Page 1 of 6 123456 LastLast
Results 1 to 13 of 72
  1. #1
    Join Date
    May 2009
    Location
    SC
    Posts
    1,836
    Post Likes

    BACRouter from China

    I saw this router mentioned in the Raspberry Pi thread and thought it worth breaking out that discussion. We got ours in Friday and I put it in a system today. In general the setup is similar to the Contemporary Controls BASRT but has much more detail in many areas. Screenshots of the setup pages below should be interesting to anyone that hasn't seen one. I found it fairly natural to set up and it replaced a G5RE without issue. Only snag I had is when I realized the save on the port configuration pages don't save down to flash, they only save to the running config. You'd then have to go save running config to flash at the top of the tree to retain those settings after a reboot but that's similar to a lot of networking and even some BAS equipment I've seen. In particular one trunk is talking to some dodgy lighting controls we had lots of trouble with, it's revealing the trouble it is having in the log file which is more info to go on than I had before.

    Seems like a very pleasant find you all led me to, thanks. Anyone using one in production yet? Any troubles?

    Search results for "3c3300"MAC Vendor 3C3300 Shenzhen Bilian electronic CO.,LTD
    Googling that MAC address manufacturer comes up with some interesting connections to B-link and LB-link networking gear.

    From a security standpoint NMAP found that there is a SSH port open. Trying to log into that with both the default and custom credentials I assigned failed so I can only conclude the thing has a back door in it. Has anyone got in via SSH? Also the web page shows your password in plain text with no obfuscation, so you know right up front they aren't doing a salted hash or anything like that.








    Scott Jalbert, WebCTRL ninja, Naiagara AX and Smartstruxure newb, SiteScan Retired

    The master has failed more times than the beginner has even tried

  2. #2
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    Quote Originally Posted by MaxBurn View Post
    From a security standpoint NMAP found that there is a SSH port open. Trying to log into that with both the default and custom credentials I assigned failed so I can only conclude the thing has a back door in it. Has anyone got in via SSH?
    yes, it was something trivial. admin/root, root/root, root/password, etc. 5min of guessing and your in. Its not the same as the web logon.
    Propagating the formula. http://www.noagendashow.com/

  3. #3
    Join Date
    Mar 2007
    Posts
    506
    Post Likes
    Quote Originally Posted by orion242 View Post
    yes, it was something trivial. admin/root, root/root, root/password, etc. 5min of guessing and your in. Its not the same as the web logon.
    That's too funny. So probably a quick run on hydra will gain you access to this thing. I highly doubt anyone with too much common sense would put one of these on a system connected to the web. I could see maybe if the system is has and air gap from outside if they really need a bottom dollar solution, but good quality proven BACnet routers are really not that expensive.
    Friends don't let friends Lon.

  4. #4
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    I don't know. I haven't been able to break it yet or have it go stupid with loads of traffic. More projects than time, so I haven't tested it extensively. It didn't take much to get up and running though and it seems to work as advertised.

    Being it seems you can get root access, it may be possible to change the root password and disable the SSH demon. Again, I spotted the SSH and within 5 min of guessing got in. Poked around a bit, didn't test if the filesystem is ready only or what exactly I could dink with inside it. Its running some flavor of linux. Guessing SSH could be for firmware updates, so killing it off may prevent it from ever being upgraded.

    Need a cheap router for demo board or your home, hard to beat the price. Use it on a project...not sure I have enough warm and fuzzy yet but it hasn't failed miserably either.

    Max,

    Can you crack yours open and see if its been hand worked as mine from the other thread?
    Propagating the formula. http://www.noagendashow.com/

  5. #5
    Join Date
    May 2009
    Location
    SC
    Posts
    1,836
    Post Likes
    Thread Starter
    Quote Originally Posted by noskilltech View Post
    That's too funny. So probably a quick run on hydra will gain you access to this thing. I highly doubt anyone with too much common sense would put one of these on a system connected to the web. I could see maybe if the system is has and air gap from outside if they really need a bottom dollar solution, but good quality proven BACnet routers are really not that expensive.
    Given the thing already has BACnet on it it's pretty much already in the insecure category and needs to be isolated. I just don't like seeing devices without mention of a back door and undocumented passwords.

    Quote Originally Posted by orion242 View Post
    Need a cheap router for demo board or your home, hard to beat the price. Use it on a project...not sure I have enough warm and fuzzy yet but it hasn't failed miserably either.

    Max,

    Can you crack yours open and see if its been hand worked as mine from the other thread?
    I sort of like it better than the CC BASRT, it's nice having another MS/TP port and it certainly is nice having it be capable of more than five BBMD entries. Haven't tested it's BBMD capabilities yet.



    Scott Jalbert, WebCTRL ninja, Naiagara AX and Smartstruxure newb, SiteScan Retired

    The master has failed more times than the beginner has even tried

  6. #6
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    Thanks.
    Propagating the formula. http://www.noagendashow.com/

  7. #7
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    Quote Originally Posted by MaxBurn View Post
    Given the thing already has BACnet on it it's pretty much already in the insecure category and needs to be isolated.
    LOL good point. 50/50 you can tweak the root creds as is. If not, I have to think they would be open to the idea of exposing it in the webui so it could be changed.
    Propagating the formula. http://www.noagendashow.com/

  8. #8
    Join Date
    May 2009
    Location
    SC
    Posts
    1,836
    Post Likes
    Thread Starter
    Initially I was thinking it might be useful to load openvpn/ddclient etc but given the resources available and timing requirements for MS/TP that's probably a bad idea.

    Also I forgot to mention when I received mine it was pretty dusty inside the package and has some tape residue on the top. Makes me think it might have been sitting around for a while. Hope they aren't just offloading stock and will kill it when they are out. That's probably the worst part of these, don't know what to make of the company behind them.
    Scott Jalbert, WebCTRL ninja, Naiagara AX and Smartstruxure newb, SiteScan Retired

    The master has failed more times than the beginner has even tried

  9. #9
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    IMO, I'm guessing they are working thru the process to bring this to market. Mine was a reworked reject and and priced as such. No shame there. Your build quality is a good improvement from mine. The only hand work looks to be the PTCs and the dip switches which likely pose an issue for their current assembly process.

    Just because bacnet is a fail doesn't mean I need more potential problems with a router either. Seems pretty easy just to add user defined creds or enable/disable on the SSH demon via the webui.

    They continue the path, they may be a real contender for the 3rd party router market. I got the indygogo version, you got first run product, next might be a polished device with controls on the SSH.
    Propagating the formula. http://www.noagendashow.com/

  10. #10
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    Quote Originally Posted by MaxBurn View Post
    Initially I was thinking it might be useful to load openvpn/ddclient
    Guessing its under-powered for that today. Should they decided to go for that application, this thing will rock. CC isn't moving in that direction, yet it seems like the cleanest solution paired with a driver on the OWS end. Need something to concentrate local traffic and route ows traffic, shouldn't be rocket science.
    Propagating the formula. http://www.noagendashow.com/

  11. #11
    Join Date
    May 2009
    Location
    SC
    Posts
    1,836
    Post Likes
    Thread Starter
    Minor update. I was able to get the router to accept Foreign Device Registration from WebCTRL with no issue. It also accepted a download and reading back of BBMD list which all appears to be promising, this is something the contemporary controls BASRT has a little compatibility issue with for us. I don't actually have three subnets to test BBMD function in this configuration yet but all this seems like really good news.
    Scott Jalbert, WebCTRL ninja, Naiagara AX and Smartstruxure newb, SiteScan Retired

    The master has failed more times than the beginner has even tried

  12. #12
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    Nice.

    This weekend I should have a chance to test out bbmd. ERX should make short work of it.
    Propagating the formula. http://www.noagendashow.com/

  13. #13
    Join Date
    Jan 2003
    Location
    USA
    Posts
    4,479
    Post Likes
    BBMD seems to work as advertised. Have had it setup with BBMDs on 4 subnets and both MSTP ports with a handful of various devices. Running a station on my laptop, cov disabled, every available point with a datalog. Didn't spend any time optimizing anything, or setting max masters. Didn't have any lock ups, comms failures, worked fine.

    Setup

    Name:  Network Setup.png
Views: 1131
Size:  183.8 KB Name:  BR BBMD SETUP.png
Views: 1094
Size:  16.8 KB


    Runtime stats from the BACRouter

    Name:  NET3 Runtime Stats.png
Views: 1096
Size:  57.1 KB Name:  NET4 Runtime Stats.png
Views: 1104
Size:  59.6 KB

    Poll stats from niagara & bandwidth as reported by the ERX

    Name:  Poll Stats.png
Views: 1079
Size:  21.3 KB Name:  ERX Dashboard.jpg
Views: 1090
Size:  48.8 KB
    Propagating the formula. http://www.noagendashow.com/

  14. Likes MaxBurn liked this post
Page 1 of 6 123456 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •