Ubiquiti UniFI Dream Machine Tear Down Photos, IDS/IPS System, Honey Pot and More!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

I skimmed through, but couldn't find where they took it apart for the tear down. I'd love to see what is inside, did I miss it or did they misuse the word "tear down"?

👍︎︎ 1 👤︎︎ u/fryfrog 📅︎︎ Nov 21 2019 🗫︎ replies

Captions

so there's a sticker on about of my laptop it says you own it you own it and it's from the e FF definitely a sticker that rings true to my heart as someone who anything I've owned I've probably taken apart at some point and dove deeper into it because you know curiosity and well it's my device that I have purchased therefore I want to know more about it now I'm not gonna physically tear this apart but we will show some inside photos from someone else who did probably think is part of the FCC registration this is the unified dream machine I have a video talking about the setup and my overall thoughts on it real briefly this is an integrated Wi-Fi unit for port managed switch and router all tied into one now it is kind of like a USG but different because when you have the USG or the USG pro there's there's not a lot of advanced features this is the thing I've complained about before and this kind of has some the same limitations like I don't still see a way to add multiple IPS on the wind but I want to dive into a couple things I did find out about this device that I didn't cover in my first reviews I just didn't know they existed and thinks I couldn't find the person whose name but they had mentioned in a comment hey check out the fact that it has a honeypot and I'm like there's a honeypot on this so that got my curiosity going so we're gonna start with photos of the inside this is actually looks like the certification submitting when you're doing product but it's an FCC thing but this is the teardown of it this is also why I don't want to take it apart myself you can see the way these little clips are it would probably be challenging to get inside of those little clips without damaging the box in some way because the way the edges are on it it feels like I would scuff it up scratch it up so I didn't want to do that so I figured I'll just show you an don't leave a link to this you can stare at it and it dives down and the teardown of the device itself the way the LEDs are hooked up on this little top thing the way it's designed overall looks pretty good and like I said these are the diving into H little component of it and sizing and scaling and how it looks so for those you curious here's what it looks like and I'm not like I said tearing it apart myself I just didn't want to go go that far with it and destroy it because I like the unit it physically looks nice but now we can talk about the other things that are interesting about this so I turn to threat management on I want to see how it worked and because this routes with threat management turned down faster than previous us she devices so there's the first thing geoip filtering I've got that turned on DNS filter not a lot of information on how this works it lets you choose a setting and that's not very in-depth but then again for maybe something that's targeted to it less advanced users they just want to have an off switch for things deep packet inspection I got this turned on so it's doing this and you can add restrictions and categories and things like that I haven't really tested to see how good that is but it cool they added it this is where it's really something that's a turn that I haven't seen in any of the other softwares now I don't know if this is the controller software unlocks because it's on a unified dream machine and these just become exposed and it's some back-end that's been there for a little while they've been working on not sure but interesting is there is in a lack of documentation I can find on it an endpoint scanner and I don't have anything to show up in the endpoint scanner to show you what it looks like I don't know I don't know what it's looking for I am assuming if I put a host on here that had some open ports it would find said open ports and let us know about them internal honeypot this is where it creates and if you I only have one land so there's only option is just to tie it to the land it apparently doesn't have an external honeypot option not that I could find and it says pick a honeypot IP so my LAN IP is 192 168 1 1 and 192 168 1 2 I did for the honeypot and then we did some testing to figure out what the honeypot sees and thats actually shows up over here under threat management so if you go over your threat management and we can look at the honeypot and we'll start here so I just tell NetID from my IP address of my laptop which is the 116 telling it it over to FTP SSH and SMTP doesn't really tell you what I was doing here I'm just mashing buttons and sending data but it does give you the option when you click to blacklist or kick that client now why would you want a honeypot on network well honey pots are generally a indicator that's something on your network is scanning that maybe you if you go in here and find it you go with that's interesting something shouldn't be scanning there and then gives you a further a reason to investigate further on that host and try and figure out why it's doing what it's doing so that's pretty cool like I said the end points hand no threats detected I don't know what to stick out in the network that it's looking for but I don't have any parts open on my laptop so if I can find some documentation on that or maybe I'll hook up a handful of computers and open up some ports and see if it finds something on there now traffic log I have tor running on my system right now so by opening up the tor browser I was able to get it to flag that I was using tor okay cool that's seen it it says categories at miscellaneous attack but this didn't get flagged and this is test my IDs and alls it does is send this is the only thing that's on that site test my IDs comm you UID 0 root G ID 0 groups 0 root and it assumes is some type of privilege escalation when it gets flagged in Sarah Cotter snort there's a rule set for it it does not seem to flag that site in any way but it did at least recognize tor so you know it does something it is a challenge with IDs systems is if they don't give you a lot of fine-grained control or the backend access to it in detail then it's hard to really know why something or something is just suppressed because they suppress the test site they're like yeah we suppress that rule so that's they don't give you a lot of that I mean they do give you control let's jump over here back to the dream machine and you can go through here and suppress block blacklist whitelist these type of things so it does give you some tuning options but it doesn't give you like the back end access so for example why it didn't flag that and this is in the trouble with any idea system you have to sometimes just trust their magic or get and start doing yourself and then you have to work the magic o figure out what to flag or not to flag I didn't he says you have zero countries blocked I had people mention and I don't know the truth of this because I don't have this on a public facing IP that the GIP database is not 100% accurate in there so I didn't really dive into that but now let's take a look at the backend on this so the backend and here's the tor browser running it's still running right now and the background here it does have and I'll show you where I'm at here so this is I was digging around to see what files I can find there so here's user share you buy OSU API server config board and interesting I see both the config for you DM pro 2x by 10 and a you DM JSON file so I do see where you can start customizing and maybe changing some things in here so it does have a few different little things I was just kind of poking around through where you can do some configuration so it looks like there's some potential but not documented and and I bring this up to if we go over here one of the things is this is on the unify advanced configuration note and requirement ubiquity support cannot assist in a creation of a config dot JSON file nor will the system be right up on the command line configuration and I kind of feel I didn't find a same notice for the UDM but I'm pretty sure the dream machine is gonna fall into the same policy of this ain't supported and by the way for those you that contact us to hire us to help you with your setups and network setups we don't support it either we do get a lot of people requesting that we rate some very custom config file to do something advance with the USG it's just not we don't offer it because it can be a real pain to support and so other than me poking around with it or when I want to test things I don't really officially support doing this but I encourage people to tinker and do some learning on your own so if you go over here and look at some of the things under slash Etsy here this is like I said running to standard Linux like I said in a first review it is a flavor of Debian but it's a lot of customization that's gone in here and I also not clear on how all the config files are managed on this I did do some digging to figure out like how the honeypot you know that is just listening on ports and saying something hit the port but it doesn't really seem to do that I found at least our log any particular logging of the honeypot that I could find so it doesn't I don't think it's collecting any of the data but you can get under the hood of some of the other things and like well kind of like Sarah catalog here it is it's got zero bytes so even though we have current data in there it's actually doesn't seem to be doing anything so that's you know November 21st that's today's date but there's nothing in the log and we'll do a quick look at all the logs here so does a few different so like that unified log and everything else so there's a few things you can dig into and learn a little about the system system dot config but like I said they are I haven't found any good documentation about this to really dive deep into how it works but one thing I did find interesting is that they aren't using it in this particular model but maybe other models support this would be my assumption but docker seems to be part of the image that's in here and so maybe they're gonna add more features and I believe there's a docker image but not set up on here for a unified protect so maybe there's a way to make the unified protect work on here but there's no external hard drive storage so that would be a problem it may be some of the other devices that's how they're gonna be pulling it is with docker images so um I found that under the hood which was kind of interesting now the device itself is a lot different than a USG because unlike a USG where this just handles basically routing and this is you know the USG is basically in some back-end fashion forked from the earlier at least called viata project and but it's as a dedicated router box this is a lot different overall because you're running on here the MongoDB for the unified controller so the database engine back-end engine acts for the web interface to get to the unified controller and then running all the switch management and Wi-Fi management and everything all inside of one system so this does make a little bit different a box but to me having it all right here with a reasonably powerful board that seems like there's going to be some more people exploring and coming up with some new fancy things that they can do on it so the threat management's and these advanced feature the teardown of it looks like it's pretty well designed to put together but I wanted to take apart like I said but these edges right here I I just feel as though I'm going to really rough this thing up and I don't want it all ugly look and unless we decide to completely hack it apart and make it something more fun but for the most part I'll leave it in its current configuration I was I'm satisfied with those pictures for seeing inside of it but looking forward to if anyone has some links that they can send me post in the forums or have a discussion link me to the unify forum where it's boasted people who maybe have made some it Changez on or done some you know playing with it to see what other functionality you can get out of it or what's coming out of it I'd be interested in learning I did some digging there's not a ton of information out of there but you can SSH into this pretty straightforward it's just your UI comm because you have to register an account to set this up but it when you SSH into it it's just your route and that password to get into it necessay is open so I'm glad you know if I left it open that we can you know tinker around they seem to not mind when people start playing around with stuff but of course like this set on their site is not officially supported so let me know if you know of any more advanced stuff on there but um it's pretty pretty neat so that's the kind of the teardown in part two and a couple interesting looks at those advanced features on there better than a consumer equipment most consumer equipments not gonna have honeypot not gonna have any level of threat management so even though the threat managers basic so I think it's a good thing that you put this all in there and for you know home users or even a small little two or three person office that may want these we have a salon that we might put one of these in it's a perfect solution from it's a small you know four person salon they'd so we need Wi-Fi in that we can give them Wi-Fi a guest network and all that and one little compact thing and actually kind of looks cool so it's not like we have to hide it somewhere it's not it's not ugly I gotta admit it's cylinder-shaped so it's kind of cool thanks and thank you for making it to the end of the video if you like this video please give it a thumbs up if you'd like to see more content for the channel hit the subscribe button and hit the bell icon if you like youtube to notify you when new videos come out if you'd like to hire us head over to lawrence systems comm fill out our contact page and let us know what we can help you with in what projects you like us to work together on if you want to carry on the discussion hetero to forum style or insistence calm where we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos that are accepted right there on our forums which are free also if you'd like to help the channel on other ways head over to our affiliate page we have a lot of great tech offers for you and once again thanks for watching and see you next time

Info

Channel: Lawrence Systems

Views: 47,002

Rating: undefined out of 5

Keywords: Ubiquiti UniFI Dream Machine Tear Down, unifi, ubiquiti, ubiquiti unifi, ubiquiti networks, unifi controller, ubiquiti unifi dream machine access point/switch/security gateway (udm), unifi dream machine, ubiquiti usg, unifi security gateway, ubiquiti unifi dream machine honeypot

Id: EBwjy1UoReo

Channel Id: undefined

Length: 13min 8sec (788 seconds)

Published: Thu Nov 21 2019