As the official test platform for TR-069 and USP certification, CDRouter contains several core test collections that will assist you when developing or deploying devices that use both protocols. Here are the top three things to focus on when testing TR-069 and USP co-existence and transition.
Read morePacket analysis remains crucial for diagnosing problems, but working remotely can make this process more complex. Here are three tips to help your team get the most out of the critical resource that is packet data, no matter where they are located.
Developers can avoid introducing security flaws into CPE devices by following best practices during development and testing. Here are four essential areas that developers should prioritize to eliminate security vulnerabilities.
Read moreThe user experience within your application is a significant factor in customer retention, satisfaction, and competitive differentiation. Here are three key things to consider in your UX design when building cloud-managed networking and cybersecurity applications.
Read moreWe recently sat down with Jody Botham, head of networks at Brsk, to learn about their challenges with sourcing and testing CPE, and how CDRouter’s fully automated testing makes this priority a reality.
Read moreWith the expertise required to add packet analysis, spending resources by building in-house means that you aren’t spending those resources on the features your team was built for. Here’s why buying a complete packet analysis solution as a strategic upgrade to your product is the smarter choice.
Here’s how adding the Packet Viewer OEM components to offer secure, seamless packet analysis can serve as an upsell for your existing customers and a key differentiator against competitors.
Read moreBrad gives an overview of the different test modules CDRouter contains for USP/TR-369 testing on your device.
Read moreIn this video, Brad goes through the CDRouter configuration steps and builds a test package to test TR-369, the User Services Platform, on your device.
Read moreWhile Wi-Fi performance tools that focus on physical layer testing play a crucial role, they often come with high costs and complex setups. What are some things to consider when deciding where to spend your test and automation budget?
Read moreMany hashtag#WiFi product teams feel pressured to focus on raw physical layer performance numbers with complex, expensive test environments that are difficult to use effectively. In this special video session with Matthew Langlois learn how you can develop robust products that satisfy real customer needs by comprehensively testing Wi-Fi interoperability, stability, and performance all in one environment and the important issues and proof you’ll discover in the process.
Read moreCisco Meraki's Intelligent Capture feature, utilizing Packet Viewer, provides an invaluable toolset for network professionals, Making Packet Capture Simple and Accessible in the Meraki Dashboard. Here's how the new feature is already creating more value for Meraki customers.
Read moreHere are some of the most essential things to consider when deciding how to handle pcaps in your solution and what customers should ask for when considering a cloud-managed network or cybersecurity solution for their organization.
Read moreHere are some of the most important things to test for 10 Gigabit Ethernet performance on home routers in the context of advanced Wi-Fi capabilities and modern broadband applications.
Read moreThe NTA3000 is the most advanced CDRouter platform to date, featuring fully automated Wi-Fi 7 testing and high-performance throughput capabilities. It’s tailored to address the growing complexity and performance demands of today's broadband gateways and Wi-Fi products, ensuring devices are market-ready with optimal quality and reliability.
Read moreWhat are the most important Wi-Fi 7 things to test beyond rudimentary PHY layer performance? Here's the key points and video with our CWNA-certified Wi-Fi expert Brian Dubreuil.
Read moreWhen things go wrong, dashboards can tell you there's a problem, but they often can't tell you why. What can packet captures give us beyond the dashboard?
Read moreHere is a quick, informative article about how to use CDRouter, the official testing tool for prpl HL-API certification, to get your results and get your product certified.
Read moreIn this article, Tom Peterson dissects the details of the CVE-2023-46604 vulnerability affecting Apache ActiveMQ using an example packet capture.
Read moreWatch the video and download the slides from our latest CDRouter Tips and Tricks webinar with Matt, Brad, and Brian from the QA Cafe Customer Support Team!
Read moreThis article explores some of the best practices for testing RDK-B, prpl, and OpenWRT-based devices, and what you can do to incorporate them into your development process.
Read moreWe recently sat down with Rafal Wierzbicki, the test lead responsible for quality assurance on Altibox’s CPE fleet, to ask him about the importance of stability testing to the broadband user experience and how he’s making use of CDRouter and its parallel testing capabilities to do more stability testing, faster.
Read moreWhat are the best ways to validate your RDK-B-based products using a complete automation framework that incorporates CDRouter’s test capabilities? Find out in this video of our webinar with Sophie Pool of Deutche Telekom!
Read moreHere's the full set of articles in our series on stability testing. Regardless of your experience level, these articles will serve as useful guides in your testing process!
Read moreLearn how RDK-B implementations can be tested with CDRouter and what to look at when building your automated test strategy for RDK-B based products.
For manufacturers of broadband CPE and Wi-Fi devices, ensuring that DSCP based QoS works, and works well, when prioritizing video, voice, and other data is crucial to ensuring a quality end-user experience. Join our QoS expert Tim Carlin on Thursday, July 27, at 10:00 ET for a special live session on testing QoS functionality using CDRouter!
Read moreHere is a quick overview of the capabilities available in Device:2.16 for developers building USP products and applications, and for operators looking to deploy them.
Read moreEnsuring that DSCP based QoS works, and works well, when prioritizing video, voice, and other data is crucial to ensuring a quality end-user experience. Here’s a bit about DSCP and how you can test it on your products using CDRouter.
Read moreIncluding packet captures in your DFIR strategy becomes increasingly important for maintaining a strong security posture and ensuring a swift and effective response to potential threats. Here's how CloudShark Threat Assessment makes that work.
Read moreIn this video, Matt summarizes what to do once you’ve got some stability test results: what to look for, how to find it, and what to do next to help improve your products.
Read moreA new field in CloudShark called "TCP Completeness" calculates which packets of a TCP connection are seen in a PCAP file. This field allows you to determine if the TCP 3-way handshake has been captured while viewing any packet in the connection. This article will explain why it is essential to know if these packets have been captured, how the value for this field is calculated, and how you can use it.
Read moreIn this special video with packet expert Betty DuBois, learn how profiles work when getting ready to view a packet capture; using profiles and known filters together to get to the information you need; using CloudShark along with profiles to collaborate with everyone involved in resolving an issue.
Read moreIn this article with a helpful infographic, we discuss how to incorporate stability testing with your feature validation, performance, and regression testing and how to leverage CDRouter's parallel testing capabilities to streamline the process.
Read moreWhat are the key tests you should run, and in what combination, for a good stability/stress test process? Here are our recommendations when performing this kind of testing with CDRouter.
Read moreWe had a major ISP encounter long-term stability issues in the field that would never be revealed by simply testing throughput in ideal situations. Here's what happened and how fully-automated stability testing can help.
Read moreCloudShark 3.10 updates the display filter language, and users may need to update certain filters in their existing profiles. Here are the major changes users should know about and how to best use them!
Read moreWe’ve put quite a few off-the-shelf smart home products through the test cases in our fully-automated PassPort test solution. Here are three of the most common problems we found and why they matter.
Read moreHere’s a great example of how fast CloudShark can get the right answers in cybersecurity investigations. Our own Tom Peterson decided to tackle the 2022 SANS Holiday Hack challenge, with a pcap investigation as the first step.
Read moreIn this video with QA Cafe and Amarisoft, learn how to easily connect your fixed-wireless gateway products to a fully-automated test environment with thousands of test cases.
Read moreBrad demonstrates how to set up automated CPE testing when using a GPON OLT, DOCSIS CMTS, or an Amarisoft LTE Callbox.
Read moreCreating Lua plugins can be very useful to Wireshark and TShark users, and there’s a great community around building them. Here's how we built our Wireless Networks Tap in Lua to use as a useful example when writing your own plugins!
Read moreWe recently interviewed Jeremy Brown and Stefan Baranoff at Trinity Cyber to learn how they make PCAPs a part of their solutions and how they use CloudShark and the CloudShark Threat Assessment tool to provide complete network security peace-of-mind to their customers.
Read moreHere are some of the most important things to pay attention to if you are responsible for testing mDNS on your home gateway and Wi-Fi router products.
Read moreJoin Matt, Brad, and Brian of the CDRouter customer success team to learn their favorite testing and automation tips that you should consider in the coming year.
Read moreThis collection of sample capture files highlights some of the new and updated protocol support included in CloudShark 3.10, including QUIC, DoH, WPA3, JA3, CommunityID, OPUS over RTP, and Wireguard.
Read moreIf you are a CISO or head of a NetSecOps department, you need to consider that network packet captures are both a powerful asset and a source of cyber security risk. However, they significantly improve DFIR work, if they are organized and available for collaboration! Here's 3 tips on how your NetSecOps team can pcaps files securely and effectively.
Read moreHere are some of the most important things that developers, manufacturers, and operators should consider when testing set-top-boxes, smart TVs, and other IP video devices and how QA Cafe's fully-automated PassPort test solution makes it easy.
Read moreIn this video, you’ll learn why simulating multiple virtual clients in your test setup is a powerful and economical way to validate your device’s functions, features, and performance.
Read moreCalix recently achieved BBF.369 USP certification for their GigaSpire BLAST systems, proving the quality of the product and support of the USP ecosystem. We sat down with Randy Qin, Director of Product Development of Revenue EDGE Products at Calix, to ask about their decision to support USP and their experience testing using CDRouter. Here’s what he had to say!
Read moreBrad shows you how to set up a CDRouter config file for TR-069 testing and how to configure your Device Under Test to connect with CDRouter's ACS.
Read moreBrad gives an overview of the test packages you can build when performing TR-069 testing.
Read moreHere are some tips to make working with captures as a team easier, more fruitful for the people doing the work, and more efficient for your organization as a whole.
Read moreWhat you need to know to get instant pcap analysis with your Mist AI systemOver the last 2 years, Mist users have opened tens of thousands of PCAPs directly from their dashboard to analyze with CloudShark. This partner integration delivers an entirely web-based way to connect anomalous network events with the raw PCAP. This was accomplished entirely frictionlessly, without any configuration or setup on behalf of the Mist customers.
Read moreProduct managers have to make some tough decisions about what kind of testing to focus on and how to get it done. Here are some of the things you should consider when allocating your smart-home product testing budget.
Read moreanaliti’s CloudShark integration is a quick, easy, and cost-effective solution for IT Networking Experts to leverage existing resources in the field to get a clear picture of the WiFi environment configuration and coverage by uploading WiFi scan results from clients’ phones to CloudShark Enterprise for further analysis. analiti is available for download in the Google Play Store and the Amazon Appstore and does not require additional or specialized hardware for generating PCAPng files from WiFi scans.
Brad demonstrates how to set up performance testing using the CDRouter Performance Add-On Expansion.
Read moreDownload our complete guide to creating a test automation strategy for developers, QA teams, and product managers building broadband CPE, Wi-Fi, and smart home products.
Read moreBrad shows you how to get insights into your test failures from test logs and packet captures, plus how to export and share results.
Read moreBrad demonstrates what the next steps are once your tests are complete, how to visualize results, and how to restart tests.
Read moreWatch this special video with QA Cafe's Senior Developer and API Master, Niels Widger, to learn how to incorporate feature, security, and performance testing into your CI/CD process!
Read moreAnalysis tools are critical to IT and cybersecurity efforts, and are much more useful when properly incorporated into an enterprise’s overall cloud infrastructure, accessed using modern web technologies and APIs. Here are some of the benefits of using cloud native analysis tools as part of your overall cloud strategy.
Read moreNiels demonstrates how to use the cdrouter.py scripts with your CI/CD pipeline.
Read moreBrad demonstrates how to select tests, schedule, and launch a test package.
Read moreRead our latest TechTarget IoT Agenda article to learn Wi-Fi testing best practices for your industrial IoT and smart-home products.
Read moreBrad demonstrates how to set up multiple physical or virtual WAN/LAN interfaces for testing enabled by the CDRouter Multiport expansion.
Read moreThe data model that defines what can be managed, monitored, and manipulated by TR-069, and its successor, USP/TR-369, is frequently updated to include new capabilities and interfaces to enable service provider control of the home network. As new technologies emerge, Broadband Forum members contribute to the next version of TR-181 in a fairly fast revision cycle.
Read moreLearn how you can test your own TR-069 or USP deployment scenarios using CDRouter to automatically configure devices for testing, replicate your device onboarding process, reproduce field issues, and connect your device to a live TR-069 ACS or USP Controller and monitor traffic.
Read moreRichard examines the four types of network security monitoring data: 1) full content data ("PCAP"), 2) transaction logs, 3) extracted content, and 4) intrusion detection systems (IDS) alerts. He uses Cloudshark to examine all four types and to compare and contrast the strengths and weaknesses of each.
Read moreSteen Enevoldsen is an industry veteran who has worked for both vendors and operators worldwide. He's also a CDRouter power-user! Watch this video where he explores how to get the most out of test tools like CDRouter and how to justify the purchase to your company.
Read moreWhat are some of the best ways that operators can gather and record network packets? What should you do as a vendor to enable packet capture in your products? What are the best ways to work with captures once you have them?
IOPSYS Software Solutions AB is a Swedish company taking the lead in bringing the open-source business model to broadband gateways and Wi-Fi routers. Here's how they use CDRouter to shorten their development cycles and improve customer confidence.
Read moreWhether you are a network product developer, network operator/ISP, or on a network/security operations team, learning about open-source Intrusion Detection System platforms like Suricata will help you! Watch our video to learn what it is how we use it in our products at QA Cafe.
Read moreBrad covers specific 802.11 configuration settings for testing over a wlan interface.
Read moreBrad demonstrates how to build a basic configuration for testing, setting up WAN and LAN endpoints.
Read moreBrad covers how to add devices to CDRouter's device management system to assign configurations, track testing, and connect to a DUT's user interface from CDRouter's UI.
Read moreAs part of our CDRouter training series, Brad gives an overview of the CDRouter user interface and how to add devices, run tests, and view results.
Read moreThe QA Cafe team works closely with the RDK community to validate the open-source RDK-B solution. Our CTO Tim Winters got a chance to sit down with Jamie Walker from the RDK Podcast to talk about testing, automation, standards, and how CDRouter helps RDK-B implementations stay robust and interoperable! Watch it here.
Read moreIoT users in both industrial and connected home settings expect their products and applications to “just work”. Luckily, IP technologies and IPv6, in particular, can help. In this article, learn why many IoT networks move to all-IP and what testing you can do to ensure your products work in the field.
Read moreIn this article, we explore what Suricata is, what it does, and some of the new and interesting ways we use Suricata in CloudShark, CDRouter, and PassPort.
Read moreWatch as the QA Cafe PassPort team shows you how fully automated Wi-Fi connectivity testing will improve your IoT and smart home products. We’ll cover topics including common connectivity and stability issues with Wi-Fi enabled products; Wi-Fi security and configuration options, and why you should test all of them; and Automating tests to look for regressions.
Read moreMany of our customers ask about SAML-based single sign-on in CloudShark and other network analysis tools - here’s why that’s a good thing.
Read moreRead our guest article in TechTarget IoT Agenda to learn why networking interoperability, security, and reliability need to be tested, why they are important to a solid IoT experience, and how stakeholders can automate testing, supplement their expertise, and pay attention to the small details that will help them deploy better products.
Read moreIn this video, learn which protocols, features, and performance metrics to test for IoT and smart home products, why they are important to a solid IoT experience, and how pre-built and automated test cases will take the pain out of product QA and validation.
Read moreContainerizing your cloud-based packet capture analysis solution can provide a significant advantage for network operations and security teams. Your analysts should focus more on solving issues and less on how to meet your company’s IT and deployment requirements. Here are some tips on how moving your packet capture infrastructure to the containerized cloud can help save your network and give you superhero status.
Our free guide for service providers covers the top ways that hackers target your subscriber's home network and a development checklist to protect your brand, your network, and your customers.
Read moreA guide for building best-in-class Wi-Fi products in a highly competitive market.
Read moreCDRouter is the official self-test platform of the certification program for TR-369, called BBF.369.
Looking to get certified? Reach out to us to get started!
Whether it is for broadband Customer Premises Equipment (CPE), home or enterprise Wi-Fi, or web-applications, Latin Telecom understands the benefits of automated testing to produce the best customer experience for broadband subscribers.
Read moreAirTies Wireless Networks Wi-Fi mesh and smart extender systems are the most deployed, robust and financially viable solution for service provider deployment on the market. Maintaining that status is no small feat, however. A key factor in AirTies’ achievement comes from testing and quality assurance at every stage of their development process.
Read moreAs more network management moves to the cloud, vendors building cloud-managed network tools have a unique opportunity to provide remote packet capture as part of their platform. Cloud- managed networking systems with built-in packet capture and web-based analysis tools provide wonderful new opportunities for network and security operations, IT pros, and managed service providers.
Read moreThe widely deployed TR-069 protocol and its successor, the User Services Platform (TR-369) are complex and powerful technologies that have successfully brought real value to operators, application vendors, and CE manufacturers. The key to that success is the standardization that can be tested and validated through certification programs.
Read moreSonicWall has been fighting the cybercriminal industry for decades defending small and medium businesses, global enterprises, and government agencies worldwide. Here's how they use CDRouter to guarantee the quality of their firewall and network security solutions with automated testing.
Read moreAs new 802.11 technologies address coverage and congestion issues, Wi-Fi routers and APs must support a web of configuration and feature options while handling complex applications and networking technologies. Testing and validation of performance, stability, and interoperability are critically important for the success of your products and services.
Read moreHackers have identified subscriber home networks as rich targets for malicious attacks. As a result, broadband service providers are looking at security in the CPE to protect their subscribers, network, and brand, and Wi-Fi router manufacturers want to differentiate their products with advanced security features.
Read moreIf you’re a Managed Service Provider or other IT outsourcing company, chances are you’ve had to use packet capture on many occasions to help customers solve network problems. With the right analysis tools, packet captures can be your go-to resource to help you get to the root of problems faster and make customer interactions easier.
Read moreNetwork packet captures present an interesting problem for HIPAA compliance, but they don’t have to be one that causes headaches.
CloudShark Enterprise, is a packet capture repository, analysis tool, and collaboration platform that we built to solve the challenges faced in our own capture workflow. It uses Wireshark under the hood, but all you need is a web-browser.
Read moreWhat do you do when you have certificates that you need to distribute to your team to look at encrypted data? How do you troubleshoot encrypted network traffic without having to give users access to your keys on their local machines?
Read moreIf you deploy Aerohive devices in your network, solving problems using network captures will get it done faster. Aerohive’s integration with CloudShark makes it easy to actually work with real network traces. Watch our in-depth seminar above on how to solve a real-world problem using HiveManger NG and CloudShark.
In our panel with special guests Sake Blok (@SYN-bit), plus Tony Efantis (@showipintbri) and Scott Lohin, we took an in-depth look at tackling problems with just a pcap and some hints.
Read moreWhen analyzing network traffic, we rely on our tools to show us how a TCP stream was reassembled or to give us a list of HTTP websites accessed in a pcap file.
We had the opportunity to speak with Steen Garbers Enevoldsen, head of Net Research and Development at Fullrate, and blogger, columnist and youtuber in his spare time. Fullrate is a service provider in Denmark who uses of CDRouter for their CPE testing.
Read moreTR-069 uses several remote procedure calls whose definition determine the types of TR-069 messages that are sent and received by an ACS or CPE. Every RPC is defined in the TR-069 base XML schema which can be found on the Broadband Forum website.
Read moreThe data model that defines what can be managed, monitored, and manipulated by TR-069, and its successor, USP/TR-369, is frequently updated to include new capabilities and interfaces to enable service provider control of the home network
Read moreWhether troubleshooting application performance, detecting security anomalies, or bringing a cloud deployment into compliance with the rest of your infrastructure, you will need to get to the packets to fully resolve and report on issues. How do you gather captures in such an environment in the first place? In this video, learn how AWS VPC traffic mirroring can get you the data you need, remotely, and analyze them directly in CloudShark.
Read moreCloudShark capture profiles are one of the most powerful ways to tailor your analysis view, significantly decreasing the time it takes to solve problems. Your column choices, decode rules, and decryption settings all apply towards making your job easier
Read moreBetty DuBois gives an in-depth look at how profiles can help you solve your packet capture problems faster by cutting through the hard work and helping experts and entry-level analysts work together.
Read moreAutomation is the key to successful incident response. However, when an issue moves beyond automation or requires analysts to step in, seamless access to network packet data is critical.
Read moreZeek (formerly Bro) is a powerful tool trusted by networking and cybersecurity experts for analyzing network traffic. By creating collated, organized records of network activity (called “logs”), Zeek gives the network analyst a new approach when dissecting and investigating traffic.
Read moreWhat a great opportunity we had to do this fun and entertaining webinar with Mist by Juniper!
Read moreWe had a chance to sit down with TalkFree, a leading international VoIP and mobile VoIP provider. As a CloudShark customer, they’ve given us some great insight into the ways that packet surfing technology can help VoIP providers make their troubleshooting and customer support systems significantly simpler, easier, and more advanced than ever before.
Read moreWhen Catchpoint came to CloudShark, we saw it as a perfect opportunity to demonstrate just how useful CloudShark can be in the brave new world of Cloud applications. Both SaaS and IaaS providers can really benefit from CloudShark’s ability to organize, secure, and share network captures that might come from all over the place.
Read moreWe’re very happy to have Front Porch as a customer - they have become some of our biggest fans and are a perfect example of how to use CloudShark on pretty much any appliance that needs to look at network traffic.
Read moreOracle + Dyn is a big name in the Infrastructure as a Service world. We’re amazed at how perfect of a fit CloudShark was for them - allowing them to centralize captures from dozens of locations and reducing their troubleshooting time significantly.
Read moreHere is a case study with 2U, Inc., an amazing company doing great things for eLearning in higher-education. They are using Cisco Meraki’s CloudShark features.
Here is a case study with Pivotal Networks, a networking design and deployment consultancy with a worldwide customer base of active networks that they continually support. Here’s a great example of a company that uses CloudShark’s collaboration features with both their Meraki install base and with remote Wireshark integration.
Read moreWe got a chance to sit down with one of CloudShark’s most engaging customers, Fox-IT, who sit on the front lines of the exciting Cybersecurity world. Here’s what they had to say about using CloudShark!
One of f5 networks key solutions is its Silverline DDoS protection. The task of capturing, detecting, and filtering such massive attacks means they often go directly to raw packet data to root out customer problems. CloudShark’s collaboration tools have changed the way they deal with packet captures, saving them valuable time in an industry where seconds matter.
Read moreWe got a chance to sit down with one of CloudShark’s most engaging customers, Fox-IT, who sit on the front lines of the exciting Cybersecurity world. Here’s what they had to say about using CloudShark!
Read moreThrough their exclusive content, networklessons.com helps network professionals achieve their personal goals, whether they are just getting started, seeking certification, or upgrading their skills.
Read moreOur case studies usually focus on end-users of CloudShark, but our recent integration with Beeks Financial Cloud was a great opportunity to show just how easy it is to work with us here and incorporate CloudShark into your products to get the most out of working with captures.
Read moreThe Information Security & Intelligence (ISI) program at Ferris State University, started in the Fall 2007, was created from the ground up with cybersecurity and intelligence at its core.
Read moreDeepSearch is at the core of what makes CloudShark unique for managing and storing your entire repository of PCAP data. Our innovative technology allows you to search across the PCAP files in your archive and find individual packets in each of them.
Read moreThe great thing about CloudShark’s capture decode is that it supports all of the standard Wireshark display filters. You may know the common ones, such as searching on ip address or tcp port, or even protocol;
Read moreYears ago, an apparent Man-In-The-Middle (MITM) Attack on the popular code sharing site github.com occurred, which seemed to originate from China for users trying to traverse the “Great Firewall”.
Read moreIn 2013, the creator of AstLinux, Kristian Kielhofner, discovered a bug in certain model and version of Intel based Gigabit Ethernet implementations that can result in a “packet of death” that will bring down the network interface
Read moreCloudShark 1.9 includes the ability to visualize RTP streams and play them back if they contain audio. For SIP calls, CloudShark will automatically decode the conversation as an RTP stream. However, for other protocols RTP will generally use a random port - not immediately apparent to CloudShark.
Read moreWe’ve been talking a whole lot about integration lately. From our recent bout at Cisco Toolapalooza, to the great work that’s being done with Meraki, we’re finding that the best way people get comfortable with CloudShark is by incorporating it into their existing tools.
Read moreIt’s no secret that CloudShark uses tshark to generate the data we use in the CloudShark database, resulting in what you see when you view a capture in the CloudShark viewer.
Read moreIn CloudShark 1.9 we added the ability to play back RTP streams so that you can replay voice data embedded in packet captures for call quality analysis. When we launched this feature, CloudShark supported G.711, G.729, and GSM voice codecs, used by many voice and mobile providers.
Read moreCloudShark 2.0 added a lot of cool new features to CloudShark, but perhaps the most powerful (and most complex) was the addition of search capability to the CloudShark API.
Read moreThe CloudShark plug-in for Wireshark lets you seamlessly sync your Wireshark packet captures with either a CS Enterprise system or CS Personal account.
While CloudShark’s packet capture holding capacity is limited only by the size of the disks available to it, many of our CloudShark users are curious about what to do if they want to automatically delete captures after a certain period of time.
Read moreAs many are aware (as it’s now become national news), a vulnerability was recently discovered in OpenSSL dubbed Heartbleed. The attack centers around the implementation of the Heartbeat extension in OpenSSL which causes a server to return the contents of memory that should be protected. This blogpost by Troy Hunt describes the vulnerability in detail: Everything you need to know about the Heartbleed SSL bug.
Read moreThe pcap capture file format has been the universal packet capture format since the early days of computer networking. Almost all capture tools support the pcap format. And while vendors have created new formats over the years, most tools support conversion into the pcap format.
Read moreWe now know a lot about the NSA’s various techniques in its QUANTUM program. One of the most prolific (and sneaky) of these attacks is the “QUANTUMINSERT”, which exploits a long-known TCP vulnerability that will cause, effectively, a redirect to a malicious resource.
Read moreWell, it’s official; the IETF has officially deprecated SSLv3.0. This means that it’s now a protocol violation to fall back to it. We’d like to take the opportunity to explore how to debug web applications that use HTTPS over SSL/TLS in CloudShark.
Read moreBy now you’ve signed up for a CloudShark account and probably pushed your first capture from HiveManager NG into your repository. Where do you go from here? What sort of things should you be looking for?
Read moreNow that we have our new Aerohive APs in our office, we’ve been excited to learn more about wireless troubleshooting and debugging. The built-in packet capture feature in HiveManager NG makes getting traces into CloudShark for analysis really easy. Now that we have the traces, what do we do with them?
Read moreWith work-from-home now a reality for many, here's a quick example from Tom, using real packet captures, of how 802.11 retries may be the source of your Wi-Fi woes.
Read moreDeep in the explosive and risky CloudShark laboratory, we’ve been cooking up a special Chrome extension just for CloudShark users.
The extension adds the ability for Chrome users to right-click on a capture in the capture list view and go directly to an analysis tool, rather than opening the packet viewer first. It’s definitely something that’s been asked for by our users!
CloudShark’s capture repository is great for uploading your own captures and building a complete list of your network capture history and all of the captures that are most important to you. But, one of the most frequent questions we get is “Where can I find sample packet captures?“”
Read moreWe often get requests from users of Google’s Chrome OS, the operating system installed on the Chromebook series of portable computers, on how to troubleshoot Wifi, apps, or websites. CloudShark is particularly helpful in these cases because installing Wireshark can be difficult or out of the expertise of those using systems like Chrome OS, particularly in education where Chrome OS has become very popular.
Read moreWhen getting to the heart of an application or security problem, finding the right TCP stream and following it using the “Follow TCP Stream” view in CloudShark is usually the place you want to get to in order to see an issue in action, for a great many use cases. But how do you find the right stream, and what should you look for once you’re viewing it?
Read moreStackStorm, by Extreme Networks, is a powerful automation platform that wires together all of your apps, services and workflows. It is richly extensible, letting you integrate with all manner of network equipment, analysis tools, and more. They have both an open source version and a version that is part of Extreme Networks’ “Extreme Workflow Composer”.
Read moreDuring the last week of February in 2018, several big internet sites started seeing a huge increase in a particular style of DDoS attack, taking advantage of the memcached protocol. Being the packet geeks we are, we wanted to explore the attack on one of our own internal servers and get a capture of what’s happening at the packet level so you can see it in action.
Couchdrop.io is a secure cloud storage service that lets you use SCP to manipulate your data assets. They’ve integrated with cloud storage giants like Dropbox, Google Drive, and AWS-S3. With their CloudShark integration, you can make use of custom scripts or interaction with remote servers that have packet capture capability to instantly and securely push network traces to CloudShark, analyzing them without ever leaving your browser.
Read moreIs it the network, or the application? This question is so common that “it’s not the network” is a meme among IT professionals and developers alike.
When packets are transmitted from one interface to another, they aren’t necessarily delivered consistently. When a multitasking OS gives CPU time to the network process, it will send as much data as it can in the shortest time. In addition, for each “hop” that data traverses, buffering and other resource bottlenecks inherently make most traffic “bursty”.
Read moreBursty traffic, particularly microbursts, are an often overlooked phenomenon that can cause serious issues with network performance. We’ve explained before what microbursts are and what they look like, but how can you use existing tools to test your network’s reliability in the presence of microbursts?
Read moreWe’ve written extensively about the phenomenon of network microbursts and how to use the iPerf network performance tool to create them in order to test their effects on your network. Our interest in them grew out of our work with Velocimetrics, since microbursts can have pretty significant effects in financial/trade markets.
Read moreA common question we get other than where to find example packet captures is which packet capture tools exist that are either free, work in a command line, work directly with CloudShark, or all of the above. Here’s a list of our go-to capture tools (other than Wireshark of course) and the different scenarios in which they can be used.
A misconfigured VPN setup can cause certain information to remain unsecured, allowing an observer to learn a user’s public and private IP addresses and witness its DNS requests. Here's some examples.
Read moreOne of the most powerful tools we use when testing CloudShark is a combination of VMware Workstation and the Vagrant API interface. With Vagrant, we can test every permutation of CloudShark via a barrage of automated testing.
Read moreTransport Layer Security (TLS) version 1.3 has some rather important improvements over TLS 1.2. Released in 2018, it will still take awhile for most application to migrate towards using it. Here's a quick overview of the benefits, with real packet capture examples.
Read moreWhere do I start with packet capture analysis? Here are some expert resources from our colleagues in the network and security industry answering the most common questions we get about packet analysis at QA Cafe.
Read moreUsers of CloudShark Personal SaaS can take captures they’ve uploaded and put them together in “collections”. Collections are great for matching up multiple captures that all have to do with the same topic or problem, and is ideal for educators and bloggers looking to use CloudShark captures in their classes and content.
Read moreProtocol choices made in older internet standards don’t scale to today’s network speeds. TCP (Transmission Control Protocol) has been making networks go for a very, very long time. As with many of the early internet protocols, limitations that seemed reasonable then can have a negative effect on performance now.
Read moreOur series exploring TCP continues with a look at TCP Timestamps and their use within high bandwidth networks.
Read moreTCP Fast Open (TFO) is an optional mechanism within TCP that lets endpoints that have established a full TCP connection in the past eliminate a round-trip of the handshake and send data right away.
Read moreWe love the exercises at malware-traffic-analysis.net, and occasionally we’ll pick some that we try to solve using CloudShark and its tools.
Read moreTroubleshooting wireless problems often requires a deep dive down to the packet level. But with so much information in there, how do you know where to look first?
Read moreTwo of Cisco’s Wi-Fi access points for small-to-medium business include integration to upload wireless captures to CloudShark.
Read moreIn this video, we explore an actual exercise from malware-traffic-analysis.net to learn how to investigate security monitoring alerts using packet captures, from identification to remediation, and the steps you can take to organize and save your analysis for better reporting and retro-hunting in the future.
Read moreCloud managed Wi-Fi and enterprise switch networks are quickly becoming the norm. For those who deploy Cisco Meraki brand systems for their business or as an MSP, it can be difficult to debug network problems that arise on a network that is remotely distributed, even if it’s under your control.
Read moreCloudShark is a web-based packet capture analysis platform built for collaboration. Your instructor is using a CS Personal SaaS account to host network packet captures and make it easy for you to work with them during this course. Watch our quick video to get started using CloudShark links that your instructor may have given you as part of your class:
Read moreTom was looking at a few different malware captures from his honeypot recently and found that he was repeatedly typing the same display filter over and over again on each new file.
Display filters can make the difference between being overwhelmed by a PCAP, and zeroing in on what matters most. They provide a way to change which packets you see. Their powerful and comprehensive syntax makes them very flexible, but it also means they can be difficult to remember and lengthy to enter every time.
Read moreYou know when you move into a new place, you still get mail for the people who used to live there? Do you ever wonder who those people were when you write “Return to Sender” on the envelope?
Read moreWhether you work from home or are otherwise separated from your packets by a data center, VPN link, or a WAN connection, being able to debug packet captures is an important part of keeping your networks running smoothly. The ability for your team to work on captures remotely can have real benefits when it comes to saving time, securing data, and especially increasing efficiency.
Read moreMicrobursts are difficult to detect and can cause all sorts of problems, particularly with applications that require reliable, high-speed, low-latency data transmissions. Our partners at Velocimetrics develop solutions to monitor, analyze, and improve these high-performance networks, and CloudShark is an integral part of their platform.
Read moreLast month we learned about a new vulnerability dubbed “CallStranger” which shows how UPnP can be used to exfiltrate data and perform DDoS amplification attacks. Billions of devices are vulnerable.
Read moreZeek provides a great new way to interface with your captures and speed analysis. Here is a quick overview of Zeek, how it works, and how you can use it to discover and resolve network and security problems more efficiently.
Network + security management is hard work. Companies have a number of detection and automation tools at their disposal, but when analysts need to get involved, having acess to the raw packet captures saves analysts valuable time and helps them accomplish the goal of netsec ops: protecting the business.
Read moreWhen an attack happens, the packet data that flows across the network is critical to the incident response lifecycle. Here's 5 tips to greatly improve the success of your security operations using pcaps along with tools like Zeek and Suricata.
Read moreNetwork packet captures present a unique challenge to CIOs and CISOs when considering cybersecurity framework compliance like those outlined by NIST or the DHS Cybersecurity and Infrastructure Security Agency (CISA) Trusted Internet Connections program.
Read moreAs security and privacy become more important every day, the use of encrypted connections between clients, servers, and peers has been increasing at an amazing rate. With efficiency improvements to secure technologies like TLS 1.3 and easier methods to obtain certificates like LetsEncrypt, this number is only going to grow.
Read moreChris Wellons of nullprogram.com put together a great article on building “tarpits” to foil automated network attacks. In this example he shows his implementation of endlessh to trap attackers probing for open ssh servers.
Read moreHave you ever wondered what your “smart toaster” was sending back to the internet about you? Or how your WiFi dog food dispenser knows your schedule? Our engineer Tom did
Read moreNetwork security has never been more important, and network visibility demands have seen a huge increase as networks become virtualized and more complex.
As members of the Broadband Forum and its Connected Home Council, QA Cafe is on the forefront of testing and validation for the technologies that our CDRouter users are building into their products and services.
Read moreTR-069 refers to the Technical Report published by the Broadband Forum that defines the CPE WAN Management Protocol, or CWMP. CWMP was developed to allow providers of broadband services to deploy and manage customer premises equipment in home and business networks.
Read moreEvery TR-069 session is initiated by a CWMP Endpoint on a CPE. These sessions always occur for a specific reason, called an “Event”. All of the Events that have yet to be delivered to the ACS are contained as arguments in the Inform RPC at the start of every TR-069 session.
Read moreIn TR-069, the CPE is always initiates a session. When making first contact with an ACS, how does it know the ACS URL it is supposed to contact?
Read moreThough every TR-069 session is initiated by the CPE endpoint, sometimes it’s necessary for the ACS to request that the CPE contact it immediately. To do this, TR-069 defines a Connection Request mechanism in CWMP, which allows the ACS to stimulate the CPE to begin a session.
Read moreThere’s one caveat to ConnectionRequests - they require that the CPE can be reached by the ACS over HTTP. For endpoints that may reside behind a Gateway, this is not the case, thanks to Network Address Translation or Firewall rules.
Read moreWhile XML is used most often to define and describe information, TR-069 also uses it directly over the wire when transmitting messages. This means that the ACS and CPE pass XML documents back and forth over HTTP during a TR-069 session.
Read moreIn TR-069, the 4 Value Change event code is used when a parameter set for notification is changed by any mechanism other than the ACS. These conditions are set using the SetParameterAttributes RPC.
Read moreEvery TR-069 session is initiated by a CWMP endpoint that is looking to deliver an event. These events have different delivery requirements, using language such as “must not discard”, “must retry until reboot”, “may retry” and “must not retry”.
Read moreThe GetRPCMethods argument is used by both the CPE and the ACS to request a list of the RPCs supported by either endpoint to better understand the endpoint’s capabilities. It’s one of the simpler RPCs in that it contains no arguments
Read moreWhen an ACS wants to learn what objects exist on a CPE and what parameters they support, it can use the GetParameterNames RPC. Like other RPCs, GetParameterNames makes use of the ParameterPaths argument, so let’s take a minute to understand parameter paths.
Read moreThe fundamental purpose of TR-069 is to allow an ACS to interact with the CPE’s instantiated data model, that is, the representation of its current state. The RPCs that form the basis of this include the Get and Set Parameter Values methods.
Every parameter a CPE’s CWMP data model contains metadata known as “attributes”. These attributes include the “Notification” attribute and “AccessList” attribute. The access attribute was defined early on in TR-069 to provide a method for assigning an access control rule identifier to each individual parameter
Read moreAn “object” in a CPE data model is an element of functionality that can be configured by an ACS. While an object’s parameters are configured using the SetParameterValues RPC, Objects that are able to be created by the ACS can be added to a device using the AddObject RPC, and removed using the DeleteObject RPC.
Perhaps the biggest use case for TR-069 is managing a CPE’s firmware, allowing service providers to remotely upgrade their install base without needing to send the firmware to the customer or send an engineer.
Read moreThe Reboot RPC is used by the ACS to explicitly cause the device hardware to restart. This could be for any number of reasons, though should never be used as a means to force the CPE to upgrade itself.
Read moreIntrinsic to the operation of CWMP are the objects and parameters made available to an ACS by a CWMP endpoint. These maps of a CPE’s capabilities and state are referred to as “data models”.
Every data model in TR-069 contains the objects and parameters that represent the functions of a broadband CPE or other device. This includes their addressable name, syntax, data types, and a normative description of how they are to be used.
Read moreMost objects contain a set of elements containing sub-objects and parameters. Parameters are defined using the parameter element, and, like Objects, have a set of attributes and elements that describe how the parameter is to be used and its requirements.
Read moreThere are two kinds of endpoints in USP: Agents, and Controllers. A USP Agent is an Endpoint that exposes functions represented by a set of service elements.
Read moreThe User Services Platform is a system for managing, monitoring, deploying, troubleshooting, and controlling any kind of network connected electronics or virtual services.
Read moreOne of CloudShark’s main and most useful features is the ability to add annotations to individual packets, or to import packet comments from the pcap-ng format into CloudShark annotations.
Read moreWhat is TR-369/USP? Here is an overview of the Broadband Forum User Services Platform (USP), defined in TR-369, including its basic use cases and how to get started with development.
Read moreThe functions of service elements are described in a set of xml documents known as the USP data model. A data model describes how things like network interfaces, device functions, IoT objects, and more are exposed to controllers. You can find the USP data models at:
Read moreService Elements that are defined in the USP Data Model are addressed in USP Messages with a particular syntax called Path Names. Path Names are called such because they describe the “path” within the data model’s tree of objects used to reference a particular object or elements of that object to operate upon.
Read moreCommunications between a USP Controller and USP Agent are delivered using two separate constructs: the USP Message, and its container, the USP Record.
Read moreThe Add Message in USP is used to create new instances of multi-instance objects in the Agent’s instantiated data model. This is used for a wide variety of service configurations such as creating new Wi-Fi networks. In USP, perhaps the most critical use of the Add message is with the
Read moreThere are three USP messages that are used to change the state of an Agent’s service elements: Add, Set, and Delete. Since these messages can be used for a number of different use cases, they contain mechanisms to ensure that the Controller is able to configure service elements
Read moreWhile IPv6 has been in development for more than a decade, the availability of residential IPv6 is still in its infancy. Traditional CPE devices running IPv4 with NAT are now adding IPv6 capabilities and transition techniques even before native IPv6 connections are commonly available.
Read moreThere’s no question that broadband is the premier service delivery platform of the 21st century. With the explosion of new devices now aware of the network, and new services looking to exploit them, the devices you produce or deploy are becoming more complex than ever before.
Read moreCDRouter is the official self-test platform of the certification program for TR-069, called BBF.069. Looking to get certified? Reach out to us to get started!
Read moreDevices that enhance consumer Wifi are becoming more and more prevalent, both off the shelf and deployed by service providers. A Wifi booster or Wifi range extender is sometimes a simple repeater, but more often they act as layer 2 bridges, and can still be tested for performance and management via TR-069 or SNMP.
Read moreDOCSIS test setups have many different parts that all must be configured, maintained, and interoperable in order to reliably test Cable Modems, eRouters, and more.
Read moreThough CDRouter contains thousands of test cases, much of its power comes from being a fully capable automation platform for your entire test process. In addition to automating CDRouter test cases, you can use the CDRouter API to connect with your continuous integration, external test tools, or other applications to make your testing even easier.
Read moreIf you’re developing a device or deployment that uses the CPE WAN Management Protocol (TR-069), like managed Wi-Fi or other services, what should you test for? What are the benefits of automating it with a dedicated test platform? What are the benefits of getting certified or asking your vendors to certify?
Read moreThe rapid expansion of Wi-Fi as the medium of choice for home networking has introduced an explosion of new products from both new and established manufacturers.
Read moreManaged Wi-Fi. IoT security and onboarding. Customer self-care. Application enabled smart gateways. These are just a few of the critical needs of service providers today, facing ever increasing pressure to increase quality and gain revenue from new services.
Read moreSecurity testing can be easy with the right tools! With an increase in cybercriminals targeting home/SOHO gateways and Wi-Fi APs, testing has never been more important. In this webinar, you’ll learn how monitoring the behavior of a device under test, by analyzing its live network traffic can help uncover issues that may not come to light with regular penetration testing.
Read moreApple HomeKit technology is being added to more and more smart home devices every day. Apple HomeKit-enabled routers are the key to an interoperable and secure user experience using this powerful solution.
Read moreAs more and more network-capable devices are added to home and business networks, enterprise edge routers, home gateways, and access points need to be pushed to the limits and tested in ways that simulate real-world connection scenarios. In this video, you’ll learn how automated performance testing can be sourced through multiple, virtualized clients - simulating real line-rate throughput and exercising your device’s functions and features in a complex environment.
Read moreTechnicolor is a world leader in nearly all areas of the digital home and broadband business markets. Their Service Gateways for both residential and business applications are used by some of the biggest Internet Service Providers all over the world.
Read moreEveryone knows of the Linksys home router family. The E-series product line of advanced Wi-Fi routers are their most popular, and it’s easy to see why. As more and more “Super Gateways” come onto the market - gateways that have very rich feature sets that can cover a wide variety of consumer and service provider needs
Read moreNetCologne is one of the major regional broadband service providers in Germany, giving high quality broadband services to homes, businesses, and developers of multi-unit dwellings.
Read moreWith over 400,000 delivery points, Altibox is the largest fiber broadband service provider in Norway. For six consecutive years, they have been named with the most satisfied broadband and IPTV customers - a rarity for service providers in the Nordic region.
Read morePing Communication is a worldwide leader in the design and manufacture of Broadband Access CPE and home networking products, covering a wide spectrum including xDSL, Fiber, Cable, LTE/3G/CDMA gateways and Wi-Fi. It is Ping Communication’s consistent testing and iterative improvement, particularly when dealing with the IPv6/IPv4 concurrent networks many providers are using, that sets it apart in the complex and demanding world of service provider networks.
Read more"It quickly became obvious that CDRouter could help broaden our test coverage while reducing the time investment." - Tyler Newman, Senior Manager of Engineering Test Services at eero
Read moreIn this article, Steen tells us why testing CPE is vitally important, why CDRouter is a must have for any service provider, and how he built a 3-D printed robot controlled by CDRouter.
Read moreAirTies Wireless Networks Wi-Fi mesh and smart extender systems are the most deployed, robust and financially viable solution for service provider deployment on the market. Maintaining that status is no small feat, however.
Read moreCDRouter makes it easy to test dual-stack lite B4 CPE implementations on a functional level, and when combined with the many LAN modes of operation available, can help identify issues that are not visible by iterative conformance testing.
Read moreRequirementsThe core gateway functionality of a GPON ONT can be tested with any version of CDRouter or CDRouter Multiport. If the ONT supports TR-069, IPv6, IKE, or storage additional CDRouter add-ons may be required to fully test these features.
Read moreThe test setup for DSL CPE devices is similar to the test setup for typical Ethernet-to-Ethernet routers, with one exception. Since CDRouter does not have the ability to terminate the CPE device’s DSL connection directly, a dedicated DSLAM must be included in the test setup.
Read moreSome CPE devices will not validate a SSL/TLS certificate from the ACS until a time source is established. TR-069 states that devices should skip date validation of certificates if a time source is not established. However, in practice some CPE devices simple end the SSL connection.
Read moreCDRouter is the ideal tool for testing the higher layer functionality of DSL based CPE. With a few additions to the basic test setup, CDRouter can be used to test CPE utilizing any type of DSL or G.fast devices.
New broadband access topologies come along every day that are making it easier for service providers to provide fiber quality broadband services without running fiber all the way to the home. One of these topologies is referred to as “Fiber to the Drop Point (FTTP)”, and does precisely this: allowing fiber to be run to a Drop Point Unit, where it is broken out into VDSL2 or G.fast (the lastest and fastest DSL based transition technology.
Read moreNearly every home device has Wifi capability, and with the emergence of the Internet of Things, that number is likely to increase exponentially. It will be more important than ever to ensure that Wifi routers and access points can handle the load and the applications that are likely to be accessed by all of these Wifi enabled devices
Read moreQA Cafe has been testing CPE routers since 2002 trying to test as many routers as we can find. During this time we have learned that the quality level of home and business routers/gateways on the market varies considerably.
Read moreAt QA Cafe we continuously see new consumer broadband and home network devices come into the market and into our lab. One of the newest class of devices are “travel routers” - routers that are popular with people who frequently connect to public Wifi networks or those offered by hotels, restaurants, or hospitals.
Read moreThe week of November 28 2016 saw a massive attack on certain home routers deployed by several European service providers. The attack was based on the Mirai Malware attack several weeks previous that affected the dynamic DNS services provided by Dyn, Inc..
Read moreAs one of the most largely deployed broadband management protocols in the world, TR-069 has quite a footprint, and a compromised system could potentially affect many broadband subscribers adversely.
At QA Cafe we deal directly with a lot of standards from many different organizations, all of which go into making the home routers and other connected devices that we test with CDRouter.
Read moreWe’ve explored issues we’ve discovered with ARP implementations in the areas of security and robustness. CDRouter includes tests to handle these discoveries.
Read moreModern home gateways and Wifi routers have a lot of advanced functionality that do more than simply push packets.
Read moreThere’s many use cases for TR-069 from a service provider’s perspective. Beyond onboarding, firmware upgrades, and service configuration, however, is the ability to monitor various statistics on devices and network interfaces to help troubleshoot an end-user’s service.
Read moreIn the world of the Internet, it’s vitally important that technologies keep evolving. Change is a rule of all technology, even if it comes slowly to fundamental systems like DNS (Domain Name Service).
Read moreCritical to testing TR-069 implementations is the ability to demonstrate that the underlying code that configures settings on the device interacts correctly with the commands sent via CWMP.
Read moreWe’ve mentioned CloudFlare’s 1.1.1.1 DNS Service before, and the possible effects of its use on gateways. One of its features is the ability to use DNS over TLS, also called “DNS Privacy” by the people at DNSPrivacy.org.
One of the most important use cases of TR-069 (and its evolution protocol, USP) is in the autoconfiguration, management, and troubleshooting of Wi-Fi networks. Often the source of the most customer service problems, being able to set up an end user’s Wi-Fi and make sure it’s working is critical for a satisfactory “carrier grade” home network.
Read moreAlthough IPSec and IKE have been out for a long time, and considered by the Internet community to be mature protocols, you can still find low-level issues in certain designs.
Read moreWe enhanced CDRouter 10.7 as a complete automation platform with our “package scheduler”. You can set a test package to run at a particular time just as if it were initiated by a user. This is perfect for repeated regression testing and making sure you can maximize your testing over time. Here’s a quick video on how it works
Read moreSecurity in home networking devices, particular home Wi-Fi routers, has come to the forefront in the last few years. While many of the discovered vulnerabilities are zero-day (meaning they are new vulnerabilities that can be exploited before they are known), some of the more recent attacks including VPNFilter, are exploiting common weaknesses in consumer router design that have been well known for some time.
The team here at QA Cafe is deeply involved in networking standards, especially the Broadband Forum and the TR-069 protocol. The Broadband Forum is expanding the reach of TR-069 with its User Services Platform, representing an evolution of TR-069 to managed a more varied and greater number of connected devices
Read moreIn alignment with the release of TR-069 Amendment 6 and the User Services Platform/TR-369, the Broadband Forum updated its comprehensive data model that describes CWMP endpoints or USP agents. There’s a number of new features, some of which are tied to updates to CWMP, as well as new interfaces and applications that are managed by CWMP or USP. Here’s a short overview of the changes in Device:2.12.
Read moreOur own Niels Widger wrote an in-depth article for EDN Network on the MAP-E protocol and how it allows broadband ISPs to support legacy IPv4 networks on the subscriber’s premises while still using IPv6 in their core network
Read moreA growing number of consumer network devices have become dependent on live network resources in order to come online and function correctly. These resources include cloud management systems, “sanity check” connections to sites like Facebook, Google, etc., and third-party applications that provide security or parental control services.
Read moreBig data analytics and statistics monitoring are critical in almost any industry today. Broadband service providers and MSOs can make use of mass data to monitor and anticipate network problems, optimize Wi-Fi, and provide input to machine learning/AI systems.
Read moreIf you’re a developer building WPA3 enabled devices or a provider looking to deploy them in your subscriber’s network, it’s helpful to know what to expect from this new security technology. CDRouter has support for testing over WPA3 protected links to help you test the scalability and stability of WPA3 links as well as the performance and behavior of applications and features on these devices.
Tied with the release of version 1.1 of the User Services Platform/TR-369, the Broadband Forum also released version 2.13 of the Device:2 data model for TR-069 endpoints and USP agents.
Read moreIn today’s security-focused world, every protocol is a potential attack point, even a protocol as old and localized as ARP.
Read morePowerful protocols like USP/TR-369, and its predecessor, TR-069, help the broadband and consumer electronics industries produce devices that can be configured, monitored, and controlled in a standardized way.
Read moreHackers are targeting home routers to gain access to the devices in your home, or worse. Now that many of us are working from home, security is even more important!
Read moreIn a world where development teams are spread out or there is a need to work from home, testing connected device software and hardware is difficult without the right tools. In order to make sure your team stays on task, efficiently qualifying each version of your products, CDRouter’s automation and user interface works seamlessly whether you are in the office or over a VPN
Read moreThe NTA1000v7 is a high performance network appliance designed for CDRouter, the industry’s leading test solution for Wi-Fi devices and broadband CPE.
Read moreToday’s home network users are security and privacy-conscious. They expect great Wi-Fi with high-quality broadband connectivity. Users also want to know their experience is protected and under their control.
The Broadband Forum’s User Services Platform (TR-369) is a revolutionary new standard enabling new markets and revenue streams for service providers, software providers, and consumer electronics manufacturers looking to monetize the connected home.
Read moreTimothy Winters, QA Cafe’s Chief Technology Officer, is featured on APNIC, the Asia Pacific source of IP address distribution, with a blog post about Testing Transition Mechanisms in IPv6-Only Networks. What are the major roadblocks when testing IPv6 transition mechanisms?
Test automation is an important step for developers of software. Software development has moved steadily toward Continuous Integration and Continuous Delivery (CI/CD) to produce, test, and deploy updates to meet customers needs quickly.
Read moreIncumbent vendors and startups are developing “smart” home routers, WiFi access points, or parental control systems that are meant to be managed using a web based application in the cloud. This presents some difficulties for network function QA, as it is difficult to ensure a controlled environment when your device needs to be connected to the Internet or other external resources.
Read moreMany different factors can affect your product's performance - here are six tips to guide you when qualifying your device performance during test and development.
Read moreOne of the benefits of performance testing with CDRouter is the ability to run feature testing within the same test run. As things change over time, performance can degrade significantly in some routers. Here's a quick guide to so what tests you should run on a new device to cover your bases.
Read moreIt’s no question now - malicious attackers are targeting the home network, and the gateway in particular. Testing for security vulnerabilities can be tedious and ineffective if you don’t have a controlled, repeatable, and fully automated test environment.
Read moreThis webinar includes an overview of how to test a number of protocols and features with recent versions of CDRouter
Read moreCloudShark developer and packet guru Tom Peterson gives us another example from malware-traffic-analysis.net to learn how to best use CloudShark and our Threat Assessment add-on to get to the root of malicious activity. Let’s join him now for his latest exercise.
Read moreCloudShark developer and packet guru Tom Peterson gives us another example from malware-traffic-analysis.net to learn how to best use CloudShark and our Threat Assessment add-on to get to the root of malicious activity. Let’s join him now for his latest exercise.
CloudShark developer and packet guru Tom Peterson has been deep in the trenches doing malware analysis exercises from malware-traffic-analysis.net to learn how to best use CloudShark and our Threat Assessment add-on to get to the root of malicious activity.
Read moreTrying to debug a web application that is dependent on running over a secure connection is difficult. It used to be that it required you to have the private key (in RSA format) in order to do so, and for those situations, CloudShark Enterprise’s RSA Key Management system is ideal.
Hi all! Tom here. You may remember me as the face of CloudShark Support, and your host in our last malware analysis packet capture challenge.
Product
Tagged:
Wi-Fi
Share:
Share
When an wireless access point wants to advertise its available networks, it sends out 802.11 beacon frames. These frames are seen by other 802.11 receiving radios, and if you can capture those frames, you can use CloudShark’s Wireless Networks tool to see all of the wireless networks (named with their SSIDs) nearby.
Today’s Wireless Access Points have multiple radio interfaces (for the 2.4 GHz and 5 GHz ranges) that can both host Wifi clients. What if you want to see capture data from both?
Read moreCDRouter’s automation platform can make it very easy to do all of these, and do them repeatedly from firmware to firmware. However, this third point involves two things: verifying that your device makes the internal changes that were configured via CWMP, and testing in your actual production network.
Read moreNow that mobile data connections have reached speeds acceptable for broadband access, more and more devices are using LTE as either their primary or backup WAN connection. As more devices get pushed into the home, this number will likely increase by quite a bit.
Read moreWith the DOCSIS add-on, CDRouter is perfectly suited for testing and verifying the higher layer network functionality of a DOCSIS-based device under test (DUT). The basic CDRouter test setup for cable gateways is very similar to the test setup for DSL-based gateways.
Read moreAs the official test platform for TR-069 certification, CDRouter’s TR-069 add-on turns CDRouter into a scriptable ACS simulator with test cases for protocol functionality, data model validation, and security.
CDRouter can automate an entire DOCSIS provisioning system. Focus on testing your cable modem and eRouter in a single test environment that can test every aspect of your devices from management to routing to performance.
Read moreIn CWMP, the CPE is always the initiator of sessions. It begins each session with a call to the Inform RPC, which contains EVENT codes that specify to the ACS the reason for the session.
Read moreThe scenarios below are serious, and so we’ve added a series of tests to our tr69_conn_req.tcl module to cover your DUT’s TR-069 security and tests for code injection in TR-069 parameters.
Read moreOne of the fundamental functions of many home and business gateways is to act as a SIP ALG (Application Layer Gateway) for setting up, routing, and terminating VoIP telephone calls. This presents some difficulty with Network Address Translation (NAT) functionality that we’ve covered before.
Read moreIn a typical home network, the ISP assigns a single Public IPv4 address to the CPE device that can be reached from the global Internet. The device assigns Private IPv4 addresses to CDRouter’s LAN clients and acts as an Internet gateway to them by mapping all of the Private addresses to the one Public address using Network Address Translation (NAT)
Read moreTesting SIP aware CPE routers is a critical part of an over-all Voice over IP test strategy. CDRouter is perfect for testing SIP aware routers using a real world test setup. Using the CDRouter SIP test module, network and QA engineers can quickly verify the behavior of a SIP aware device and avoid costly interoperability problems.
TR-069 (CWMP) provides a mechanism for service providers to remotely provision a subscriber’s home network devices, including home gateways, set-top boxes, WiFi, etc. It does this by allowing the service provider’s ACS (Auto Configuration Server) to operate on a device’s “data model” - a conceptual framework containing the set of objects and parameters that describe the CPE’s configuration and capabilities
Read morePacket capture files - files that record network traffic—are invaluable resources for network administrators, help desk staff, and IT security experts. Filled with application data and protocols, timestamps, and error codes, these files provide IT engineers with a detailed view of what took place on a network during a specific period of time.
Read moreHoles in home gateway security allow for a malicious hacker to take over a gateway in the way they would any other computer system. While the holes in most cases have been complex and deep seated bugs that would be hard to find without a lot of work, there are some easy to find bugs that seem obvious but would be missed without negative testing.
Read moreOne of the most powerful ways to use CloudShark is to aggregate captures from multiple locations. While many network devices have packet capture natively (and some integrated with CloudShark upload), for other systems, it’s necessary to use custom scripts that utilize tshark (with the CloudShark plug-in for Wireshark installed) or tcpdump in tandem with CURL to use the CloudShark upload API.
Read moreIn the course of developing the test suite for DHCPv6 prefix delegation, QA Cafe encountered a number of implementation issues that impact the functionality of IPv6 connectivity. Some of these potential implementation issues are discussed below.
Read moreCDRouter has the ability to build custom “scenario” tests to exercise the behavior of a DUT’s SNMP stack and MIB. Similar to our TR-069 scenarios test cases, this allows you to set up tests that perform SNMP get requests, set requests, etc.
Read moreHave you just started using CDRouter as a new customer or demo user, or want to know some immediate tips and tricks you can use to get testing quickly?
The popular review and ranking website for home networking, Wifi, NAS, and other connected consumer devices, smallnetbuilder.com, has revamped its test procedures and will be adding a host of functional, scaling, and performance test cases exclusive to CDRouter to measure and rank the quality of small network equipment
Read moreA CS Personal account or your own instance of CS Enterprise comes with full access to our API, letting you upload captures, search your repository, and more using your own tools and scripts.
Read moreWe were pretty excited when the developers at OpenWRT decided to build packet capture and CloudShark upload support into the popular open source software for broadband routers. It got us thinking - what are some other ways you could build a useful network probe? It turns out one of our other users decided to take the leap into building such capability using a Raspberry Pi.
Read moreOne of the most common use cases for Wifi is the ability to set up a guest network alongside another network that is used by the home user, business, or other organization. It’s also a source of a lot of problems: guaranteeing that the Wifi router or AP can handle the number of clients connecting; making sure that the security in place for the guest network and other networks works correctly
Read moreCloudShark’s display filters are 100% compatible with the Wireshark filters used in packet analysis. With CloudShark, they present a new opportunity for use when sharing your captures with colleagues in order to both present the view you are looking at, or to help navigate to a section of the capture you want them to see. Here’s some tricks we use when getting around town in CloudShark.
Read moreSometimes when analyzing problems in Wifi networks you need to go straight to the packets. What tools are there to do Wifi capture? What should you look for in your packets?
Read moreThe folks at Google Security recently discovered a vulnerability in glibc’s getaddrinfo() library function, allowing attackers to execute malicious code transmitted in oversized DNS replies. Scary stuff!
Read moreBy now we’ve all heard of the coming flood of network aware devices collectively referred to as the “Internet of Things”. While the term encompasses a wide variety of use cases that are not all clearly defined, we can come up with some rudimentary expectations on how this influx of connections will affect networks.
Read moreWhen we first made CloudShark, we stuck to making the best and easiet to use packet capture analysis tool out there. As we made more and more improvements to CloudShark and its host of analysis tools, we’ve gotten many requests for the ability to manipulate the captures themselves
Read moreWe get a lot of feedback from our users discovering new and interesting results when combining functional testing with throughput, latency, and loss testing. Having a good understanding of how performance tests work and the caveats around their results can help you determine how your functional tests are impacting performance, and visa-versa.
Read moreCloudShark’s three key features - organizing, analyzing, and collaborating - all have their own ways of making packet capture analysis easier. In particular, organizing captures in a repository that can be tagged, sorted, and tracked can be made even more potent when you use it to centralize captures automatically from a variety of sources.
Read moreOne of our most requested features that we added to CloudShark 2.6 was the ability to have captures automatically delete after a certain time period has expired. Since CloudShark can hold a virtually unlimited number of captures
Read moreWe absolutely love the community that CloudShark and the CloudShark API has created. Adding to our list of integrators is Adrian Granados creator of the free Wifi tool for Mac called Airtool
Read moreThe IETF deprecated SSL version 3.0 in 2015. This means that it is no longer be standard to fall back to SSL 3.0 in protocol negotiations, and for good reason: there have been a host of vulnerabilities in Secure Socket Layer, some of which are of particular concern to home networking devices that have web-based configuration tools or support TR-069.
In CloudShark 2.5, we added the ability to use SSL key log file data in order to decrypt SSL streams in the packet viewer. But what exactly is an SSL key log file, and how do you get them so that you can do web site and web service debugging?
Read moreCloudShark 2.5, added a cool new feature: the ability to view a small sparkline graph of each of your captures packets-per-second (bandwidth). You can add this to your index view by editing the table options in your capture file index.
Though one of the fundamental principles of CWMP (TR-069) is that the CPE endpoint is always the one to initiate a connection, Autoconfiguration Servers (ACS) can use the TR-069 Connection Request feature to stimulate a CPE to begin a session.
Read moreThe CPE WAN Management Protocol described by Broadband Forum TR-069 is a remote procedure call (RPC) based protocol. That is, it consists of two applications that interact directly with each other through a set of defined methods - in the case of TR-069, this includes device functions like Reboot, Download, etc., as well as operations that affect the device’s data model - a set of objects and parameters and the metadata surrounding them.
Read moreIf there’s one thing we noticed about 2014, it was a year of many security announcements. It is becoming obvious that perimeter security is not sufficient and each constituent system in a network must be regarded as a public system, regardless of assumption. Systems will be compromised, and preparing for what to do after an attack is just as important as preventing attacks in the first place.
Read moreDEFCON22 had a number of revelations concerning web server security of systems meant to deploy TR-069 in a subscriber network. Most of the investigation done surrounded vulnerable ACS - that is, malicious attackers gaining access to the auto-configuration server, allowing them to control many hundreds of thousands of home devices.
Read moreWireless networks are the most ubiquitous type of network modern IT departments need to deal with. There are many tools for troubleshooting them, but what happens when you need to go to the packet level?
Read moreWe’re always geeking out over the multitude of things you can do with packet capture and CloudShark upload support in the popular open source OS for embedded devices, OpenWrt.
The most well understood case for product testing is in quality assurance while a home networking product is in development, or testing its integrity between firmware revisions. But testing before, during, and after deployment can also ensure that service providers reduce costly support calls and truck rolls.
The most well understood case for product testing is in quality assurance while a home networking product is in development, or testing its integrity between firmware revisions. But testing before, during, and after deployment can also ensure that service providers reduce costly support calls and truck rolls.
Read moreHave you ever wanted to capture and analyze what network traffic your smartphone or tablet is sending? Maybe you are developing a new app and need to debug a network issue, or maybe you are just curious about what network traffic an app is sending. Using a wireless router running OpenWrt with the CloudShark package makes capturing this traffic easy!
Have you ever wanted to embed a packet trace right into the blog post you were writing? We know you have. You’ve told us you want that! When a screenshot of the decode won’t do, you can use CloudShark to share individual frame decodes in blog posts, documentation, help forums, and pretty much anywhere else you can write HTML.
Read moreHere in the CloudShark QA Department, we use many open source tools to accelerate our testing process - Capybara, JMeter, and Vagrant are each friends and family to our QA lab.
Read moreWe’re excited to have another great android app that can perform packet capture and upload to CloudShark.
Read moreYou may have recently heard of a major bug in the OpenSSL implementation, widely used to provide secure communications on the web. This vulnerability is fairly widespread, but has been corrected and will be fixed as more systems are patched. We also made an example capture and explanation of the bug and a packet capture of the attack in action at our CloudShark Appliance website.
QA Cafe is constantly testing as many home networking devices as we can find, both to make sure CDRouter is the best testing product around and to find new and interesting tests to write. During that time, we have learned that the quality level of home and business routers/gateways on the market varies considerably. We know the world of networking protocols is complex and nuanced, and often a slight oversight in a standard or interpretation of a standard can mean the difference between a functioning home networking product and a high-tech paperweight.
Read moreThere are two distinct phases required to establish a successful IPv6 connection over a PPPoE tunnel. The first phase involves establishment of the point-to-point link.
Read moreThe Broadband Forum BBF.069 CPE Certification program is the industry standard for qualifying products for use in TR-069 deployments, and is critical for ensuring that your products or service deployments will operate well.
Read moreSecuring home/soho routers and WiFi network devices has become the most important topic for vendors and service providers. Ensuring network devices behave as intended, before they are deployed, is critical to avoiding unnecessary costs, avoiding brand damage, and guaranteeing a quality end-user experience.
Read moreYou can spend hours researching what you need, or minutes discussing it with an expert! We would love to help understand your needs and if we can help. Drop us a line and lets have a chat.
Let's chat