{"id":54,"date":"2019-06-18T20:12:32","date_gmt":"2019-06-19T03:12:32","guid":{"rendered":"https:\/\/my.apolonio.tech\/?p=54"},"modified":"2019-06-18T20:30:17","modified_gmt":"2019-06-19T03:30:17","slug":"ez-outlet-2-review","status":"publish","type":"post","link":"https:\/\/my.apolonio.tech\/?p=54","title":{"rendered":"EZ Outlet 2 Review"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"600\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-contents.jpg\" alt=\"\" class=\"wp-image-55\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Disclaimer: I purchased this for my use, there was no solicitation from a vendor to do this.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Backstory<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Over the past few weeks, I noticed that I needed to reboot my cable modem more often.  Not sure why, if because of the heat or an update, the bottom line is a reboot would do the trick.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the past, if the connection to my cable modem was down, I would connect in via secondary line, a DSL line, and reboot the cable modem through a device called an APC9211 masterswitch. I used them in a prior work environment and I like them because I could reboot a box remotely if it was hung. Problem is that these devices are old and a few of them have failed on me due to age.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">I will be out a lot this summer, and walking someone through rebooting the cable modem will be a pain.  The DSL line no longer exists, replaced by a portable Internet device, or worse, tethering through a phone.    So I needed a solution, initially, I was thinking of building my own, I am certainly capable of putting the hardware together that I could control manually, maybe an ESP8266 controlled some relays taking commands via MQTT, but time is short, and was actually cheaper to buy a smart switch than DIY.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"600\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/NewSmartSwitches.jpg\" alt=\"\" class=\"wp-image-56\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">And I did pick up a popular TPLink one that probably could do the trick, but in my search, I also came across a purpose-built device that monitors your internet connection.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"> This was the ezOutlet2 sold by ezOutlet on Amazon, another identical device is 3GStore remote IP switch, and they look identical.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Technical Details<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"> \u2022    Device Name \u2013 EZ Outlet 2<br> \u2022    Model \u2013 EZ-22b<br> \u2022    Manufacturer \u2013 Mega System Technologies Inc<br> \u2022    Weight \u2013 8 oz<br> \u2022    Standard C14 plug for power (typical PC cord)<br> \u2022    RJ45 Ethernet Connection 10\/100<br> \u2022    Electrical rating \u2013 100-240V 50\/60Hz 10Amps<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Box Contents<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"> \u2022    There is a simple 1-page manual, <br> \u2022    Mounting template if you want to mount this on a wall. <br> \u2022    A standard C14 kettle cord (common one used for PCs)<br> \u2022    Short ethernet cable <br> \u2022    The device itself.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Documentation<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"> \u2022    Application Guide &#8211; <a href=\"https:\/\/images-na.ssl-images-amazon.com\/images\/I\/61P1sbvauxL.pdf\">https:\/\/images-na.ssl-images-amazon.com\/images\/I\/61P1sbvauxL.pdf<\/a><br> \u2022    User Guide &#8211; <a href=\"https:\/\/images-na.ssl-images-amazon.com\/images\/I\/B1nf5tSijuS.pdf\">https:\/\/images-na.ssl-images-amazon.com\/images\/I\/B1nf5tSijuS.pdf<\/a><br> \u2022    Manufacturer Specs &#8211; <a href=\"https:\/\/images-na.ssl-images-amazon.com\/images\/I\/71GEJAJnb9L.pdf\">https:\/\/images-na.ssl-images-amazon.com\/images\/I\/71GEJAJnb9L.pdf<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Installation<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">This is where I diverge from the standard documents.&nbsp; Some people will appreciate the app on their\nmobile device, for some philosophical reasons, I do not want to rely on someone\nelse\u2019s cloud server.&nbsp; I appreciate the\nfact that it is easier, but I feel better controlling my own stuff, especially\nwith a device like this that can shut off your Internet.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So I basically ignore most of the User Guide, the only thing\nof relevance is the default username and password which is admin admin and a\ntiny section of the guide not much bigger than a credit card called Part 6:\nControl ezOutlet2 thru Web User-Interface<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In addition to the default creds, it wants you to figure out\nthe IP address&nbsp; that was assigned to the\ndevice, it recommends three ways, <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>the app, <\/li><li>look at your DHCP logs, <\/li><li>scan your network with a utility like Netility.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The app was a non-starter for me, and I could have used the utility or some other network discovery tool to find the device.\u00a0 It was way easier to just look at the DHCP logs and find the IP address assigned to the device.\u00a0 The mac address was on a sticker on the devices so I could have searched by that, or search the logs for EZT which the device tries to register as.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Once I get the IP address, I port scanned it to see what was open, seems like only HTTP<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"560\" height=\"151\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-portscan.png\" alt=\"\" class=\"wp-image-57\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">You do not need to do this part, it was just curiosity by me.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"> Open a browser to the device (make sure you are on the same network) and you will be presented with a basic auth login<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"197\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-login.png\" alt=\"\" class=\"wp-image-58\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Log in with the default username of admin and the password of admin and you should be able to get in,  on the right is a menu screen, and we will go through each one.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1440\" height=\"559\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-status.png\" alt=\"\" class=\"wp-image-59\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">From this page- you can have the device toggle the Cable Modem on and off or do a reboot.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Note that even though my network does assign the use Google\u2019s DNS server 8.8.8.8 nor openDNS DNS server 208.67.222.222, it uses them anyway.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Network<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">You can change these on the Network page<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"259\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-network.png\" alt=\"\" class=\"wp-image-60\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">I disabled DHCP, assigned it a static IP address on my network, disabled DNS auto-configure\u00a0 and used DNS servers on my network.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">One of the things I did to secure it was to not use a\ndefault gateway, so now, it truly is local use only.&nbsp; More on that later, because you probably want\nto be able to manage it when you are remote.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So what was it trying to communicate with?\u00a0 I looked at my firewall logs prior to removing the gateway, and saw that it was trying to communicate via DNS, NTP\u00a0 and a cloud service.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For the DNS service it was trying to query two entries<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>pool.ntp.org presumably for time<\/li><li>finder.cloud4uis.com which looks to be the cloud\nservice portion of the device.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">For the cloud service, it looked to be trying to communicate\nvia tcp port 10001 to finder.cloud4uis.com<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So I was in good shape, on the network I have DNS and an NTP server, and I do not need the cloud service because I am opting to manage this locally.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Settings<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">On the settings page, you can set how you want to monitor, the top section controls what actions the monitoring works.\u00a0 <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"341\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-setup.png\" alt=\"\" class=\"wp-image-61\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">In my setup, I disabled cloud, with no default gateway,\nthere would be no possibility of communicating with the service anyway.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Note in the time section there is no place to specify a\ntime server, it really wants to use pool.ntp.org, so my way around that is\nto configure my DNS server to return the&nbsp;\ntime server on my network when doing a query on pool.ntp.org<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Change the username and password you would like to use to access this device.\u00a0 One of the reviewers on A,mazon said to use 15 characters or less for the password.\u00a0 More on that later.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Schedule<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">You can schedule 6 different events during the week.&nbsp; You can have it turn on, off, or reboot.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1440\" height=\"797\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-schedule.png\" alt=\"\" class=\"wp-image-62\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Of course, you need a working time server for this to work.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Ping Address<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">You don\u2019t have much flexibility here, basically you have to see if http is open, or the device is pingable<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"209\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-pingservice.png\" alt=\"\" class=\"wp-image-63\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">I prefer to check HTTP, because sometimes a device is pingable, but is still down.\u00a0 So HTTP may be a better check.<strong><br> <\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Save\/Restore<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">This page allows you to perform some maintenance <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"278\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-saverestore.png\" alt=\"\" class=\"wp-image-64\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">You can restart the device itself (which would restart the\nCable Modem or whatever is connected)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Clear the settings, bring it back to factory state.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Or backup the settings to a file you download or restore\nsettings by uploading the config file.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Note that the config file is a simple plain text file, the username and password are clearly visible in the file, so make sure you secure that file.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How I did it<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">The problem with no gateway<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">So as is, I don\u2019t trust this device on the Internet because\nthe web Interface is cleartext, and I am not sure what that App does.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In order to get this to work, I used a Linux box, which I\nknow how to secure, on my local network to act as a reverse proxy to the\ndevice.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Also fixes the HTTP vs HTTPS issue<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">So right now if I type in <a href=\"https:\/\/urloflinuxbox.local\/\">https:\/\/urloflinuxbox.local\/<\/a> I do get\nthe web interface of the device<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">And it is secure (at least to the Linux box) <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"301\" src=\"https:\/\/my.apolonio.tech\/wp-content\/uploads\/2019\/06\/ezOutlet2-https.png\" alt=\"\" class=\"wp-image-65\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">I can secure it even more by using SSL client certificates.&nbsp; So that 15 character password limit on the\nInternet is not so critical.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What about Internet<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">So I can simply punch a hole in my firewall so the world can\naccess the https version of this device.&nbsp;\nBut it really should go through an alternate link.&nbsp; One problem I have is that I cannot open a\nport through that alternate link.&nbsp; I can\nonly access the devices outside, the outside cannot access my resources inside\nmy network because I cannot open any ports.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The fix costs a little bit of money,&nbsp; and that is to use a cloud service provider\nlike Azure or AWS.&nbsp; Seems a little\nhypocritical, do mention using a cloud service when I mentioned I had a\nphilosophy against it earlier in this article.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Guilty<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But the nice thing is I do control the servers and understand the service.\u00a0 So what I have are \u201cservers\u201d I control (more or less) and I provide the service.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">What I do is establish a VPN connection to my cloud server which would have a public IP address.\u00a0 I would route traffic through that public IP address back in over the VPN into my network.\u00a0 Securely, of course, using openvpn and a parameter called iroute.\u00a0 Not just route, but iroute.\u00a0\u00a0 The actual how-to is more than what I can put in this document.\u00a0 Maybe a future article.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">A More Robust Monitor<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">One way to access to reboot the Cable Modem is using a\ncommand line tool that can \u201cget\u201d web pages like curl or wget.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To reboot the device you can simple <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">wget <a href=\"http:\/\/admin:CustomPassword@ip.ad.dr.es\/reset.cgi\">http:\/\/admin:CustomPassword@ip.ad.dr.es\/reset.cgi<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Replace admin with the username CustPassword with the\npassword you created and ip.ad.dr.es with the IP address of the device.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">I tie this in with a network monitoring software called Nagios.\u00a0 If it detects that the Internet is down, it can automatically issue a reboot.<br> <br>Also, the <a href=\"https:\/\/images-na.ssl-images-amazon.com\/images\/I\/61P1sbvauxL.pdf\">https:\/\/images-na.ssl-images-amazon.com\/images\/I\/61P1sbvauxL.pdf<\/a> document hints at other ways you can control or get status from the command line.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Pros and Cons<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">PRO<\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li>Ethernet eliminates the reliance on wifi<\/li><li>Has an IEC C14 plug which uses the typical &#8220;PC&#8221; power cord.<\/li><li>No Wall Wart or External Power Brick<\/li><li>Easy to control via CLI<\/li><li>Wall mountable<\/li><li>Easy to backup<\/li><li>Easy to restore<\/li><li>Can reverse Proxy<\/li><li>Easy to reset back to factory<\/li><li>Works Locally cloud service not needed<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CONS<\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li>No physical power switch<\/li><li>No Https<\/li><li>No way to configure alternate NTP server<\/li><li>Only one user account<\/li><li>Workarounds are complex<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">In my mind, this is a simple device that has an interesting built-in feature to auto reboot a modem if needed.\u00a0 If that is all that it does, and you do not need to access it from the Internet, this device sure does the trick.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Although the attack surface is just HTTP, it is clear text, so I would not trust this device on the Internet.\u00a0 But combined with supporting devices, this may actually be a pretty great device.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">4 stars<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Disclaimer: I purchased this for my use, there was no solicitation from a vendor to do this. Backstory Over the past few weeks, I noticed that I needed to reboot my cable modem more&#46;&#46;&#46;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[5],"tags":[],"class_list":["post-54","post","type-post","status-publish","format-standard","hentry","category-product-review"],"_links":{"self":[{"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=\/wp\/v2\/posts\/54","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=54"}],"version-history":[{"count":2,"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=\/wp\/v2\/posts\/54\/revisions"}],"predecessor-version":[{"id":67,"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=\/wp\/v2\/posts\/54\/revisions\/67"}],"wp:attachment":[{"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=54"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=54"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/my.apolonio.tech\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=54"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}