Kwiirutha zeFiberHome esetyenziswa ngababoneleli ukudibanisa ababhalisile kwimigca yonxibelelwano ye-GPON ebonakalayo, Imicimbi yezokhuseleko eyi-17 ichongiwe, kubandakanya ubukho babasemva kunye neziqinisekiso ezichazwe kwangaphambili evumela ulawulo olukude lwezixhobo. Imicimbi ivumela umhlaseli okude ukuba afumane ukufikelela kwengcambu kwisixhobo ngaphandle kokudlulisa ubunyani.
Ukuza kuthi ga ngoku, ukuba semngciphekweni kuqinisekisiwe kwizixhobo zeFiberHome HG6245D kunye ne-RP2602, kunye nezixhobo ze-AN5506-04- *, kodwa imiba inokuchaphazela ezinye iimodeli zendlela ezivela kule nkampani zingakhange zivavanywe.
Kuyaqwalaselwa ukuba, ngokungagqibekanga, ukufikelela kwi-IPv4 ujongano lomlawuli kwizixhobo ezifundwayo Inikwe umda kunxibelelwano lwangaphakathi lwenethiwekhi, evumela ukufikelela kuphela kwinethiwekhi yendawo, kodwa kwangaxeshanye, Ukufikelela kwi-IPv6 akuphelelanga nangayiphi na indlela, ukuvumela iingcango zangasemva ezikhoyo ukuba zisetyenziswe xa kufikelelwa kwi-IPv6 kwinethiwekhi engaphandle.
Ukongeza ujongano lwewebhu esebenza ngaphezulu kwe-HTTP / HTTPS, izixhobo zibonelela ngomsebenzi wokuvula kude komda wokudibanisa umgca wokuyalela, kuwo inokufikelelwa ngefowuni.
I-CLI yenziwe ngokuthumela isicelo esikhethekileyo kwi-HTTPS kunye neziqinisekiso ezichazwe kwangaphambili. Kwakhona, ukungakhuseleki (ukugcwala kokugcwala) kwafunyanwa kwi-http iseva ekhonza ujongano lwewebhu, luxhaphakile ngokuthumela isicelo ngexabiso lecookie elenziwe ngokukodwa le-HTTP.
Iifayibha Ikhaya zeHG6245D imizila zii-GPON FTTH imizila. Zisetyenziswa ikakhulu kuMzantsi Melika nakuMzantsi-mpuma Asia (ukusuka eShodan). Ezi zixhobo ziza ngamaxabiso okhuphiswano kodwa zinamandla kakhulu, zinememori eninzi kunye nokugcinwa.
Abanye ubungozi buvavanywe ngempumelelo ngokuchasene nezinye izixhobo zefayibha (i-AN5506-04-FA, i-firmware RP2631, Epreli 4, 2019). Izixhobo zefiberhome zinesiseko sekhowudi ngokufanayo, ke ezinye izixhobo zasekhaya zefayibha (AN5506-04-FA, AN5506-04-FAT, AN5506-04-F) nazo zisengozini.
Lilonke Umphandi uchonge iingxaki zokhuselo ezili-17, ezisi-7 ezichaphazela iserver ye-HTTP, 6 kwiseva ye-telnet kwaye ezinye zinxulunyaniswa nokusilela kwinkqubo-ebanzi.
Umenzi waziswa ngeengxaki ezichongiweyo kunyaka ophelileyo, kodwa akukho lwazi ngesisombululo esifunyenweyo.
Phakathi kweengxaki ezichongiweyo zezi zilandelayo:
- Ulwazi oluvuzayo malunga neenkqutyana, i-firmware, i-ID yoqhagamshelo lwe-FTTH, iidilesi ze-IP kunye nee-MAC kwinqanaba ngaphambi kokuba kudluliswe ubunyani.
- Gcina iiphasiwedi zabasebenzisi kwirejista kwisicatshulwa esicacileyo.
- Ukugcina isicatshulwa esingaxutywanga seziqinisekiso sokunxibelelana neenethiwekhi ngaphandle kwamacingo kunye neephasiwedi.
- Ukugcwala kuphuphuma kwiseva ye-HTTP.
- Ubukho kwi-firmware yesitshixo sangasese sezitifiketi ze-SSL, ezinokukhutshelwa nge-HTTPS ("curl https: //host/privkeySrv.pem").
Kuhlalutyo lokuqala, umphezulu wohlaselo awukho mkhulu:
-I-HTTP / i-HTTPS kuphela emamele ngokwendalo kwi-LAN
Kuyenzeka ukuba i-telnetd CLI (ingafikeleleki ngokungagqibekanga) kwizibuko 23 / tcp ngokusebenzisa iziqinisekiso ezinekhowudi elukhuni kunxibelelwano lolawulo lwewebhu.Kwakhona, ngenxa yokunqongophala kwe-firewall yoqhagamshelo lwe-IPv6, zonke iinkonzo zangaphakathi ziya kufikeleleka nge-IPv6 (kwi-Intanethi).
Malunga nomnyango ongasemva ochongiweyo wokwenza ukuba i-telnet isebenze, umphandi uyayichaza loo nto Ikhowudi yeseva ye-http iqulethe umphathi ophetheyo okhethekileyo "/ I-Telnet", kunye ne "/ fh" isiphatho sokufikelela kwilungelo.
Ukongeza, iiparameter zokuqinisekisa ezinobunzima kunye neepassword zifunyenwe kwi-firmware. Lilonke, iiakhawunti ezingama-23 zachongwa kwikhowudi yeseva ye-http, edityaniswe kubanikezeli abohlukeneyo. Ngokubhekisele kwi-interface ye-CLI, kuyo ungaqala inkqubo eyahlukileyo ye-telnetd enamalungelo engcambu kwizibuko lenethiwekhi 26 ngokudlulisa isiseko se-base64 ukongeza ekuchazeni igama eligqithisiweyo jikelele "GEPON" ukunxibelelana netelnet.
Okokugqibela ukuba unomdla wokwazi okungakumbi ngayo, unga jonga eli khonkco lilandelayo.