United States-based WISP distributors

Posted on by Leave a reply

The following is an extensive list of distributors who sell products related to the Wireless Internet Service Provider (WISP) space.  This not a total list, but an extensive list.  If you are not on this list or want to add your own description then donations are always welcome.  It takes time to make these lists and there is nothing more motivating than some Paypal donations (https://paypal.me/j2sw).

Last Updated: 10 January 2020

Justin’s List of xISP vendors and resources

Posted on by Leave a reply

I have been working on this list for a while. The following are vendors, manufacturers, and various companies I have dealt with in my career as an ISP owner and consultant. This is not a complete list by any means. These are companies I have dealt with personally and/or are sponsors of this site. Companies with the are ones that support this blog and I personally recommend.  I don’t recommend them just because they support this blog, but because they provide a good product or service. If you would like to be included on this list please contact me as I am working on more detailed lists per category.  This is a starting point for those looking to narrow down some focus of their research.

Distributors
ISP Supplies
Texas-based distributor carrying a big number of product lines such as Cambium, Mikrotik, Airspan, and many others

Baltic Networks
Chicagoland based distributor carrying product lines such as Mikrotik, Cambium, and others.

CTIconnect
Distributor of fixed wireless and telecommunications infrastructure for Internet Service Providers (ISP’s), Cable Operators, Telephone Companies

Double Radius

Billing
Azotel
Mature billing solution which can
manage all aspects of your ISP.

Sonar
Modern Billing software with many backend automation

VISP
Automation and control of your WISP customers

More Billing providers can be found at xISP billing platforms

Manufacturers
Baicells
LTE and CBRS based solutions

Cambium Networks
Manufacturer of fixed wireless products such as EMP, 450, and cnPilot wireless.

Mikrotik
Manufacturer of Mikrotik routers and RouterOS routing and switching products

Ubiquiti
Manufacturer of WISP and WIFI products. Product lines include AirFiber and Unifi.

Tower Related
TowerOne
Training and equipment to keep climbers and companies compliant and safe. Large selection of needed items such as Harnesses and rope related items for tower work.

Voice
Atheral
Unified communications with experts to help you migrate and stay compliant. Here is a link to a podcast I did with Ateral.

True IP Solutions
Unified communications solutions integrated
with access and camera solutions.

Training
Rick Frey
mikrotik training and certification as well
as consulting and integrations solutions

LinkTechs
Training on Mikrotik and distributor of related products

More info on training for the xISP 

Supporting Services
TowerCoverage
RF Mapping and Modeling for tower sites and customer pre-qualification

Wireless Mapping
Radio Mapping, two-way radio, mark study information, and Municipal broadband.

IntelPath
Microwave and Millimeter Wavechannel procurement.

Organizations, web-sites, and groups
WISPA
Trade Organization supporting Wireless Internet Service Providers=

WISP Talk on Facebook

Cambium Users group on Facebook

YouTube Channels 
TheBrothersWISP
Networking, ISP, and related topics

MSFixit


Did I forget you? Would you like to sponsor this blog and your name listed? Contact me for more information.

Denial of Service and the xISP Part 1

Posted on by Leave a reply

Most service providers have been the victim of a Denial of Service (DoS) attack at one point or another. Sometimes you may not realize you are under an attack. A few months ago, I posted a simple screenshot at https://blog.j2sw.com/networking/anatomy-of-a-ddos/ of what an active DDoS looks like.

Types of Attacks
In order to know what to look for you have to understand the four basic types of attacks. I will outline this and talk about how modern attacks are affecting Internet Service Providers (ISPs). In my next article, we will talk about identifying these types of attacks and some mitigation techniques you can employ.

Throw everything at you attack aka Buffer overflow
This type of attack is throwing enormous amounts of traffic at you to fill up your switch and router buffers, causing the device to exceed its capabilities. Your devices become crushed by an overwhelming volume of data throw at them. This attack isn’t always sheer bandwidth. Sometimes it is tens of thousands of remote connections.

Attacking vulnerable protocols
Attackers go after exposed services like ICMP to do amplification attacks. Fragmented packets, which keep the router tied up are also a common method of attacking a host.

Application attacks
These are the ones most consumers hear about. Vulnerabilities in operating systems, applications, and packages are exploited and used in attacks.

Hacks
The fourth kind is not lumped in with Application attacks, but I wanted to separate it for a few reasons. The first reason is that someone compromising a system is not always sophisticated. If a bad actor guessed the password on your router and erased the configuration, they have performed a Denial of Service against you. If you don’t keep your software up-to-date and someone exploits a backdoor and “hacks” your system, they have performed of DoS attack.

Modern Attacks against networks
Modern DoS attacks are always evolving. As network administrators find ways to mitigate these attacks, the bad actors find ways to tweak them and get around mitigation techniques employed by providers. Most of the exploits above involve sheer volumes of traffic or connections being directed at a host to take it offline. This attack is especially detrimental for service providers because it takes your customers offline if the attack is significant enough.

One of the most common techniques these days is the Distributed Denial of Service attack (DDoS). These are usually botnets involving thousands of compromised machines or devices acting against a host(s). These can be anywhere in the world. They could even be users inside your network with compromised machines or other devices. Distributed attacks are hard to mitigate because they can be legitimate traffic pointed at a web-server as an example. The traffic is not malicious from a technical perspective. You have thousands and thousands of machines sending legitimate requests to a web-server or other host on your network. This traffic looks legitimate but is overwhelming for your hardware and Internet pipe.

Image courtesy of https://www.imperva.com/blog/how-to-identify-a-mirai-style-ddos-attack/

So what does a DDoS look like and what are your options when it comes to Denial of Service Attacks? In my next article in this series, I will talk about some best practices you can do so you are not as vulnerable to these types of attacks.

Elitism in the I.T field

Posted on by Leave a reply

Have you ever ran across this guy? If not, maybe it’s you.

Elitism is in every field. I.T/Networking/Programming fields highlight the elitism more than other areas for several reasons. We will dive into some of these reasons and maybe shed some light on the behavior to get folks thinking. This article is full of lots of over-simplistic generalizations to illustrate a point. There are always exceptions to the things I mention here. On the flip side of that, some of the things mentioned are the exception.

One of the things i tend to see crop up on a regular basis is the elitism attitude.

“my way of doing things is better than yours”

“Haha. you are stupid for doing it that way”

“that is so 10 years ago”

So what makes an elitism attitude? Not seeing the entire picture for one. Things are always done for a reason. At the very basic level it is ignorance. They don’t know any better. Other times, it was a 3AM fix that was supposed to be temporary. We all know how temporary can turn into permanent.

Why do some folks feel the need to bring others down? there are entire sections in the bookstore (remember those?) related to psychology of the human mind. Let’s explore some of the ones I have seen over my 20+ years in the I.T. field.

Happy Birthday Derek! | Naked Studio

Personality traits and proficiency
I.T. folks are not the only ones who suffer from personality quirks. The I.T. field has historically had a wide gap between those who know technology and those who don’t. This has allowed personalities who lack the self-confidence to really find their niche and excel at things. Once they experience this new sense of importance, it can go to their head. This can result in an “I am better at this” attitude.

Absolute Power corrupts absolutely
I have heard this story over and over. A company has a “computer person” who has built their network but refused to share the inner workings, never did documentation, and all-around kept as much information as they could to themselves.

In over their heads
Human nature tends to tell us if we ask for help that is a sign of weakness. As I.T. departments become more and more sophisticated their knowledge-base has to expand to learn new software and new technologies.

Age makes a difference
As we get older we tend to get set in our ways. For the most part, our thirst for knowledge tends to wain. We start experiencing the “Get off my lawn” feeling more and more.

Some of this is due to us getting set in our ways. Sometimes the best way to do something can be the way it’s always been done. This can be a double-edged sword.

Criticize without action
The biggest pet peeve of mine in the I.T. industry are those who criticize what others do, without offering their own solution. I often put out blog posts and other content to get conversations started or fill a specific need.

Always the flip-side
You have two sides to every coin, both sides of a record (I’m really dating myself now), and two different perspectives. So why go through all of this? People are going to be people, right? Well, the wrong people can be toxic. One thing to keep in mind in any business is you are there to support the customer. No business is without a customer; otherwise, it is a hobby.

When it comes to I.T., ignorance can only get you so far. At one point, you have to “up your game.” The problem becomes when the less informed look to their peers and those peers are sitting on an Ivory Pedestal telling everyone how, if they aren’t doing XYZ, they are dumb. It’s not the industry peers’ job to help those who are only hurting themselves. Nor is it their job to criticize them. if they want to be constructive, they can start mentoring some of their peers who need help and ask for help. Not everyone needs or wants help, no matter how wrong you think they are.It takes a certain balance to carry yourself as a true expert without coming off as rude or self-obsessed. Remember that I.T. is nothing without the customer.

If you are in any field think about your next encounter with your co-workers.  I am not talking about water-cooler talk.  Think about your interaction if you are in a support role.  Are you condescending? Think about your interactions with others in the field.  How do you treat them?  We all have bad days, but those should be the exception to the rule.

I have a backbone provider that every time I call their support I am blown off as it is a problem with my configuration.  I know it’s not, but I am not arrogant enough to think I am right without first double-checking my work.  I won’t call until I know it’s my issue. These types of interactions cut down on the flow of information.  They don’t foster a good working relationship with someone I am paying money to.

Don’t be Nick Burns, the Computer guy.

Quick and Dirty Baicells eNODEB Mikrotik Rules

Posted on by Leave a reply

If you have a Baicells eNodeB you wish to restrict access to these Mikrotik rules will help. There are some assumptions made. The following rules are meant to be a base for incorporating into your network.

/ip firewall filter
add action=drop chain=forward src-address=10.0.0.2 src-port=443 protocol=tcp \
   dst-address-list=!baicells_cloud
add action=drop chain=forward src-address=10.0.0.2 src-port=8082 protocol=\
   tcp dst-address-list=!baicells_cloud
add action=drop chain=forward src-address=10.0.0.2 src-port=48080 protocol=\
   tcp dst-address-list=!baicells_cloud
add action=drop chain=forward src-address=10.0.0.2 src-port=4500,500 \
   protocol=udp dst-address-list=!baicells_cloud
add action=drop chain=forward src-address=10.0.0.2 dst-port=80,443 \
   protocol=tcp dst-address-list=!WHITELIST


/ip firewall address-list
add address=baiomc.cloudapp.net list=baicells_cloud
add address=baicells-westepc-03.cloudapp.net list=baicells_cloud
add address=baicells-eastepc04.eastus.cloudapp.azure.com list=baicells_cloud
add address=1.2.3.4/24 list=baicells_cloud
add address=1.2.3.4/24 list=WHITELIST

10.0.0.2 is your eNodeB

The 1.2.3.4 above is your management Subnet.

You can tighten these rules up by combining them, or create a new chain. This is quick and easy and anyone can understand. What it does is allows the eNodeb to only communicate with the Baicells cloud and your management network. It also only allows you to access your eNodeB from your management network. These are not a complete ruleset but something to build upon.

Using Splunk to monitor literally everything on Mikrotik

Posted on by
This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.
To view this content, you must be a member of Justin Wilson's Patreon
Unlock with Patreon
Already a qualifying Patreon member? Refresh to access this content.

Interesting Amazon item: iodd Mini USB 3.0 256-bit Secure encrypted SSD Drive

Posted on by
  • AES256-XTS/Write protect Blocker/WinToGo/AutoSleep/Safely Removal/Firmware Updater
  • Provide bootable Virtual USB Drive function can be used with Rufus or similar other tools
  • Recognized as Bootable HDD for Windows 8,LInux,Mac OS. Selecting VHD files let you can multi-boot.
  • Optimized for handheld / Light and small size fits in your hand
  • Simple and powerful features / built-in help / multilingual support