due to the firmware being moto based

cd /
cd s
get sysDescr

thats what the isp will see
__________________________________________________________________________________
******new discord chat link https://discord.gg/5BQQbsb*******
Reply
#9
(02-11-2009, 09:44 AM)drewmerc Wrote: your version spoof is wrong
HW_REV: 1.19; VENDOR: AMBIT; BOOTR: 3.1.6d; SW_REV: 2.94.1015; MODEL: E08C007
(mine but i'm not forcing 50mb but you get the idea)
plus you will lose the decimal for the hw_rev due to the firmware being moto based

cd /
cd s
get sysDescr

thats what the isp will see

wait wait wait, lol, your losing me mate, lol, iam new to haxo and surfboard 5010e, i bought the modem with the firmware of haxo pre installed, so thats how iam pretty much lost, last modems i actually done was back in the days of ambit 100's and 120's and 200's etc, and its been a hell of a long time even since i done one of them, lol.

i dont understand what your telling me to do like >>

cd /
cd s
get sysDescr

and i dont know why your saying my spoof is wrong, do you mean my identifier details ?? if so, the photos show you what details my subbed ambit 256 shows me on the console page of virgin firmware, and i just copied the details from that to the haxoware identifier like you told me to do before.

so youve kind of lost me a bit now, can you please explain to me what you mean and how i do it, thanks man.
Reply
#10
they are wrong cause they are in the wrong order
the above telnet command will show you what the isp see's when they check your hadware version during bootup (it has to match what they would normaly see)


Attached Files Thumbnail(s)
   
__________________________________________________________________________________
******new discord chat link https://discord.gg/5BQQbsb*******
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)