Setting up a SMB server on a HG556a router

Vodafone Huawei HG556a

I wanted to have my external 1TB harddisk available from every computer in the home LAN, but I didn’t want to have a computer running all day. To achieve this challenge I look into the specs of the Vodafone router I have (Huawei HG556a):

Apparently, if a harddisk is connected to the router, it is mounted and can be accessed via FTP or DLNA. However, although it’s not said in the router configuration page, it also runs a SAMBA server which allows MS Windows computers (and other os with smb support) to access the harddisk as a “shared folder”.

It seemed that it was exactly what I wanted, but it wasn’t. I tried to see the contents of the harddrive through a PC and I was able to do it, but when I attempted to copy a 700MB file to the drive an error message appeared saying that it wasn’t enough free space! There was obviously something wrong...
Even if I deleted files, it reported that there was only 29MB left, which made the huge harddrive useless.

Accessing the router through telnet (changing the default admin password is needed) I discoverd that the hardisk was being mount at /var/mnt/USBDrive_1/ and the content of /etc/samba/smb.conf was:

# cat /etc/samba/smb.conf[global]   workgroup = vodafone   netbios name = vodafone   server string = vodafone   security = share[Share]   path = /var/mnt/   comment = Share files   browseable = yes   public = yes   writable = yes   guest ok = yes

With these settings, when accessing through SAMBA it was reported the free space in the router (/var/mnt/), instead of the harddisk.
Changing the path to the real mount-point of the harddisk (/var/mnt/USBDrive_1/) I got ride of that “29MB left” error message, allowing me to copy bigger files.

To modify the smb.conf file I had to copy it to the harddrive, edit it in my laptop and then overwrite the original file, because the small linux installed in the router doesn’t have vi or nano to edit text files. Of course, you need to restart the smbd daemon and repeat these steps every time the adsl router is restarted.

I also improved a bit the data rate killing the snmp and ftp service. However, it is still not very good (<3MBps), but it seems to be a global problem of hg556a. So, if anybody knows how to make this fix permanent or improve the datarate, contact me!

Developing SEDILEC website http://www.sedilec.com/

http://www.sedilec.com/

Today, I finally uploaded the website for the company called SEDILEC S.L. which is specializing in lighting and security systems.

It is a light web based on PHP and MySQL that allows the website administrator to add, edit and delete products from the catalogue quite easily.

I hope it won't throw strange errors along the time :S and it gets positioned well on search engines.

Padding video files to earn money!

Yesterday I saw a link to a very recent Spanish movie in a Torrents site. It caught my attention because it was said that it had a very good video&audio quality, what was improbable due to the fact that it opened just some days ago. So, I started to download it just to see if it was a fake or not. 

When it was finally downloaded, I tried to opened it with VLC Player. I could watch 4 seconds and suddenly it stopped playing. First I thought that the "unRARing" process went wrong (which was strangely fast), so I did it again. However, I obtained the same result. 

I decided to open the file with a hexadecimal editor, just to see if there was something "odd", and there was. Firstly, I noticed that this film was edited with "Windows Movie Maker" and trans-coded with WMV codec. 

Then, I continued observing it: meaningless bytes for me (seemed to be video data for those 4 seconds) and after that..... the word "PADDING" repeated thousands of times. The file was not corrupted, it was filled with text. 

Video file opened with a hexadecimal editor

 

Taking this fact into account, the compressed file should have been much smaller, but it wasn't (700MB). I checked with the "rar" utility and it threw a message telling me that the compression rate was set to 0%... 

So, everything was absolutely done on purpose. Who would do that? Firstly I thought about the film industry, but then I found a comment attached to the RAR file:

"Thanks for downloading!

If you have problem playing the movie, download and install the codec below :

http://7d9e0c22.linkbucks.com" 

That link led me to a website which offered the download of a XVID codec. I knew I had it already installed, so that was not the problem. However, I downloaded it and sent it to some online antivirus: It was detected as "NSIS:LoudMo-B [Drp]". 

Microsoft Malware Encyclopedia says:

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Adware%3AWin32%2FLoudmo%20

"Adware:Win32/LoudMo is a program that delivers advertisements, monitors Web browsing habits and prompts advertising popups, while automatically updating itself." 

Doing a WHOIS to the domain in which the alleged XVID codec was (downloaddirect.com) I could find that it was owned by somebody who has an email account at loudmo.com. If you visit Loudmo website, you'll see that is a company which pay per every install of their applications (which all of them are fake copies of popular apps with spyware). 

Summing up, all this mess was made with the aim of gaining money and stealing information from the users without their permission, but in a quite smart way.

A naive user would have downloaded it and when they see that their video players can't play it, would have downloaded the "codec" and got infected with the spyware. 

Today I found some more files in torrents site with the same "content". So... double check what you download!