Skip to content
Apr 17 / thebrotherswisp

TheBrothersWISP 44 – Mikrotik EU MUM Announcements, Unifi In-wall, News



This cast Greg is out of town so forgive the barking dogs please(I’m not just talking about Mike). We have Greg, Mike, and Tomas catching up on a LOT of hardware…like a lot a lot.

This cast we talk about:
FS.com’s CWDM/DWDM education
FS free shipping/no tax from North American warehouses
Inmates build PCs in prison ceiling
Mimosa C5 security updates
Unimus adds Cumulus support
Free Range Routing = cows with routers
Surge suppression 101
Extreme picks up Brocades routing assets
Unifi In-wall – compact inwall AC AP poe powered w/poe out
MUM products
CSS326-24G-2S+RM – 24gig/2SFP+
CRS317-1G-16S+ – 16 port SFP+, new switch chips, line rate switching, hardware STP, dual boot
wAP LTE – 2g 3g, external antenna optional
hAP mini – 2ghz radio, 3 ethernet, 8cm tall, great case design
“RB1100AHx4 – same case, new quad core Cortex A15 cores clocked at 1.4 GHz, Two SATA3 ports, Two M.2 ports, 60GB SSD included
PowerBox Pro – outdoor 5 port router, poe out af/at, SFP for fiber
mUPS – battery backed poe injector
LtAP mini

Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Here’s the video:(if you don’t see it, hit refresh)

Mar 18 / thebrotherswisp

TheBrothersWISP 43 – UBNT/Mikrotik Exploits, UBNT Airmax AC Gen2, WISPAmerica Wrapup



This cast we have Tomas, Miller, Mike, and Greg chatting it up. Greg is rocking his old robo mic, so let us know if the quality improved. I know my “P”s were a little harsh, I’ll put my pop filter back on.

This cast we talk about:
Upgrade your Cnpilots if they are running 4.3 or older.
Airmax AC Gen 2
UBNT Exploit on devices performing NATing.
CIA Vault 7 exploits 8k docs- “Hive” MTK vulnerable HTTP server
Mikrotik patched Hive hole – 6.38.5 – bugfix 6.37.5
Mikrotik fixed CCR IPSec packet reordering issue – 3/12/2017: 6.39rc51
Mikrotik MUM Denver, CO, May 25-26
WISPAmerica Interviews – WISPA Award Winnders
Packetflux Interview
Baltic/Siklu Interview
Micronet Coms Interview
Mimosa Interview
UBNT Interview
Unifi Updates Interview
SIAE Interview
McCown Tech Interview
Ignitenet Interview
VISP Interview
Contact WISPA about recording sessions in case you can’t make it, and Mike will love you.

Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Here’s the video:(if you don’t see it, hit refresh)


Mar 10 / Greg

MikroTik RouterOS v6.37.5 [bugfix], v6.38.5 [current] and v6.39rc49 [rc]

What’s new in 6.37.5 (2017-Mar-09 11:54):

!) www – fixed http server vulnerability; This is presumably the fix for the CIA Hive Exploit in the Mikrotik httpd implementation
*) chr – fixed problem when transmit speed was reduced by interface queues;
*) dhcp – do not listen on IPv4/IPv6 client to IPv6 MLD packets;
*) dude – (changes discussed here: https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/dude_v6.xx_changelog);
*) export – do not show “read-only” IRQ entries;
*) filesystem – implemented procedures to verify and restore internal file structure integrity upon upgrading;
*) firewall – do not allow to set “time” parameter to 0s for “limit” option;
*) firewall – fixed import of exported configuration that had updated “limit” setting;
*) graphing – fixed graphing crash when high amount of traffic is processed;
*) hotspot – fixed rare kernel crash on multicore systems;
*) hotspot – fixed redirect to URL where escape characters are used (requires newly generated HTML files);
*) hotspot – show Host table commentaries also in Active tab and vice versa;
*) interface – do not treat multiple zeros as single zero on name comparison;
*) irq – properly detect all IRQ entries;
*) l2tp-client – fixed IPSec policy generation after reboot;
*) lcd – show fan2 speed only if it is available;
*) leds – fixed defaults for RBSXT5HacD2nr2;
*) mmips – improved general stability;
*) rb3011 – fixed noise from buzzer after silent boot;
*) switch – fixed crash when trying to configure second master port on the same chipset (RB3011, RB2011, CCR1009-8G-1S+);
*) userman – allow access to User Manager users page only through “/user” URL;
*) userman – show warning when no users are selected for CSV file generation;
*) winbox – added “add-relay-info” and “relay-info-remote-id” to DHCP relay;
*) winbox – added H flag to “/ip arp” ;
*) winbox – added missing “use-fan2” and “active-fan2” to “/system health”;
*) winbox – allow shorten bytes to k,M,G in bridge firewall just like in “/ip firewall”;
*) winbox – do not hide “power-cycle-after” option;
*) winbox – do not hide 00:00:00:00:00:00 MAC address in unpublished ARPs;
*) winbox – fixed matching “connection-state=untracked” connections;
*) winbox – fixed typo in “/system resources pci” list;
*) winbox – hide advertise tab in Hotspot user profile configuration if “transparent-proxy” is not enabled;
*) winbox – make “power-cycle-after” show correct value;
*) winbox – make “power-cycle-interval” not to depend on “power-cycle-ping-enabled” in PoE settings;
*) winbox – properly show BGP communities in routing filters table filter;
*) wireless – fixed scan tool stuck in background;
*) wireless – improved compatibility with Intel 2200BG wireless card;
*) wireless – update Thailand country frequency settings;

What’s new in 6.38.5 (2017-Mar-09 11:32):

!) www – fixed http server vulnerability;

What’s new in 6.39rc49 (2017-Mar-09 12:33):

!) www – fixed http server vulnerability;
*) capsman – improved CAP status querying;
*) defconf – fixed default configuration generation when wireless package is disabled;
*) ike2 – check child state before allowing rekey;
*) ike2 – send EAP identity as user-name RADIUS attribute;
*) lte – added LTE signal level reading for Cinterion modems;
*) queue – fixed reboot loop when queues were used (introduced in 6.39rc42);
*) rb3011 – added partitioning support;
*) tr069-client – added “Device.Hosts.Host.{i}.” support;Glad to see they are still thinking about this – I see potential for sure.
*) userman – fixed rare crash when User Manager requested file does not exist on router;
*) wireless – fixed RBSXT5HacD2nr2 small channel support;

v6.37.5 forum topic discussion:
https://forum.mikrotik.com/viewtopic.php?f=21&t=119373

v6.38.5 forum topic discussion:
https://forum.mikrotik.com/viewtopic.php?f=21&t=119302

v6.39rc49 forum topic discussion:
https://forum.mikrotik.com/viewtopic.php?f=21&t=116357

Mar 5 / thebrotherswisp

TheBrothersWISP 42 – Youtube TV, AWS Outage, FCC Form 477



This cast Tom, Tomas, Mike, and Greg do some deep thinking…you may have believe that if it were anyone but us.

This cast we talk about:
Youtube TV
AWS S3 Outage – Human Error
Cloudflare leaking info
SHA1 encryption collissions possible, but not practical – 110 years of single-GPU computations.
FCC Form 477 filing extended
Siklu PTMP
CHINOG registration open / call for presentations
Ignitenet Metrolinq firmware update
Mimosa A5 firmware update – GPS Sync
RF Elements stock locator
Dyn’s bakers dozen 2016
6ghz SXT from Mikrotik
Ipsec XAuth MikroTik fun
Unimus 0.3.1?

Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Click the link below to view the article!

Feb 19 / thebrotherswisp

TheBrothersWISP 41 – Siklu 60-80Ghz, SIAE Microelettronica, Finding Employees

This week we have a QUICK cast with Tomas, Andrew Cox, Mike, and Greg.

This cast we talk about:
Unimus additional support for devices
Siklu does 60-80Ghz – no real details yet
Aaron Hausken‎ creates a rpi config to visually show dude status
SIAE Microelettronica
Where do you find your new employees?

Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Feb 11 / Greg

The CellVFL – Cell Phone Fiber Visual Fault Locator

So occasionally I’ll hit a site where the documentation sucks or is just plain nonexistent. I’ll walk up to the fiber panel and I won’t have a clue which port is which. One of the quickest ways to verify fiber is via a VFL. Basically, you shine light down one end of the fiber, then look for the light in the panel.

They make cute little special purpose devices, but that means you have to keep one in your bag, and make sure the batteries aren’t dead…which mine always seem to be.

One thing of mine that is always juiced up is my cell phone, so why not utilize the crazy bright LED every phone has these days?

I painted it with acetone just to strengthen the layers

LED on my cell

Using a chip clip to hold it on the phone

Is that LED bright or what

LC connector squeezes right in

It’s pretty easy to pick out which fiber is which, right

So the CellVFL just clips right on the phone, then you simply slide your LC fiber into it…annnnnd that’s about it.

Grab the STL here and print your own!

Let me know if you end up printing/using it(comments/questions always welcome).

Feb 4 / thebrotherswisp

TheBrothersWISP 40 – Licensed Backhaul List, DWDM vs CWDM Pricing, Fiberstore Switches

Tomas and Greg shoot the poop in a quick and dirty episode.

We talk about :
Licensed backhaul comparrison
Upcoming Licensed Link show
Unimus adds Telnet – “I told you so”
Jimmy puts an AP on his drone for site surveys
Anyone use Radwin PTMP?
DWDM cheaper than CWDM at fs.com
CWDM 80km 10G for 600$
DWDM 80km 10G for 420$
Fiberstore switches
Gigabit aggregation
10Gb and 40Gb aggregation
Cisco clock signal component failure recall
TP-link unifi killer?

Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp