The utilities at SmallNetbuilder's web site can generate an almost infinite variety of performance charts but to give you a head-start, I generated a few myself, with some other BYOD
- The maximum raw data rate for 100Mbps Ethernet is 12500 KBytes/sec (12.5 MBytes/sec) and 125000 KBytes/sec (125 MBytes/sec) for gigabit
- Firmware version tested was 1.00.17
- The Western Digital drives supplied by Trendnet were a WD800AAJS and a WD800JD
- The full testing setup and methodology are described on this page
Figure 18: TS-S402 100 Mbps Write
Figure 19: TS-S402 100 Mbps Read
Figure 20: TS-S402 1000 Mbps Write
Figure 21: TS-S402 1000 Mbps Read
You can see that, overall, the
Under the Covers
Figure 22 shows the main board of the S402.
Figure 22: TS-S402 Main Board
As you can see, the main processor chip is covered, but Trendnet documents it to be a Marvell 88F5182 Orion processor. a popular
First, I attempted to figure out a way to make the
So, I had to turn to a different mechanism. One common flaw I find in consumer NASes is in the handling of the alert email address. All too often, whatever you pass in gets blindly sent to a script that sends out the email. To see if the TS402 was susceptible to such a hole, I modified my email address to add a command, bracketed in
Figure 23: TS-S402 Hacking the alert mechanism
In my script, I first executed a simple "ps" command with the output redirected to a file to show all running processes. Then I did a recursive listing of all files on the system, once again with the output redirected to a file.
My next problem was getting the box to send email since there was no "test" button that I usually like to see. Up to now, I hadn't gotten any email so I didn't know under what circumstances email would be sent. If anything, email should be sent when a disk fails, so once again I yanked the cable from a drive. And when I went back to see if my new files had been created, voila!
From here it was a short path to take complete control of the S402. First I searched for a telnet daemon and found one in the /usr/sbin directory. Then I modified my script to fire it up, and when I yanked a drive again, I was in. (Figure 24)
Figure 24: TS-S402 Telnet Access
Getting root access was as easy as issuing a su command, since the root account had no password! As I poked around I saw a number of interesting things. First, the S402 appeared to have 64 MB of RAM instead of the 32 listed on Trendnet's web site. And the Linux kernel was version 220.127.116.11 instead of a 2.4.25 kernel as listed in the specs.
A list of the running processes showed an undocumented rsync backup daemon running. Rsync is a nice feature to have, but it really needs to be configured properly. A quick rsync test from my Mac showed that it would give read and write access to all the files on a share, from any box on the LAN no password required. Oops! Definitely something good to know.
More poking around showed that the iTunes support was via Firefly and that it was running a broken configuration web server on port 3600 with an admin password of 111. The UPnP A/V support was provided by uShare. Digging around the log files showed why my email alerts were failing. The following error message was found in a system log:
<root@nas> sender rejected : invalid sender domain <root@nas> sender rejected : invalid sender domain
Evidently Comcast, my ISP, didn't like the way the S402 was sending email (with an invalid domain name) and rejected its attempt. Poking around more showed a standard set of utilities such as Samba, busybox, boa, etc. With all of this GPL software in use, Trendnet is bound by license to priovide source code, but I could find none on either the web site or on the delivered CD. Hopefully this was an oversight by Trendnet that will be corrected soon.
All three of these products are based around a similar Marvell chip and design.
Although the S402 has some nice capabilities, it has bugs and little to make it stand out from the crowd. So if you're looking for a