Resources | qa

Articles

Digital Forensic Investigation Using CloudShark Threat Assessment

Including packet captures in your DFIR strategy becomes increasingly important for maintaining a strong security posture and ensuring a swift and effective response to potential threats. Here's how CloudShark Threat Assessment makes that work.

What to do with your stability test results

In this video, Matt summarizes what to do once you’ve got some stability test results: what to look for, how to find it, and what to do next to help improve your products.

About TCP Completeness

A new field in CloudShark called "TCP Completeness" calculates which packets of a TCP connection are seen in a PCAP file. This field allows you to determine if the TCP 3-way handshake has been captured while viewing any packet in the connection. This article will explain why it is essential to know if these packets have been captured, how the value for this field is calculated, and how you can use it.

Finding answers in packet capture data with Betty DuBois

In this special video with packet expert Betty DuBois, learn how profiles work when getting ready to view a packet capture; using profiles and known filters together to get to the information you need; using CloudShark along with profiles to collaborate with everyone involved in resolving an issue.

Testing stability in parallel with your complete test strategy

In this article with a helpful infographic, we discuss how to incorporate stability testing with your feature validation, performance, and regression testing and how to leverage CDRouter's parallel testing capabilities to streamline the process.

Test case and automation recipe for stability testing in CDRouter

What are the key tests you should run, and in what combination, for a good stability/stress test process? Here are our recommendations when performing this kind of testing with CDRouter.

Testing performance and stability of Wi-Fi routers and broadband CPE

We had a major ISP encounter long-term stability issues in the field that would never be revealed by simply testing throughput in ideal situations. Here's what happened and how fully-automated stability testing can help.

Video: Testing Broadband Forum TR-181 Data Models for TR-069 and USP

Using new display filters in CloudShark 3.10+

CloudShark 3.10 updates the display filter language, and users may need to update certain filters in their existing profiles. Here are the major changes users should know about and how to best use them!

CloudShark in action: solving the 2022 SANS Holiday Hack Challenge with pcaps

Here’s a great example of how fast CloudShark can get the right answers in cybersecurity investigations. Our own Tom Peterson decided to tackle the 2022 SANS Holiday Hack challenge, with a pcap investigation as the first step.

Video: 5G/LTE Gateway Testing with CDRouter and Amarisoft

In this video with QA Cafe and Amarisoft, learn how to easily connect your fixed-wireless gateway products to a fully-automated test environment with thousands of test cases.

Running CDRouter through an access concentrator or shared test setup

Brad demonstrates how to set up automated CPE testing when using a GPON OLT, DOCSIS CMTS, or an Amarisoft LTE Callbox.

How to write a Wireshark tap plugin in Lua

Creating Lua plugins can be very useful to Wireshark and TShark users, and there’s a great community around building them. Here's how we built our Wireless Networks Tap in Lua to use as a useful example when writing your own plugins!

How Trinity Cyber uses CloudShark to provide complete network security peace-of-mind

We recently interviewed Jeremy Brown and Stefan Baranoff at Trinity Cyber to learn how they make PCAPs a part of their solutions and how they use CloudShark and the CloudShark Threat Assessment tool to provide complete network security peace-of-mind to their customers.

Tips for Testing mDNS on Home Gateways

Here are some of the most important things to pay attention to if you are responsible for testing mDNS on your home gateway and Wi-Fi router products.

CDRouter Tips and Tricks for 2023

Join Matt, Brad, and Brian of the CDRouter customer success team to learn their favorite testing and automation tips that you should consider in the coming year.

Sample captures for QUIC, DoH, CommunityID, WPA3 and other protocols in CloudShark 3.10

This collection of sample capture files highlights some of the new and updated protocol support included in CloudShark 3.10, including QUIC, DoH, WPA3, JA3, CommunityID, OPUS over RTP, and Wireguard.

3 Tips for Securing Network Capture Data

If you are a CISO or head of a NetSecOps department, you need to consider that network packet captures are both a powerful asset and a source of cyber security risk. However, they significantly improve DFIR work, if they are organized and available for collaboration! Here's 3 tips on how your NetSecOps team can pcaps files securely and effectively.

Top focus areas for testing IP set-top-boxes and smart TVs

Here are some of the most important things that developers, manufacturers, and operators should consider when testing set-top-boxes, smart TVs, and other IP video devices and how QA Cafe's fully-automated PassPort test solution makes it easy.

How to use virtual LAN clients to test broadband and Wi-Fi gateways

In this video, you’ll learn why simulating multiple virtual clients in your test setup is a powerful and economical way to validate your device’s functions, features, and performance.

How Calix used CDRouter to develop and certify their USP/TR-369 solution for Broadband Service Providers

Calix recently achieved BBF.369 USP certification for their GigaSpire BLAST systems, proving the quality of the product and support of the USP ecosystem. We sat down with Randy Qin, Director of Product Development of Revenue EDGE Products at Calix, to ask about their decision to support USP and their experience testing using CDRouter. Here’s what he had to say!

Basic configuration for TR-069 testing

Brad shows you how to set up a CDRouter config file for TR-069 testing and how to configure your Device Under Test to connect with CDRouter's ACS.

TR-069 test module overview

Brad gives an overview of the test packages you can build when performing TR-069 testing.

PCAP Collaboration Tips for NetSecOps Teams

Here are some tips to make working with captures as a team easier, more fruitful for the people doing the work, and more efficient for your organization as a whole.

Mist Dynamic PCAP - FAQ

What you need to know to get instant pcap analysis with your Mist AI systemOver the last 2 years, Mist users have opened tens of thousands of PCAPs directly from their dashboard to analyze with CloudShark. This partner integration delivers an entirely web-based way to connect anomalous network events with the raw PCAP. This was accomplished entirely frictionlessly, without any configuration or setup on behalf of the Mist customers.

Where to spend your smart home testing budget

Product managers have to make some tough decisions about what kind of testing to focus on and how to get it done. Here are some of the things you should consider when allocating your smart-home product testing budget.

analiti CloudShark Integration

analiti’s CloudShark integration is a quick, easy, and cost-effective solution for IT Networking Experts to leverage existing resources in the field to get a clear picture of the WiFi environment configuration and coverage by uploading WiFi scan results from clients’ phones to CloudShark Enterprise for further analysis. analiti is available for download in the Google Play Store and the Amazon Appstore and does not require additional or specialized hardware for generating PCAPng files from WiFi scans.

Configuring and Analyzing Performance Tests

Brad demonstrates how to set up performance testing using the CDRouter Performance Add-On Expansion.

Building an automated test strategy - the definitive guide

Download our complete guide to creating a test automation strategy for developers, QA teams, and product managers building broadband CPE, Wi-Fi, and smart home products.

Analyzing Test Log Information

Brad shows you how to get insights into your test failures from test logs and packet captures, plus how to export and share results.

Viewing and Analyzing Results

Brad demonstrates what the next steps are once your tests are complete, how to visualize results, and how to restart tests.

Using CI/CD Tools in Broadband and Wi-Fi Product Development

Watch this special video with QA Cafe's Senior Developer and API Master, Niels Widger, to learn how to incorporate feature, security, and performance testing into your CI/CD process!

Top 3 benefits of moving network and security analysis to the cloud

Analysis tools are critical to IT and cybersecurity efforts, and are much more useful when properly incorporated into an enterprise’s overall cloud infrastructure, accessed using modern web technologies and APIs. Here are some of the benefits of using cloud native analysis tools as part of your overall cloud strategy.

Using the CDRouter API with a CI/CD environment

Niels demonstrates how to use the cdrouter.py scripts with your CI/CD pipeline.

Building a Test Package

Brad demonstrates how to select tests, schedule, and launch a test package.

TechTarget: Top 5 considerations of IoT Wi-Fi interoperability testing

Read our latest TechTarget IoT Agenda article to learn Wi-Fi testing best practices for your industrial IoT and smart-home products.

Configuring multiple WAN, LAN, and virtual interfaces

Brad demonstrates how to set up multiple physical or virtual WAN/LAN interfaces for testing enabled by the CDRouter Multiport expansion.

What's new in the TR-181 Device:2.15 data model for USP and TR-069

The data model that defines what can be managed, monitored, and manipulated by TR-069, and its successor, USP/TR-369, is frequently updated to include new capabilities and interfaces to enable service provider control of the home network. As new technologies emerge, Broadband Forum members contribute to the next version of TR-181 in a fairly fast revision cycle.

Testing your own TR-069/USP deployment scenarios

Learn how you can test your own TR-069 or USP deployment scenarios using CDRouter to automatically configure devices for testing, replicate your device onboarding process, reproduce field issues, and connect your device to a live TR-069 ACS or USP Controller and monitor traffic.

Examining the Four Types of Network Security Monitoring Data (Rich Bejtlich Video)

Richard examines the four types of network security monitoring data: 1) full content data ("PCAP"), 2) transaction logs, 3) extracted content, and 4) intrusion detection systems (IDS) alerts. He uses Cloudshark to examine all four types and to compare and contrast the strengths and weaknesses of each.

How and why to test your CPE with CDRouter - with Steen Enevoldsen

Steen Enevoldsen is an industry veteran who has worked for both vendors and operators worldwide. He's also a CDRouter power-user! Watch this video where he explores how to get the most out of test tools like CDRouter and how to justify the purchase to your company.

Packet capture use cases for operators and ISPs

What are some of the best ways that operators can gather and record network packets? What should you do as a vendor to enable packet capture in your products? What are the best ways to work with captures once you have them?

IOPSYS uses CDRouter to guarantee high-quality SDK for broadband gateways and Wi-Fi routers

IOPSYS Software Solutions AB is a Swedish company taking the lead in bringing the open-source business model to broadband gateways and Wi-Fi routers. Here's how they use CDRouter to shorten their development cycles and improve customer confidence.

Making the Internet Safer: How and Why We Use Suricata to Analyze Network Traffic and Test Network Devices

Whether you are a network product developer, network operator/ISP, or on a network/security operations team, learning about open-source Intrusion Detection System platforms like Suricata will help you! Watch our video to learn what it is how we use it in our products at QA Cafe.

Configuring 802.11 settings

Brad covers specific 802.11 configuration settings for testing over a wlan interface.

Basic WAN and LAN test configuration

Brad demonstrates how to build a basic configuration for testing, setting up WAN and LAN endpoints.

Managing Devices Under Test

Brad covers how to add devices to CDRouter's device management system to assign configurations, track testing, and connect to a DUT's user interface from CDRouter's UI.

CDRouter UI Overview

As part of our CDRouter training series, Brad gives an overview of the CDRouter user interface and how to add devices, run tests, and view results.

QA Cafe and RDK-B testing on the RDK Podcast

The QA Cafe team works closely with the RDK community to validate the open-source RDK-B solution. Our CTO Tim Winters got a chance to sit down with Jamie Walker from the RDK Podcast to talk about testing, automation, standards, and how CDRouter helps RDK-B implementations stay robust and interoperable! Watch it here.

Our TechTarget Article: Why move to an all IP IoT?

IoT users in both industrial and connected home settings expect their products and applications to “just work”. Luckily, IP technologies and IPv6, in particular, can help. In this article, learn why many IoT networks move to all-IP and what testing you can do to ensure your products work in the field.

New ways to analyze network traffic with Suricata

In this article, we explore what Suricata is, what it does, and some of the new and interesting ways we use Suricata in CloudShark, CDRouter, and PassPort.

How to Improve Wi-Fi Interoperability in Your Smart Home Products

Watch as the QA Cafe PassPort team shows you how fully automated Wi-Fi connectivity testing will improve your IoT and smart home products. We’ll cover topics including common connectivity and stability issues with Wi-Fi enabled products; Wi-Fi security and configuration options, and why you should test all of them; and Automating tests to look for regressions.

Using SAML with your network and security analysis tools

3 mins

Many of our customers ask about SAML-based single sign-on in CloudShark and other network analysis tools - here’s why that’s a good thing.

Testing IoT for interoperability, security and reliability (TechTarget)

Read our guest article in TechTarget IoT Agenda to learn why networking interoperability, security, and reliability need to be tested, why they are important to a solid IoT experience, and how stakeholders can automate testing, supplement their expertise, and pay attention to the small details that will help them deploy better products.

How to build better smart home products with automated testing

In this video, learn which protocols, features, and performance metrics to test for IoT and smart home products, why they are important to a solid IoT experience, and how pre-built and automated test cases will take the pain out of product QA and validation.

Containerizing capture analysis to save your network

2 mins

Containerizing your cloud-based packet capture analysis solution can provide a significant advantage for network operations and security teams. Your analysts should focus more on solving issues and less on how to meet your company’s IT and deployment requirements. Here are some tips on how moving your packet capture infrastructure to the containerized cloud can help save your network and give you superhero status.

Download our free eBook for operators on securing CPE

Our free guide for service providers covers the top ways that hackers target your subscriber's home network and a development checklist to protect your brand, your network, and your customers.

Beyond the Phy - Best Practices for Testing Wi-Fi Routers, APs, and Mesh Systems

15 min read

A guide for building best-in-class Wi-Fi products in a highly competitive market.

How do I get USP/TR-369 certified?

CDRouter is the official self-test platform of the certification program for TR-369, called BBF.369.
Looking to get certified? Reach out to us to get started!

Latin Telecom Uses CDRouter to Help Operators Deliver Better Services Through Testing

3 min read

Whether it is for broadband Customer Premises Equipment (CPE), home or enterprise Wi-Fi, or web-applications, Latin Telecom understands the benefits of automated testing to produce the best customer experience for broadband subscribers.

AirTies delivers the best wireless home network experience through automated testing

3 min read

AirTies Wireless Networks Wi-Fi mesh and smart extender systems are the most deployed, robust and financially viable solution for service provider deployment on the market. Maintaining that status is no small feat, however. A key factor in AirTies’ achievement comes from testing and quality assurance at every stage of their development process.

Simplifying cloud-managed network troubleshooting with packet captures

1 min read

As more network management moves to the cloud, vendors building cloud-managed network tools have a unique opportunity to provide remote packet capture as part of their platform. Cloud- managed networking systems with built-in packet capture and web-based analysis tools provide wonderful new opportunities for network and security operations, IT pros, and managed service providers.

Improving TR-069 and USP Interoperability Through Certification

1 min read

The widely deployed TR-069 protocol and its successor, the User Services Platform (TR-369) are complex and powerful technologies that have successfully brought real value to operators, application vendors, and CE manufacturers. The key to that success is the standardization that can be tested and validated through certification programs.

SonicWall uses CDRouter to test high quality enterprise firewalls

3 min read

SonicWall has been fighting the cybercriminal industry for decades defending small and medium businesses, global enterprises, and government agencies worldwide. Here's how they use CDRouter to guarantee the quality of their firewall and network security solutions with automated testing.

Beyond the Phy - Testing Fully-Featured Wi-Fi Products

1 min read

As new 802.11 technologies address coverage and congestion issues, Wi-Fi routers and APs must support a web of configuration and feature options while handling complex applications and networking technologies. Testing and validation of performance, stability, and interoperability are critically important for the success of your products and services.

How to secure the connected home - a special live session with F-Secure and QA Cafe

1 min read

Hackers have identified subscriber home networks as rich targets for malicious attacks. As a result, broadband service providers are looking at security in the CPE to protect their subscribers, network, and brand, and Wi-Fi router manufacturers want to differentiate their products with advanced security features.

How can MSPs improve customer success with packet captures?

4 min read

If you’re a Managed Service Provider or other IT outsourcing company, chances are you’ve had to use packet capture on many occasions to help customers solve network problems. With the right analysis tools, packet captures can be your go-to resource to help you get to the root of problems faster and make customer interactions easier.

Using CloudShark to ensure HIPAA privacy compliance

5 min read

Network packet captures present an interesting problem for HIPAA compliance, but they don’t have to be one that causes headaches.

Transform Your Packet Capture Workflow with these 4 Best Practices

8 min read

CloudShark Enterprise, is a packet capture repository, analysis tool, and collaboration platform that we built to solve the challenges faced in our own capture workflow. It uses Wireshark under the hood, but all you need is a web-browser.

SSL Key Management with CloudShark

1 min read

What do you do when you have certificates that you need to distribute to your team to look at encrypted data? How do you troubleshoot encrypted network traffic without having to give users access to your keys on their local machines?

Network Troubleshooting with Aerohive Hivemanager NG and CloudShark

6 min read

If you deploy Aerohive devices in your network, solving problems using network captures will get it done faster. Aerohive’s integration with CloudShark makes it easy to actually work with real network traces. Watch our in-depth seminar above on how to solve a real-world problem using HiveManger NG and CloudShark.

The Art of Packet Capture Challenges

1 min read

In our panel with special guests Sake Blok (@SYN-bit), plus Tony Efantis (@showipintbri) and Scott Lohin, we took an in-depth look at tackling problems with just a pcap and some hints.

Webinar - How TCP reassembly quirks can be used to hide attacks

1 min read

When analyzing network traffic, we rely on our tools to show us how a TCP stream was reassembled or to give us a list of HTTP websites accessed in a pcap file.

Fullrate and the need for automated CPE testing (and a CDRouter controlled robot)

5 min read

We had the opportunity to speak with Steen Garbers Enevoldsen, head of Net Research and Development at Fullrate, and blogger, columnist and youtuber in his spare time. Fullrate is a service provider in Denmark who uses of CDRouter for their CPE testing.

TR-069 Training - The Inform RPC

TR-069 uses several remote procedure calls whose definition determine the types of TR-069 messages that are sent and received by an ACS or CPE. Every RPC is defined in the TR-069 base XML schema which can be found on the Broadband Forum website.

What is new in the TR-181 Device 2.14 Data Model for TR-069 and USP?

5 min read

Troubleshooting AWS Environments Using Packet Captures

4 min read

Whether troubleshooting application performance, detecting security anomalies, or bringing a cloud deployment into compliance with the rest of your infrastructure, you will need to get to the packets to fully resolve and report on issues. How do you gather captures in such an environment in the first place? In this video, learn how AWS VPC traffic mirroring can get you the data you need, remotely, and analyze them directly in CloudShark.

Webinar - Empower your analysis teams with capture profiles

1 min read

CloudShark capture profiles are one of the most powerful ways to tailor your analysis view, significantly decreasing the time it takes to solve problems. Your column choices, decode rules, and decryption settings all apply towards making your job easier

Profiles Are Power - Best Practices for Network Problem Solving

1 min read

Betty DuBois gives an in-depth look at how profiles can help you solve your packet capture problems faster by cutting through the hard work and helping experts and entry-level analysts work together.

Accelerating incident response in Cortex XSOAR through packet captures

1 min read

Automation is the key to successful incident response. However, when an issue moves beyond automation or requires analysts to step in, seamless access to network packet data is critical.

Cutting Through Network Forensic Data With Zeek

1 min read

Zeek (formerly Bro) is a powerful tool trusted by networking and cybersecurity experts for analyzing network traffic. By creating collated, organized records of network activity (called “logs”), Zeek gives the network analyst a new approach when dissecting and investigating traffic.

CloudSharknado - Expert strategies for packet analysis challenges

1 min read

What a great opportunity we had to do this fun and entertaining webinar with Mist by Juniper!

TalkFree Using CloudShark for VoIP Customer Support

4 min read

We had a chance to sit down with TalkFree, a leading international VoIP and mobile VoIP provider. As a CloudShark customer, they’ve given us some great insight into the ways that packet surfing technology can help VoIP providers make their troubleshooting and customer support systems significantly simpler, easier, and more advanced than ever before.

Catchpoint Using CloudShark to Simplify Multi-Site Capture

3 min read

When Catchpoint came to CloudShark, we saw it as a perfect opportunity to demonstrate just how useful CloudShark can be in the brave new world of Cloud applications. Both SaaS and IaaS providers can really benefit from CloudShark’s ability to organize, secure, and share network captures that might come from all over the place.

Front Porch uses CloudShark to Revolutionize Support Workflow

3 min read

We’re very happy to have Front Porch as a customer - they have become some of our biggest fans and are a perfect example of how to use CloudShark on pretty much any appliance that needs to look at network traffic.

Oracle Dyn Uses CloudShark to Support World Class IaaS

2 min read

Oracle + Dyn is a big name in the Infrastructure as a Service world. We’re amazed at how perfect of a fit CloudShark was for them - allowing them to centralize captures from dozens of locations and reducing their troubleshooting time significantly.

2U Inc. Uses CloudShark’s Cisco Meraki Integration to Support State-of-the-Art Web-Based Classrooms for Higher Education

4 min read

Here is a case study with 2U, Inc., an amazing company doing great things for eLearning in higher-education. They are using Cisco Meraki’s CloudShark features.

Pivotal Networks Uses CloudShark to Design and Support Advanced LAN, WAN, and Wireless Networks

3 min read

Here is a case study with Pivotal Networks, a networking design and deployment consultancy with a worldwide customer base of active networks that they continually support. Here’s a great example of a company that uses CloudShark’s collaboration features with both their Meraki install base and with remote Wireshark integration.

Fox IT Uses CloudShark Appliance to Organize and Streamline Network Security Monitoring

3 min read

We got a chance to sit down with one of CloudShark’s most engaging customers, Fox-IT, who sit on the front lines of the exciting Cybersecurity world. Here’s what they had to say about using CloudShark!

F5 Uses CloudShark in the Fight Against DDoS

3 min read

One of f5 networks key solutions is its Silverline DDoS protection. The task of capturing, detecting, and filtering such massive attacks means they often go directly to raw packet data to root out customer problems. CloudShark’s collaboration tools have changed the way they deal with packet captures, saving them valuable time in an industry where seconds matter.

Senior Certified SANS Instructor Paul Henry Uses CloudShark to Enhance Network Security Courses

3 min read

Networklessons.com makes network coursework easier with CloudShark examples

3 min read

Through their exclusive content, networklessons.com helps network professionals achieve their personal goals, whether they are just getting started, seeking certification, or upgrading their skills.

Beeks Financial Cloud incorporates CloudShark into their solution to revolutionize financial network analysis

3 min read

Our case studies usually focus on end-users of CloudShark, but our recent integration with Beeks Financial Cloud was a great opportunity to show just how easy it is to work with us here and incorporate CloudShark into your products to get the most out of working with captures.

Ferris State University’s Network Forensics and Analysis Class Uses CloudShark to Train the Next Generation of Cybersecurity Analysts

3 min read

The Information Security & Intelligence (ISI) program at Ferris State University, started in the Fall 2007, was created from the ground up with cybersecurity and intelligence at its core.

Introduction to DeepSearch

1 min read

DeepSearch is at the core of what makes CloudShark unique for managing and storing your entire repository of PCAP data. Our innovative technology allows you to search across the PCAP files in your archive and find individual packets in each of them.

Search for anything in a capture - did you know?

2 min read

The great thing about CloudShark’s capture decode is that it supports all of the standard Wireshark display filters. You may know the common ones, such as searching on ip address or tcp port, or even protocol;

MITM Attack Capture Shared Through CloudShark

1 min read

Years ago, an apparent Man-In-The-Middle (MITM) Attack on the popular code sharing site github.com occurred, which seemed to originate from China for users trying to traverse the “Great Firewall”.

Intel Packet of Death" Capture"

1 min read

In 2013, the creator of AstLinux, Kristian Kielhofner, discovered a bug in certain model and version of Intel based Gigabit Ethernet implementations that can result in a “packet of death” that will bring down the network interface

Wireshark Preferences File and RTP Streams

1 min read

CloudShark 1.9 includes the ability to visualize RTP streams and play them back if they contain audio. For SIP calls, CloudShark will automatically decode the conversation as an RTP stream. However, for other protocols RTP will generally use a random port - not immediately apparent to CloudShark.

Streaming Live Captures to CloudShark

4 min read

We’ve been talking a whole lot about integration lately. From our recent bout at Cisco Toolapalooza, to the great work that’s being done with Meraki, we’re finding that the best way people get comfortable with CloudShark is by incorporating it into their existing tools.

Easily Adding Custom Dissectors to CloudShark

2 min read

It’s no secret that CloudShark uses tshark to generate the data we use in the CloudShark database, resulting in what you see when you view a capture in the CloudShark viewer.

CloudShark G.722 decode support

1 min read

In CloudShark 1.9 we added the ability to play back RTP streams so that you can replay voice data embedded in packet captures for call quality analysis. When we launched this feature, CloudShark supported G.711, G.729, and GSM voice codecs, used by many voice and mobile providers.

Using the CloudShark Improved Search API

2 min read

CloudShark 2.0 added a lot of cool new features to CloudShark, but perhaps the most powerful (and most complex) was the addition of search capability to the CloudShark API.

The Wireshark Plugin

1 min read

The CloudShark plug-in for Wireshark lets you seamlessly sync your Wireshark packet captures with either a CS Enterprise system or CS Personal account.

Upping the sensitivity on confidential captures

1 min read

While CloudShark’s packet capture holding capacity is limited only by the size of the disks available to it, many of our CloudShark users are curious about what to do if they want to automatically delete captures after a certain period of time.

Packet Capture of Heartbleed in Action

2 min read

As many are aware (as it’s now become national news), a vulnerability was recently discovered in OpenSSL dubbed Heartbleed. The attack centers around the implementation of the Heartbeat extension in OpenSSL which causes a server to return the contents of memory that should be protected. This blogpost by Troy Hunt describes the vulnerability in detail: Everything you need to know about the Heartbleed SSL bug.

Five Reasons to Move to the Pcapng Capture Format

5 min read

The pcap capture file format has been the universal packet capture format since the early days of computer networking. Almost all capture tools support the pcap format. And while vendors have created new formats over the years, most tools support conversion into the pcap format.

Captures and Analysis of the QUANTUMINSERT Attack

1 min read

We now know a lot about the NSA’s various techniques in its QUANTUM program. One of the most prolific (and sneaky) of these attacks is the “QUANTUMINSERT”, which exploits a long-known TCP vulnerability that will cause, effectively, a redirect to a malicious resource.

How do you debug web applications that use encrypted channels?

7 min read

Well, it’s official; the IETF has officially deprecated SSLv3.0. This means that it’s now a protocol violation to fall back to it. We’d like to take the opportunity to explore how to debug web applications that use HTTPS over SSL/TLS in CloudShark.

What can I do with my Aerohive captures once they are in CloudShark?

4 min read

By now you’ve signed up for a CloudShark account and probably pushed your first capture from HiveManager NG into your repository. Where do you go from here? What sort of things should you be looking for?

Learning how to Troubleshoot WiFi

3 min read

Now that we have our new Aerohive APs in our office, we’ve been excited to learn more about wireless troubleshooting and debugging. The built-in packet capture feature in HiveManager NG makes getting traces into CloudShark for analysis really easy. Now that we have the traces, what do we do with them?

Examining Network Delay with Wireless Retries

2 min read

With work-from-home now a reality for many, here's a quick example from Tom, using real packet captures, of how 802.11 retries may be the source of your Wi-Fi woes.

Add Functionality with the CloudShark Chrome Extension

1 min read

Deep in the explosive and risky CloudShark laboratory, we’ve been cooking up a special Chrome extension just for CloudShark users.

The extension adds the ability for Chrome users to right-click on a capture in the capture list view and go directly to an analysis tool, rather than opening the packet viewer first. It’s definitely something that’s been asked for by our users!

Where can I find sample packet captures?

2 min read

CloudShark’s capture repository is great for uploading your own captures and building a complete list of your network capture history and all of the captures that are most important to you. But, one of the most frequent questions we get is “Where can I find sample packet captures?“”

Packet Capture in Chrome OS

3 min read

We often get requests from users of Google’s Chrome OS, the operating system installed on the Chromebook series of portable computers, on how to troubleshoot Wifi, apps, or websites. CloudShark is particularly helpful in these cases because installing Wireshark can be difficult or out of the expertise of those using systems like Chrome OS, particularly in education where Chrome OS has become very popular.

Using Follow Stream for Packet Capture Analysis

6 min read

When getting to the heart of an application or security problem, finding the right TCP stream and following it using the “Follow TCP Stream” view in CloudShark is usually the place you want to get to in order to see an issue in action, for a great many use cases. But how do you find the right stream, and what should you look for once you’re viewing it?

Using captures in your StackStorm event driven automation

4 min read

StackStorm, by Extreme Networks, is a powerful automation platform that wires together all of your apps, services and workflows. It is richly extensible, letting you integrate with all manner of network equipment, analysis tools, and more. They have both an open source version and a version that is part of Extreme Networks’ “Extreme Workflow Composer”.

Exploring the memcached DDoS attack

5 min read

During the last week of February in 2018, several big internet sites started seeing a huge increase in a particular style of DDoS attack, taking advantage of the memcached protocol. Being the packet geeks we are, we wanted to explore the attack on one of our own internal servers and get a capture of what’s happening at the packet level so you can see it in action.

Securely troubleshoot remote systems with Couchdrop and CloudShark

3 min read

Couchdrop.io is a secure cloud storage service that lets you use SCP to manipulate your data assets. They’ve integrated with cloud storage giants like Dropbox, Google Drive, and AWS-S3. With their CloudShark integration, you can make use of custom scripts or interaction with remote servers that have packet capture capability to instantly and securely push network traces to CloudShark, analyzing them without ever leaving your browser.

It's not the network - troubleshooting slow apps with packet captures

5 min read

Is it the network, or the application? This question is so common that “it’s not the network” is a meme among IT professionals and developers alike.

What is a network microburst and how can you detect them?

2 min read

When packets are transmitted from one interface to another, they aren’t necessarily delivered consistently. When a multitasking OS gives CPU time to the network process, it will send as much data as it can in the shortest time. In addition, for each “hop” that data traverses, buffering and other resource bottlenecks inherently make most traffic “bursty”.

How do you test microburst effects using iPerf?

5 min read

Bursty traffic, particularly microbursts, are an often overlooked phenomenon that can cause serious issues with network performance. We’ve explained before what microbursts are and what they look like, but how can you use existing tools to test your network’s reliability in the presence of microbursts?

The effects of traffic bursts on network hardware

5 min read

We’ve written extensively about the phenomenon of network microbursts and how to use the iPerf network performance tool to create them in order to test their effects on your network. Our interest in them grew out of our work with Velocimetrics, since microbursts can have pretty significant effects in financial/trade markets.

What are some easy to use packet capture tools?

5 min read

A common question we get other than where to find example packet captures is which packet capture tools exist that are either free, work in a command line, work directly with CloudShark, or all of the above. Here’s a list of our go-to capture tools (other than Wireshark of course) and the different scenarios in which they can be used.

Leaking sensitive data while using VPNs

4 min read

A misconfigured VPN setup can cause certain information to remain unsecured, allowing an observer to learn a user’s public and private IP addresses and witness its DNS requests. Here's some examples.

Packet capture on VMware virtual machines using vmnet-sniffer

5 min read

One of the most powerful tools we use when testing CloudShark is a combination of VMware Workstation and the Vagrant API interface. With Vagrant, we can test every permutation of CloudShark via a barrage of automated testing.

How does TLS 1.3 work? - some capture examples

5 min read

Transport Layer Security (TLS) version 1.3 has some rather important improvements over TLS 1.2. Released in 2018, it will still take awhile for most application to migrate towards using it. Here's a quick overview of the benefits, with real packet capture examples.

Getting started with packet analysis for network and security issues

4 min read

Where do I start with packet capture analysis? Here are some expert resources from our colleagues in the network and security industry answering the most common questions we get about packet analysis at QA Cafe.

Sharing Packet Capture Collections in CS Personal SaaS

3 min read

Users of CloudShark Personal SaaS can take captures they’ve uploaded and put them together in “collections”. Collections are great for matching up multiple captures that all have to do with the same topic or problem, and is ideal for educators and bloggers looking to use CloudShark captures in their classes and content.

TCP Window Scaling

8 min read

Protocol choices made in older internet standards don’t scale to today’s network speeds. TCP (Transmission Control Protocol) has been making networks go for a very, very long time. As with many of the early internet protocols, limitations that seemed reasonable then can have a negative effect on performance now.

The TCP Timestamp Option

8 min read

Our series exploring TCP continues with a look at TCP Timestamps and their use within high bandwidth networks.

A Fast Analysis of TCP Fast Open

7 min read

TCP Fast Open (TFO) is an optional mechanism within TCP that lets endpoints that have established a full TCP connection in the past eliminate a round-trip of the handshake and send data right away.

How to Identify and Analyze BitTorrent Alerts in Your Network

8 min read

We love the exercises at malware-traffic-analysis.net, and occasionally we’ll pick some that we try to solve using CloudShark and its tools.

Using Column Presets in Wireless Analysis

2 min read

Troubleshooting wireless problems often requires a deep dive down to the packet level. But with so much information in there, how do you know where to look first?

CloudShark upload on Cisco WAP125 and WA581 systems

1 min read

Two of Cisco’s Wi-Fi access points for small-to-medium business include integration to upload wireless captures to CloudShark.

Identifying, analyzing, and reporting malware incidents using packet captures

1 min read

In this video, we explore an actual exercise from malware-traffic-analysis.net to learn how to investigate security monitoring alerts using packet captures, from identification to remediation, and the steps you can take to organize and save your analysis for better reporting and retro-hunting in the future.

Using CloudShark with your Meraki Dashboard

2 min read

Cloud managed Wi-Fi and enterprise switch networks are quickly becoming the norm. For those who deploy Cisco Meraki brand systems for their business or as an MSP, it can be difficult to debug network problems that arise on a network that is remotely distributed, even if it’s under your control.

Using CloudShark in Your Coursework

2 mind read

CloudShark is a web-based packet capture analysis platform built for collaboration. Your instructor is using a CS Personal SaaS account to host network packet captures and make it easy for you to work with them during this course. Watch our quick video to get started using CloudShark links that your instructor may have given you as part of your class:

Display Filter Favorites: Using bookmarks to save and apply filters

4 min read

Tom was looking at a few different malware captures from his honeypot recently and found that he was repeatedly typing the same display filter over and over again on each new file.

Accelerate Network Problem Solving with Saved Filters

6 min read

Display filters can make the difference between being overwhelmed by a PCAP, and zeroing in on what matters most. They provide a way to change which packets you see. Their powerful and comprehensive syntax makes them very flexible, but it also means they can be difficult to remember and lengthy to enter every time.

Who Used to Live at My IP Address?

3 min read

You know when you move into a new place, you still get mail for the people who used to live there? Do you ever wonder who those people were when you write “Return to Sender” on the envelope?

Network Problem Solving for Remote Teams

5 min read

Whether you work from home or are otherwise separated from your packets by a data center, VPN link, or a WAN connection, being able to debug packet captures is an important part of keeping your networks running smoothly. The ability for your team to work on captures remotely can have real benefits when it comes to saving time, securing data, and especially increasing efficiency.

Velocimetrics expert series on sub-second packet visibility and impacts on the network

2 min read

Microbursts are difficult to detect and can cause all sorts of problems, particularly with applications that require reliable, high-speed, low-latency data transmissions. Our partners at Velocimetrics develop solutions to monitor, analyze, and improve these high-performance networks, and CloudShark is an integral part of their platform.

Looking at CallStranger with Zeek in CloudShark

2 min read

Last month we learned about a new vulnerability dubbed “CallStranger” which shows how UPnP can be used to exfiltrate data and perform DDoS amplification attacks. Billions of devices are vulnerable.

Using Zeek in Packet Analysis

3 min read

Zeek provides a great new way to interface with your captures and speed analysis. Here is a quick overview of Zeek, how it works, and how you can use it to discover and resolve network and security problems more efficiently.

Faster network and security pcap analysis with Zeek logs

6 min read

Network + security management is hard work. Companies have a number of detection and automation tools at their disposal, but when analysts need to get involved, having acess to the raw packet captures saves analysts valuable time and helps them accomplish the goal of netsec ops: protecting the business.

5 tips to improve incident response using packet captures

5 min read

When an attack happens, the packet data that flows across the network is critical to the incident response lifecycle. Here's 5 tips to greatly improve the success of your security operations using pcaps along with tools like Zeek and Suricata.

How do packet captures affect cybersecurity framework compliance?

6 min read

Network packet captures present a unique challenge to CIOs and CISOs when considering cybersecurity framework compliance like those outlined by NIST or the DHS Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connections program.

Tips for Troubleshooting Encrypted Web Applications

5 min read

As security and privacy become more important every day, the use of encrypted connections between clients, servers, and peers has been increasing at an amazing rate. With efficiency improvements to secure technologies like TLS 1.3 and easier methods to obtain certificates like LetsEncrypt, this number is only going to grow.

Examples of the Endlessh tarpit script for server defense

2 min read

Chris Wellons of nullprogram.com put together a great article on building “tarpits” to foil automated network attacks. In this example he shows his implementation of endlessh to trap attackers probing for open ssh servers.

Using a Raspberry Pi to proxy, capture, and decrypt data from mobile and IoT devices

5 min read

Have you ever wondered what your “smart toaster” was sending back to the internet about you? Or how your WiFi dog food dispenser knows your schedule? Our engineer Tom did

Why Network Packet Captures Should Matter to CIOs and CISOs

2 min read

Network security has never been more important, and network visibility demands have seen a huge increase as networks become virtualized and more complex.

Whitepaper - Realizing the Promise of the Connected Home with USP (TR-369)

2 min read

As members of the Broadband Forum and its Connected Home Council, QA Cafe is on the forefront of testing and validation for the technologies that our CDRouter users are building into their products and services.

Overview of a TR-069 Session

TR-069 refers to the Technical Report published by the Broadband Forum that defines the CPE WAN Management Protocol, or CWMP. CWMP was developed to allow providers of broadband services to deploy and manage customer premises equipment in home and business networks.

Event Basics

Every TR-069 session is initiated by a CWMP Endpoint on a CPE. These sessions always occur for a specific reason, called an “Event”. All of the Events that have yet to be delivered to the ACS are contained as arguments in the Inform RPC at the start of every TR-069 session.

ACS Discovery

In TR-069, the CPE is always initiates a session. When making first contact with an ACS, how does it know the ACS URL it is supposed to contact?

Connection Request Basics

Though every TR-069 session is initiated by the CPE endpoint, sometimes it’s necessary for the ACS to request that the CPE contact it immediately. To do this, TR-069 defines a Connection Request mechanism in CWMP, which allows the ACS to stimulate the CPE to begin a session.

XMPP Connection Request Mechanism

There’s one caveat to ConnectionRequests - they require that the CPE can be reached by the ACS over HTTP. For endpoints that may reside behind a Gateway, this is not the case, thanks to Network Address Translation or Firewall rules.

XML and SOAP in TR-069

While XML is used most often to define and describe information, TR-069 also uses it directly over the wire when transmitting messages. This means that the ACS and CPE pass XML documents back and forth over HTTP during a TR-069 session.

Notifications

In TR-069, the 4 Value Change event code is used when a parameter set for notification is changed by any mechanism other than the ACS. These conditions are set using the SetParameterAttributes RPC.

Session Retry Mechanism

Every TR-069 session is initiated by a CWMP endpoint that is looking to deliver an event. These events have different delivery requirements, using language such as “must not discard”, “must retry until reboot”, “may retry” and “must not retry”.

TR-069 Training - The GetRPCMethods RPC

The GetRPCMethods argument is used by both the CPE and the ACS to request a list of the RPCs supported by either endpoint to better understand the endpoint’s capabilities. It’s one of the simpler RPCs in that it contains no arguments

TR-069 Training - GetParameterNames and Parameter Paths

When an ACS wants to learn what objects exist on a CPE and what parameters they support, it can use the GetParameterNames RPC. Like other RPCs, GetParameterNames makes use of the ParameterPaths argument, so let’s take a minute to understand parameter paths.

Get/Set Parameter Values and the Status argument

The fundamental purpose of TR-069 is to allow an ACS to interact with the CPE’s instantiated data model, that is, the representation of its current state. The RPCs that form the basis of this include the Get and Set Parameter Values methods.

TR-069 Training - Parameter Attributes

Every parameter a CPE’s CWMP data model contains metadata known as “attributes”. These attributes include the “Notification” attribute and “AccessList” attribute. The access attribute was defined early on in TR-069 to provide a method for assigning an access control rule identifier to each individual parameter

AddObject and DeleteObject

An “object” in a CPE data model is an element of functionality that can be configured by an ACS. While an object’s parameters are configured using the SetParameterValues RPC, Objects that are able to be created by the ACS can be added to a device using the AddObject RPC, and removed using the DeleteObject RPC.

Upgrading CPE Firmware with the Download and TransferComplete RPCs

Perhaps the biggest use case for TR-069 is managing a CPE’s firmware, allowing service providers to remotely upgrade their install base without needing to send the firmware to the customer or send an engineer.

Reboot and FactoryReset

The Reboot RPC is used by the ACS to explicitly cause the device hardware to restart. This could be for any number of reasons, though should never be used as a means to force the CPE to upgrade itself.

Navigating Broadband Forum Data Models

Intrinsic to the operation of CWMP are the objects and parameters made available to an ACS by a CWMP endpoint. These maps of a CPE’s capabilities and state are referred to as “data models”.

Looking at Data Models and Objects

Every data model in TR-069 contains the objects and parameters that represent the functions of a broadband CPE or other device. This includes their addressable name, syntax, data types, and a normative description of how they are to be used.

Data Model Parameters

Most objects contain a set of elements containing sub-objects and parameters. Parameters are defined using the parameter element, and, like Objects, have a set of attributes and elements that describe how the parameter is to be used and its requirements.

USP Endpoints

There are two kinds of endpoints in USP: Agents, and Controllers. A USP Agent is an Endpoint that exposes functions represented by a set of service elements.

USP Architecture and Use Cases

The User Services Platform is a system for managing, monitoring, deploying, troubleshooting, and controlling any kind of network connected electronics or virtual services.

Using Annotations in Graphs

2 min read

One of CloudShark’s main and most useful features is the ability to add annotations to individual packets, or to import packet comments from the pcap-ng format into CloudShark annotations.

An overview of the User Services Platform (USP/TR-369)

USP is a revolutionary standard that builds on the lessons learned from TR-069. In addition to being a faster and more flexible at meeting the existing use cases of TR-069, USP is built to enable:

USP Data Models

The functions of service elements are described in a set of xml documents known as the USP data model. A data model describes how things like network interfaces, device functions, IoT objects, and more are exposed to controllers. You can find the USP data models at:

Using path names to address service elements

Service Elements that are defined in the USP Data Model are addressed in USP Messages with a particular syntax called Path Names. Path Names are called such because they describe the “path” within the data model’s tree of objects used to reference a particular object or elements of that object to operate upon.

USP Records and USP Messages

Communications between a USP Controller and USP Agent are delivered using two separate constructs: the USP Message, and its container, the USP Record.

The USP Add Message

The Add Message in USP is used to create new instances of multi-instance objects in the Agent’s instantiated data model. This is used for a wide variety of service configurations such as creating new Wi-Fi networks. In USP, perhaps the most critical use of the Add message is with the

Using allow_partial and required_parameter flags

There are three USP messages that are used to change the state of an Agent’s service elements: Add, Set, and Delete. Since these messages can be used for a number of different use cases, they contain mechanisms to ensure that the Controller is able to configure service elements

Testing Residential IPv6 with CDRouter

3 min read

While IPv6 has been in development for more than a decade, the availability of residential IPv6 is still in its infancy. Traditional CPE devices running IPv4 with NAT are now adding IPv6 capabilities and transition techniques even before native IPv6 connections are commonly available.

Using CDRouter Through the Testing Lifecycle

10 min read

There’s no question that broadband is the premier service delivery platform of the 21st century. With the explosion of new devices now aware of the network, and new services looking to exploit them, the devices you produce or deploy are becoming more complex than ever before.

How do I get TR-069 Certified?

CDRouter is the official self-test platform of the certification program for TR-069, called BBF.069. Looking to get certified? Reach out to us to get started!

Testing a Wifi Range Extender or Wifi Mesh System

2 min read

Devices that enhance consumer Wifi are becoming more and more prevalent, both off the shelf and deployed by service providers. A Wifi booster or Wifi range extender is sometimes a simple repeater, but more often they act as layer 2 bridges, and can still be tested for performance and management via TR-069 or SNMP.

Increasing your DOCSIS testing output

1 min read

DOCSIS test setups have many different parts that all must be configured, maintained, and interoperable in order to reliably test Cable Modems, eRouters, and more.

Automating your test environment with the CDRouter web API

3 min read

Though CDRouter contains thousands of test cases, much of its power comes from being a fully capable automation platform for your entire test process. In addition to automating CDRouter test cases, you can use the CDRouter API to connect with your continuous integration, external test tools, or other applications to make your testing even easier.

How do you test TR-069 enabled devices?

3 min read

If you’re developing a device or deployment that uses the CPE WAN Management Protocol (TR-069), like managed Wi-Fi or other services, what should you test for? What are the benefits of automating it with a dedicated test platform? What are the benefits of getting certified or asking your vendors to certify?

Testing Hurdles of Wi-Fi APs and Wi-Fi Mesh Nodes

6 min read

The rapid expansion of Wi-Fi as the medium of choice for home networking has introduced an explosion of new products from both new and established manufacturers.

Webinar - Unleashing a true connected home ecosystem with USP

1 min read

Managed Wi-Fi. IoT security and onboarding. Customer self-care. Application enabled smart gateways. These are just a few of the critical needs of service providers today, facing ever increasing pressure to increase quality and gain revenue from new services.

Webinar - Build and deploy safer products with new methods of security testing

1 min read

Security testing can be easy with the right tools! With an increase in cybercriminals targeting home/SOHO gateways and Wi-Fi APs, testing has never been more important. In this webinar, you’ll learn how monitoring the behavior of a device under test, by analyzing its live network traffic can help uncover issues that may not come to light with regular penetration testing.

Webinar - Testing Apple HomeKit-enabled routers for Pre-Certification

1 min read

Apple HomeKit technology is being added to more and more smart home devices every day. Apple HomeKit-enabled routers are the key to an interoperable and secure user experience using this powerful solution.

Qualifying network devices multi-client simulation and throughput testing

1 min read

As more and more network-capable devices are added to home and business networks, enterprise edge routers, home gateways, and access points need to be pushed to the limits and tested in ways that simulate real-world connection scenarios. In this video, you’ll learn how automated performance testing can be sourced through multiple, virtualized clients - simulating real line-rate throughput and exercising your device’s functions and features in a complex environment.

Technicolor Utilizes CDRouter to Deliver Versatile, Full Featured Gateways to ISPs

3 min read

Technicolor is a world leader in nearly all areas of the digital home and broadband business markets. Their Service Gateways for both residential and business applications are used by some of the biggest Internet Service Providers all over the world.

Linksys Uses CDRouter to Reduce QA Time and Ensure Home Router Interoperability

3 min read

Everyone knows of the Linksys home router family. The E-series product line of advanced Wi-Fi routers are their most popular, and it’s easy to see why. As more and more “Super Gateways” come onto the market - gateways that have very rich feature sets that can cover a wide variety of consumer and service provider needs

Netcologne Uses CDRouter to Guarantee High Quality Broadband Services

3 min read

NetCologne is one of the major regional broadband service providers in Germany, giving high quality broadband services to homes, businesses, and developers of multi-unit dwellings.

Altibox uses CDRouter to guarantee CPE for best-in-class broadband service

3 min read

With over 400,000 delivery points, Altibox is the largest fiber broadband service provider in Norway. For six consecutive years, they have been named with the most satisfied broadband and IPTV customers - a rarity for service providers in the Nordic region.

Ping Communication Uses CDRouter to Automate, Validate, and Deliver products to ISPs

4 min read

Ping Communication is a worldwide leader in the design and manufacture of Broadband Access CPE and home networking products, covering a wide spectrum including xDSL, Fiber, Cable, LTE/3G/CDMA gateways and Wi-Fi. It is Ping Communication’s consistent testing and iterative improvement, particularly when dealing with the IPv6/IPv4 concurrent networks many providers are using, that sets it apart in the complex and demanding world of service provider networks.

eero uses CDRouter to test whole home Wi-Fi mesh products

4 min read

"It quickly became obvious that CDRouter could help broaden our test coverage while reducing the time investment." - Tyler Newman, Senior Manager of Engineering Test Services at eero

Fullrate and the need for automated CPE testing (and a CDRouter controlled robot)

5 min read

In this article, Steen tells us why testing CPE is vitally important, why CDRouter is a must have for any service provider, and how he built a 3-D printed robot controlled by CDRouter.

AirTies delivers the best wireless home network experience through automated testing

3 min read

Testing dual-stack lite (DS-Lite) B4 CPE devices

8 min read

CDRouter makes it easy to test dual-stack lite B4 CPE implementations on a functional level, and when combined with the many LAN modes of operation available, can help identify issues that are not visible by iterative conformance testing.

GPON Testing With CDRouter

3 min read

RequirementsThe core gateway functionality of a GPON ONT can be tested with any version of CDRouter or CDRouter Multiport. If the ONT supports TR-069, IPv6, IKE, or storage additional CDRouter add-ons may be required to fully test these features.

DSL Testing With CDRouter

5 min read

The test setup for DSL CPE devices is similar to the test setup for typical Ethernet-to-Ethernet routers, with one exception. Since CDRouter does not have the ability to terminate the CPE device’s DSL connection directly, a dedicated DSLAM must be included in the test setup.

Common testing issues with TR-069 and SSL

2 min read

Some CPE devices will not validate a SSL/TLS certificate from the ACS until a time source is established. TR-069 states that devices should skip date validation of certificates if a time source is not established. However, in practice some CPE devices simple end the SSL connection.

DSL CPE Testing with CDRouter

5 min read

CDRouter is the ideal tool for testing the higher layer functionality of DSL based CPE. With a few additions to the basic test setup, CDRouter can be used to test CPE utilizing any type of DSL or G.fast devices.

Using CDRouter in an FTTdp Deployment with G.fast

1 min read

New broadband access topologies come along every day that are making it easier for service providers to provide fiber quality broadband services without running fiber all the way to the home. One of these topologies is referred to as “Fiber to the Drop Point (FTTP)”, and does precisely this: allowing fiber to be run to a Drop Point Unit, where it is broken out into VDSL2 or G.fast (the lastest and fastest DSL based transition technology.

Testing Wifi Scalability with Wireless Station Virtualization

3 min read

Nearly every home device has Wifi capability, and with the emergence of the Internet of Things, that number is likely to increase exponentially. It will be more important than ever to ensure that Wifi routers and access points can handle the load and the applications that are likely to be accessed by all of these Wifi enabled devices

9 Most Common Router Bugs

5 min read

QA Cafe has been testing CPE routers since 2002 trying to test as many routers as we can find. During this time we have learned that the quality level of home and business routers/gateways on the market varies considerably.

Testing devices with wireless WAN connections

3 min read

At QA Cafe we continuously see new consumer broadband and home network devices come into the market and into our lab. One of the newest class of devices are “travel routers” - routers that are popular with people who frequently connect to public Wifi networks or those offered by hotels, restaurants, or hospitals.

Mirai attack on home routers and alleged TR-069 vulnerability

5 min read

The week of November 28 2016 saw a massive attack on certain home routers deployed by several European service providers. The attack was based on the Mirai Malware attack several weeks previous that affected the dynamic DNS services provided by Dyn, Inc..

Best Practices for Securing TR-069

4 min read

As one of the most largely deployed broadband management protocols in the world, TR-069 has quite a footprint, and a compromised system could potentially affect many broadband subscribers adversely.

Building on RFC 2544

5 min read

At QA Cafe we deal directly with a lot of standards from many different organizations, all of which go into making the home routers and other connected devices that we test with CDRouter.

Testing ARP issues in CDRouter

11 min read

We’ve explored issues we’ve discovered with ARP implementations in the areas of security and robustness. CDRouter includes tests to handle these discoveries.

How well do application aware gateways handle http headers?

2 min read

Modern home gateways and Wifi routers have a lot of advanced functionality that do more than simply push packets.

Using TR-143 performance diagnostics

5 min read

There’s many use cases for TR-069 from a service provider’s perspective. Beyond onboarding, firmware upgrades, and service configuration, however, is the ability to monitor various statistics on devices and network interfaces to help troubleshoot an end-user’s service.

Cloudflare's 1.1.1.1 DNS service and the effect on broadband gateways

4 min read

In the world of the Internet, it’s vitally important that technologies keep evolving. Change is a rule of all technology, even if it comes slowly to fundamental systems like DNS (Domain Name Service).

What is IR-181 and how does it apply to TR-069 testing?

4 min read

Critical to testing TR-069 implementations is the ability to demonstrate that the underlying code that configures settings on the device interacts correctly with the commands sent via CWMP.

What is DNS over TLS, and how should you test it in gateways?

6 min read

We’ve mentioned CloudFlare’s 1.1.1.1 DNS Service before, and the possible effects of its use on gateways. One of its features is the ability to use DNS over TLS, also called “DNS Privacy” by the people at DNSPrivacy.org.

Does your device correctly configure Wi-Fi using TR-069?

4 min read

One of the most important use cases of TR-069 (and its evolution protocol, USP) is in the autoconfiguration, management, and troubleshooting of Wi-Fi networks. Often the source of the most customer service problems, being able to set up an end user’s Wi-Fi and make sure it’s working is critical for a satisfactory “carrier grade” home network.

VPN implementation pitfalls on routers

Although IPSec and IKE have been out for a long time, and considered by the Internet community to be mature protocols, you can still find low-level issues in certain designs.

Using the CDRouter package scheduler

1 min read

We enhanced CDRouter 10.7 as a complete automation platform with our “package scheduler”. You can set a test package to run at a particular time just as if it were initiated by a user. This is perfect for repeated regression testing and making sure you can maximize your testing over time. Here’s a quick video on how it works

Are your devices user interfaces vulnerable to common attack vectors?

7 min read

Security in home networking devices, particular home Wi-Fi routers, has come to the forefront in the last few years. While many of the discovered vulnerabilities are zero-day (meaning they are new vulnerabilities that can be exploited before they are known), some of the more recent attacks including VPNFilter, are exploiting common weaknesses in consumer router design that have been well known for some time.

Managed IoT, security, and the User Services Platform

2 min read

The team here at QA Cafe is deeply involved in networking standards, especially the Broadband Forum and the TR-069 protocol. The Broadband Forum is expanding the reach of TR-069 with its User Services Platform, representing an evolution of TR-069 to managed a more varied and greater number of connected devices

Features of the Device 2.12 data model for TR-069 and USP

6 min read

In alignment with the release of TR-069 Amendment 6 and the User Services Platform/TR-369, the Broadband Forum updated its comprehensive data model that describes CWMP endpoints or USP agents. There’s a number of new features, some of which are tied to updates to CWMP, as well as new interfaces and applications that are managed by CWMP or USP. Here’s a short overview of the changes in Device:2.12.

What is MAP-E and how does it help IPv6 and IPv4 co-exist?

1 min read

Our own Niels Widger wrote an in-depth article for EDN Network on the MAP-E protocol and how it allows broadband ISPs to support legacy IPv4 networks on the subscriber’s premises while still using IPv6 in their core network

Analyzing your device's network behavior during testing

4 min read

A growing number of consumer network devices have become dependent on live network resources in order to come online and function correctly. These resources include cloud management systems, “sanity check” connections to sites like Facebook, Google, etc., and third-party applications that provide security or parental control services.

Big data analytics using TR-069 or TR-369 (USP) HTTP bulk data collection

6 min read

Big data analytics and statistics monitoring are critical in almost any industry today. Broadband service providers and MSOs can make use of mass data to monitor and anticipate network problems, optimize Wi-Fi, and provide input to machine learning/AI systems.

What is WPA3 and what you should test in WPA3 enabled devices

6 min read

If you’re a developer building WPA3 enabled devices or a provider looking to deploy them in your subscriber’s network, it’s helpful to know what to expect from this new security technology. CDRouter has support for testing over WPA3 protected links to help you test the scalability and stability of WPA3 links as well as the performance and behavior of applications and features on these devices.

What's new in the TR-181 Device 2.13 data model for TR-069 and USP

5 min read

Tied with the release of version 1.1 of the User Services Platform/TR-369, the Broadband Forum also released version 2.13 of the Device:2 data model for TR-069 endpoints and USP agents.

Revisiting ARP for security and robustness

3 min read

In today’s security-focused world, every protocol is a potential attack point, even a protocol as old and localized as ARP.

3 testing tips for building robust managed devices using TR-181

6 min read

Powerful protocols like USP/TR-369, and its predecessor, TR-069, help the broadband and consumer electronics industries produce devices that can be configured, monitored, and controlled in a standardized way.

Is your home’s Wi-Fi network as secure as it can be?

14 min read

Hackers are targeting home routers to gain access to the devices in your home, or worse. Now that many of us are working from home, security is even more important!

Keep your testing and development going while working remotely

3 min read

In a world where development teams are spread out or there is a need to work from home, testing connected device software and hardware is difficult without the right tools. In order to make sure your team stays on task, efficiently qualifying each version of your products, CDRouter’s automation and user interface works seamlessly whether you are in the office or over a VPN

Introducing the NTA1000v7M

2 min read

The NTA1000v7 is a high performance network appliance designed for CDRouter, the industry’s leading test solution for Wi-Fi devices and broadband CPE.

How parental controls add value to fully-featured Wi-Fi router products

5 min read

Today’s home network users are security and privacy-conscious. They expect great Wi-Fi with high-quality broadband connectivity. Users also want to know their experience is protected and under their control.

USP (TR-369) Training Workshop Series Videos

1 min read

The Broadband Forum’s User Services Platform (TR-369) is a revolutionary new standard enabling new markets and revenue streams for service providers, software providers, and consumer electronics manufacturers looking to monetize the connected home.

APNIC blog - Testing transition mechanisms in IPv6-only networks

1 min read

Timothy Winters, QA Cafe’s Chief Technology Officer, is featured on APNIC, the Asia Pacific source of IP address distribution, with a blog post about Testing Transition Mechanisms in IPv6-Only Networks. What are the major roadblocks when testing IPv6 transition mechanisms?

How to automate your test and development environment for broadband and Wi-Fi CPE

8 min read

Test automation is an important step for developers of software. Software development has moved steadily toward Continuous Integration and Continuous Delivery (CI/CD) to produce, test, and deploy updates to meet customers needs quickly.

Testing Cloud Managed Routers and WiFi Multi-APs

4 min read

Incumbent vendors and startups are developing “smart” home routers, WiFi access points, or parental control systems that are meant to be managed using a web based application in the cloud. This presents some difficulties for network function QA, as it is difficult to ensure a controlled environment when your device needs to be connected to the Internet or other external resources.

Six tips for testing broadband CPE and Wi-Fi router performance

1 min read

Many different factors can affect your product's performance - here are six tips to guide you when qualifying your device performance during test and development.

Quick start guide for testing Wi-Fi router performance

One of the benefits of performance testing with CDRouter is the ability to run feature testing within the same test run. As things change over time, performance can degrade significantly in some routers. Here's a quick guide to so what tests you should run on a new device to cover your bases.

Automated home gateway security testing

1 min read

It’s no question now - malicious attackers are targeting the home network, and the gateway in particular. Testing for security vulnerabilities can be tedious and ineffective if you don’t have a controlled, repeatable, and fully automated test environment.

Qualifying your devices for Q-in-Q performance, TR-069 Amendment 6, and more

1 min read

This webinar includes an overview of how to test a number of protocols and features with recent versions of CDRouter

Malware Analysis Exercise - When Your Users Run Email Attachments

7 min read

CloudShark developer and packet guru Tom Peterson gives us another example from malware-traffic-analysis.net to learn how to best use CloudShark and our Threat Assessment add-on to get to the root of malicious activity. Let’s join him now for his latest exercise.

Six Malware Traffic Analysis Exercises in One

14 min read

Windows 10 Malware Analysis Exercise in CloudShark

7 min read

CloudShark developer and packet guru Tom Peterson has been deep in the trenches doing malware analysis exercises from malware-traffic-analysis.net to learn how to best use CloudShark and our Threat Assessment add-on to get to the root of malicious activity.

Getting and using KEYLOG files from cURL

2 min read

Trying to debug a web application that is dependent on running over a secure connection is difficult. It used to be that it required you to have the private key (in RSA format) in order to do so, and for those situations, CloudShark Enterprise’s RSA Key Management system is ideal.

Malware Analysis Exercise in CloudShark

6 min read

Hi all! Tom here. You may remember me as the face of CloudShark Support, and your host in our last malware analysis packet capture challenge.

Using the Wireless Networks tool to see other networks around you

3 min read

Product
Tagged:

Wi-Fi
Share:

Share
When an wireless access point wants to advertise its available networks, it sends out 802.11 beacon frames. These frames are seen by other 802.11 receiving radios, and if you can capture those frames, you can use CloudShark’s Wireless Networks tool to see all of the wireless networks (named with their SSIDs) nearby.

Merging Captures from Multiple Wifi Radio Interfaces

1 min read

Today’s Wireless Access Points have multiple radio interfaces (for the 2.4 GHz and 5 GHz ranges) that can both host Wifi clients. What if you want to see capture data from both?

Verifying TR-069 real-world scenarios with a native ACS

3 min read

CDRouter’s automation platform can make it very easy to do all of these, and do them repeatedly from firmware to firmware. However, this third point involves two things: verifying that your device makes the internal changes that were configured via CWMP, and testing in your actual production network.

Test Setup for LTE Gateway or Mobile Hotspot

1 min read

Now that mobile data connections have reached speeds acceptable for broadband access, more and more devices are using LTE as either their primary or backup WAN connection. As more devices get pushed into the home, this number will likely increase by quite a bit.

DOCSIS Cable Gateway Testing in a Shared Lab Enviroment

8 min read

With the DOCSIS add-on, CDRouter is perfectly suited for testing and verifying the higher layer network functionality of a DOCSIS-based device under test (DUT). The basic CDRouter test setup for cable gateways is very similar to the test setup for DSL-based gateways.

Testing TR-069 Devices in CDRouter 10

1 min read

As the official test platform for TR-069 certification, CDRouter’s TR-069 add-on turns CDRouter into a scriptable ACS simulator with test cases for protocol functionality, data model validation, and security.

Webinar - Testing DOCSIS eRouters and Cable Modems in CDRouter

1 min read

CDRouter can automate an entire DOCSIS provisioning system. Focus on testing your cable modem and eRouter in a single test environment that can test every aspect of your devices from management to routing to performance.

TR-069 Connection Request Timing

2 min read

In CWMP, the CPE is always the initiator of sessions. It begins each session with a call to the Inform RPC, which contains EVENT codes that specify to the ACS the reason for the session.

Is your TR-069 implementation vulnerable to code injection attacks?

3 min read

The scenarios below are serious, and so we’ve added a series of tests to our tr69_conn_req.tcl module to cover your DUT’s TR-069 security and tests for code injection in TR-069 parameters.

Experimenting with SIP and call timing on a gateway

4 min read

One of the fundamental functions of many home and business gateways is to act as a SIP ALG (Application Layer Gateway) for setting up, routing, and terminating VoIP telephone calls. This presents some difficulty with Network Address Translation (NAT) functionality that we’ve covered before.

Testing LAN clients with Public IP addresses in CDRouter

6 min read

In a typical home network, the ISP assigns a single Public IPv4 address to the CPE device that can be reached from the global Internet. The device assigns Private IPv4 addresses to CDRouter’s LAN clients and acts as an Internet gateway to them by mapping all of the Private addresses to the one Public address using Network Address Translation (NAT)

Testing SIP Aware Routers

8 min read

Testing SIP aware CPE routers is a critical part of an over-all Voice over IP test strategy. CDRouter is perfect for testing SIP aware routers using a real world test setup. Using the CDRouter SIP test module, network and QA engineers can quickly verify the behavior of a SIP aware device and avoid costly interoperability problems.

How Should an ACS Treat Missing CWMP Data Model Objects?

2 min read

TR-069 (CWMP) provides a mechanism for service providers to remotely provision a subscriber’s home network devices, including home gateways, set-top boxes, WiFi, etc. It does this by allowing the service provider’s ACS (Auto Configuration Server) to operate on a device’s “data model” - a conceptual framework containing the set of objects and parameters that describe the CPE’s configuration and capabilities

Best Practices for Managing and Securing Network Capture Files

14 min read

Packet capture files - files that record network traffic—are invaluable resources for network administrators, help desk staff, and IT security experts. Filled with application data and protocols, timestamps, and error codes, these files provide IT engineers with a detailed view of what took place on a network during a specific period of time.

Known Gateway Bugs - Ignoring Credentials

3 min read

Holes in home gateway security allow for a malicious hacker to take over a gateway in the way they would any other computer system. While the holes in most cases have been complex and deep seated bugs that would be hard to find without a lot of work, there are some easy to find bugs that seem obvious but would be missed without negative testing.

Automating remote capture with pcapdaemon and CloudShark

2 min read

One of the most powerful ways to use CloudShark is to aggregate captures from multiple locations. While many network devices have packet capture natively (and some integrated with CloudShark upload), for other systems, it’s necessary to use custom scripts that utilize tshark (with the CloudShark plug-in for Wireshark installed) or tcpdump in tandem with CURL to use the CloudShark upload API.

DHCPv6 Prefix Delegation in Edge Routers

4 min read

In the course of developing the test suite for DHCPv6 prefix delegation, QA Cafe encountered a number of implementation issues that impact the functionality of IPv6 connectivity. Some of these potential implementation issues are discussed below.

Webinar - SNMP Scenario Testing

1 min read

CDRouter has the ability to build custom “scenario” tests to exercise the behavior of a DUT’s SNMP stack and MIB. Similar to our TR-069 scenarios test cases, this allows you to set up tests that perform SNMP get requests, set requests, etc.

Webinar - CDRouter 10 Basics

1 min read

Have you just started using CDRouter as a new customer or demo user, or want to know some immediate tips and tricks you can use to get testing quickly?

Smallnetbuilder uses CDRouter for tests and ranking

1 min read

The popular review and ranking website for home networking, Wifi, NAS, and other connected consumer devices, smallnetbuilder.com, has revamped its test procedures and will be adding a host of functional, scaling, and performance test cases exclusive to CDRouter to measure and rank the quality of small network equipment

In-depth overview of the CloudShark API

A CS Personal account or your own instance of CS Enterprise comes with full access to our API, letting you upload captures, search your repository, and more using your own tools and scripts.

Building a network capture probe with Raspberry Pi

2 min read

We were pretty excited when the developers at OpenWRT decided to build packet capture and CloudShark upload support into the popular open source software for broadband routers. It got us thinking - what are some other ways you could build a useful network probe? It turns out one of our other users decided to take the leap into building such capability using a Raspberry Pi.

Webinar - Testing Wifi Guest Mode

5 min read

One of the most common use cases for Wifi is the ability to set up a guest network alongside another network that is used by the home user, business, or other organization. It’s also a source of a lot of problems: guaranteeing that the Wifi router or AP can handle the number of clients connecting; making sure that the security in place for the guest network and other networks works correctly

Using filters for navigation and sharing

3 min read

CloudShark’s display filters are 100% compatible with the Wireshark filters used in packet analysis. With CloudShark, they present a new opportunity for use when sharing your captures with colleagues in order to both present the view you are looking at, or to help navigate to a section of the capture you want them to see. Here’s some tricks we use when getting around town in CloudShark.

Wireless Analysis with CloudShark and Airtool

1 min read

Sometimes when analyzing problems in Wifi networks you need to go straight to the packets. What tools are there to do Wifi capture? What should you look for in your packets?

Capture of recently discovered glibc getaddrinfo() vulnerability

1 min read

The folks at Google Security recently discovered a vulnerability in glibc’s getaddrinfo() library function, allowing attackers to execute malicious code transmitted in oversized DNS replies. Scary stuff!

Exploring scaling tests - Is your home gateway IoT ready?

4 min read

By now we’ve all heard of the coming flood of network aware devices collectively referred to as the “Internet of Things”. While the term encompasses a wide variety of use cases that are not all clearly defined, we can come up with some rudimentary expectations on how this influx of connections will affect networks.

Merging and splitting captures in CloudShark

1 min read

When we first made CloudShark, we stuck to making the best and easiet to use packet capture analysis tool out there. As we made more and more improvements to CloudShark and its host of analysis tools, we’ve gotten many requests for the ability to manipulate the captures themselves

IP Multicast Testing with CDRouter

8 min read

This guide describes the IP multicast testing features in CDRouter and the role of IGMP (Internet Group Management Protocol) in CPE networks. CDRouter supports multicast testing using IGMP version 3. Although many CPE devices have support for IP multicast and IGMP, new functional requirements for set-top boxes and other IPTV multicast applications are pushing the adoption of IGMPv3 into the CPE networking space.

Understanding Performance Results

4 min read

We get a lot of feedback from our users discovering new and interesting results when combining functional testing with throughput, latency, and loss testing. Having a good understanding of how performance tests work and the caveats around their results can help you determine how your functional tests are impacting performance, and visa-versa.

Best practices for using remote capture with CloudShark

3 min read

CloudShark’s three key features - organizing, analyzing, and collaborating - all have their own ways of making packet capture analysis easier. In particular, organizing captures in a repository that can be tagged, sorted, and tracked can be made even more potent when you use it to centralize captures automatically from a variety of sources.

How do you have captures automatically expire?

1 min read

One of our most requested features that we added to CloudShark 2.6 was the ability to have captures automatically delete after a certain time period has expired. Since CloudShark can hold a virtually unlimited number of captures

Airtool CloudShark Integration

1 min read

We absolutely love the community that CloudShark and the CloudShark API has created. Adding to our list of integrators is Adrian Granados creator of the free Wifi tool for Mac called Airtool

Protecting Against Vulnerabilities in SSL

1 min read

The IETF deprecated SSL version 3.0 in 2015. This means that it is no longer be standard to fall back to SSL 3.0 in protocol negotiations, and for good reason: there have been a host of vulnerabilities in Secure Socket Layer, some of which are of particular concern to home networking devices that have web-based configuration tools or support TR-069.

All about SSL key logging

2 min read

In CloudShark 2.5, we added the ability to use SSL key log file data in order to decrypt SSL streams in the packet viewer. But what exactly is an SSL key log file, and how do you get them so that you can do web site and web service debugging?

Using a bandwidth preview to triage captures

2 min read

CloudShark 2.5, added a cool new feature: the ability to view a small sparkline graph of each of your captures packets-per-second (bandwidth). You can add this to your index view by editing the table options in your capture file index.

Using XMPP for TR-069 Connection Requests

3 min read

Though one of the fundamental principles of CWMP (TR-069) is that the CPE endpoint is always the one to initiate a connection, Autoconfiguration Servers (ACS) can use the TR-069 Connection Request feature to stimulate a CPE to begin a session.

Is your device using valid TR-069 data models?

3 min read

The CPE WAN Management Protocol described by Broadband Forum TR-069 is a remote procedure call (RPC) based protocol. That is, it consists of two applications that interact directly with each other through a set of defined methods - in the case of TR-069, this includes device functions like Reboot, Download, etc., as well as operations that affect the device’s data model - a set of objects and parameters and the metadata surrounding them.

Heartbleed, Poodle, Shellshock, and the Sony Hack - Big Security Breaches of 2014

2 min read

If there’s one thing we noticed about 2014, it was a year of many security announcements. It is becoming obvious that perimeter security is not sufficient and each constituent system in a network must be regarded as a public system, regardless of assumption. Systems will be compromised, and preparing for what to do after an attack is just as important as preventing attacks in the first place.

The Misfortune Cookie and Security in the Home Gateway

2 min read

DEFCON22 had a number of revelations concerning web server security of systems meant to deploy TR-069 in a subscriber network. Most of the investigation done surrounded vulnerable ACS - that is, malicious attackers gaining access to the auto-configuration server, allowing them to control many hundreds of thousands of home devices.

Webinar - Packet Capture and Analysis in Wireless Networks

1 min read

Wireless networks are the most ubiquitous type of network modern IT departments need to deal with. There are many tools for troubleshooting them, but what happens when you need to go to the packet level?

How to build a network probe with OpenWrt and CloudShark

5 min read

We’re always geeking out over the multitude of things you can do with packet capture and CloudShark upload support in the popular open source OS for embedded devices, OpenWrt.

Testing to reduce the big three broadband customer support problems

4 min read

The most well understood case for product testing is in quality assurance while a home networking product is in development, or testing its integrity between firmware revisions. But testing before, during, and after deployment can also ensure that service providers reduce costly support calls and truck rolls.

Testing to reduce the big three broadband customer support problems

4 min read

Capturing Smartphone Traffic With OpenWrt and CloudShark

1 min read

Have you ever wanted to capture and analyze what network traffic your smartphone or tablet is sending? Maybe you are developing a new app and need to debug a network issue, or maybe you are just curious about what network traffic an app is sending. Using a wireless router running OpenWrt with the CloudShark package makes capturing this traffic easy!

Embedding packets in other pages

2 min read

Have you ever wanted to embed a packet trace right into the blog post you were writing? We know you have. You’ve told us you want that! When a screenshot of the decode won’t do, you can use CloudShark to share individual frame decodes in blog posts, documentation, help forums, and pretty much anywhere else you can write HTML.

Uploading to CloudShark using OS X Finder

4 min read

Here in the CloudShark QA Department, we use many open source tools to accelerate our testing process - Capybara, JMeter, and Vagrant are each friends and family to our QA lab.

Lostnet Soft Android Firewall CloudShark Integration

1 min read

We’re excited to have another great android app that can perform packet capture and upload to CloudShark.

Open SSL Heartbleed Bug in the Home Gateway

2 min read

You may have recently heard of a major bug in the OpenSSL implementation, widely used to provide secure communications on the web. This vulnerability is fairly widespread, but has been corrected and will be fixed as more systems are patched. We also made an example capture and explanation of the bug and a packet capture of the attack in action at our CloudShark Appliance website.

Router Bugs - IKE NAT Traversal

2 min read

QA Cafe is constantly testing as many home networking devices as we can find, both to make sure CDRouter is the best testing product around and to find new and interesting tests to write. During that time, we have learned that the quality level of home and business routers/gateways on the market varies considerably. We know the world of networking protocols is complex and nuanced, and often a slight oversight in a standard or interpretation of a standard can mean the difference between a functioning home networking product and a high-tech paperweight.

Test Setup for Dual-Stack Router Providing IPv6 Connectivity via 6to4 Tunnels Over the IPv4 WAN

3 min read

Dual-stack CPE devices typically enable IPv6 connectivity via native IPv6 connections on the WAN or via tunneling protocols that transmit encapsulated IPv6 packets over the IPv4 WAN. Protocols such as DHCPv6 (with and without prefix delegation), PPPoE (running DHCPv6 or autoconf for address resolution), autoconf, or static IPv6 addressing can be used to provide native IPv6 connectivity on the WAN.

Testing TR-069 LAN side CPE with CDRouter

2 min read

The CDRouter TR-069 add-on module for CDRouter has the ability to test LAN-side devices, as defined in TR-181i1. TR-069 LAN-side devices are typically set-top boxes or VoIP endpoints that reside on the LAN side of the customer’s Internet Gateway Device (IGD) which may or may not support TR-069.

Testing Setup for a Gateway with a MoCA Bridge WAN

1 min read

CDRouter can be used with routers that have a Multimedia over Coax Alliance (MoCA) interface through the use of an external MoCA bridge. the MoCA bridge is essentially a media converter with Ethernet on one side and MoCA on the other. It bridges packets from a MoCA network to Ethernet and vice-versa.

Testing 6to4 and 6rd IPv6 Islands with CDRouter

7 min read

The world has spent a long time on the road to native IPv6. Fortunately, protocol advancements have mitigated the arduous task of deploying the next generation Internet.

Testing IPv6 over PPPoE with CDRouter

9 min read

There are two distinct phases required to establish a successful IPv6 connection over a PPPoE tunnel. The first phase involves establishment of the point-to-point link.

Static NAT Testing with CDRouter

5 min read

The CDRouter Multiport add-on includes support for static NAT configurations. CPE devices that support this functionality will have two or more public IPv4 addresses. One public address is typically assigned to the primary WAN connection and one or more additional public IPv4 addresses are also assigned.

What NAT ALGs does CDRouter test?

1 min read

CDRouter includes test cases for the following NAT ALGs:

How do I create a reliable test setup for wireless testing?

1 min read

When testing with a wireless interface, the link quality between the access point and the wireless adapter can impact test results. Some test cases are not tolerant of packet loss. Any packets dropped by the access point could lead to a test failure.

How do I convert from a Java keystore certificate to .pem format?

1 min read

To convert a Java keystore certificate to .pem format, follow these steps:

How do I convert a certificate from .pem format to .der or .cer format?

1 min read

The following openssl command can be used to convert a certificate in .pem format to .der format:

DHCP Server Testing with CDRouter

8 min read

CDRouter’s pre-defined test modules make it easy to quickly test and evaluate a CPE implementation’s integrated DHCP server. In addition, CDRouter’s flexible configuration options allow a wide variety of DHCP server scenarios to be simulated and tested in a consistent and repeatable fashion.

Configuring CDRouter for 802.1x Authentication on the WAN

8 min read

CDRouter includes support for configurations involving 802.1X authentication on the WAN. 802.1X is typically used by service providers to authenticate a client or device and open a port on an 802.1X enabled DSLAM or switch for CPE traffic. CPE devices that support 802.1X on the WAN must include 802.1X supplicant functionality in addition to common IPv4 and IPv6 WAN connectivity options such as DHCP and PPPoE.

Why does my 802.1x RADIUS session stop after the first packet?

1 min read

Some 802.1x/EAPOL authenticator implementations expect to find the RADIUS “State” attribute in any RADIUS response from the server. Some RADIUS servers use the State attribute to maintain sessions and some RADIUS clients check for it. However, when these implementations do not find the State attribute, the RADIUS packet may be dropped.

Port Scanning Test Configuration for IPv4 and IPv6

6 min read

CDRouter includes port scanning test cases in the firewall.tcl module which will probe the WAN interface of the DUT for open TCP and UDP ports over IPv4. These open ports provide services either by the DUT or forwarded to internal LAN clients. Users of the CDRouter IPv6 add-on will find they can also perform similar tests over IPv6.

Storage name resolution methods and protocol caveats

3 min read

CDRouter Storage allows a test engineer to execute various storage protocol tests against a storage-enabled device. In order for CDRouter to know the IP address of the storage service to be tested, it must either be told with an explicit IP address, or be given a DNS or NetBIOS name, or discover it using multicast DNS

IPSEC pass through testing

2 min read

IPSEC pass through is a technique for allowing IPSEC packets to pass through a NAT router. By itself, IPSEC does not work when it travels through NAT. Newer IKE and IPSEC implementations support NAT-Traversal which is a technique to detect NAT and switch to UDP encapsultion for IPSEC ESP packets.

Displaying the contents of an SSL certificate in Linux

2 min read

You can display the contents of a PEM formatted certificate under Linux, using openssl:

Leveraging the BBF.069 CPE Certification Program Using CDRouter

1 min read

The Broadband Forum BBF.069 CPE Certification program is the industry standard for qualifying products for use in TR-069 deployments, and is critical for ensuring that your products or service deployments will operate well.

How to get security traffic analysis insights during testing and why they're important

4 min read

Securing home/soho routers and WiFi network devices has become the most important topic for vendors and service providers. Ensuring network devices behave as intended, before they are deployed, is critical to avoiding unnecessary costs, avoiding brand damage, and guaranteeing a quality end-user experience.

Articles

Digital Forensic Investigation Using CloudShark Threat Assessment

Videos

What to do with your stability test results

Articles

About TCP Completeness

Articles

Testing stability in parallel with your complete test strategy

Articles, Videos

Testing performance and stability of Wi-Fi routers and broadband CPE

Webinars

Video: Testing Broadband Forum TR-181 Data Models for TR-069 and USP

Articles

Top 3 underlying network problems with your smart home products

Videos

CloudShark in action: solving the 2022 SANS Holiday Hack Challenge with pcaps

Articles

How to write a Wireshark tap plugin in Lua

Case Studies

How Trinity Cyber uses CloudShark to provide complete network security peace-of-mind

Articles

3 Tips for Securing Network Capture Data

Articles

Top focus areas for testing IP set-top-boxes and smart TVs

Case Studies

How Calix used CDRouter to develop and certify their USP/TR-369 solution for Broadband Service Providers

Articles

PCAP Collaboration Tips for NetSecOps Teams

Articles

Where to spend your smart home testing budget

Articles

Videos

Articles

Videos, Webinars

Articles

Articles

Articles, Videos

Webinars

Articles

Articles

Videos

Webinars

Articles

Case Studies

Articles

Webinars

Articles

Articles

Articles

Webinars

Case Studies

Videos

Videos

Articles

Articles

Articles

Articles

Whitepapers

Videos

Videos

Webinars

Articles

Videos

Videos

Articles

Videos

Articles

Articles

Videos

Webinars

Articles

Case Studies

Webinars

Videos

Videos

Videos

Videos

Videos

Articles

Articles