Category Archives: Networking

Networking

Network Security – Part Deux

Your network probably is comprised of the modem/wifi router provided by your Internet Service Provider.  Most people I know are configured this way.

This is the ABSOLUTE, WORST POSSIBLE security scenario there is.   It is typically extremely old, and unmaintained in terms of software / firmware.  And you probably lease the equipment from them for $10 a month or something.  That $50 hunk of hardware has already netted them hundreds of dollars from you……..if not thousands.

So the smart play is to go buy your own router and modem.  Walmart and Target sell them and it’s more than likely that is where you will go.  Or Amazon.   First of all you cannot just hook a modem to your home.  You have to call the cable company and ask them to “provision” it.   They have to apply the settings to it to allow it to work on their network.  There is NO WAY for you to do this.  They have to do it.   if there are firmware updates for your modem you have to call the cable company and tell them to apply them or “re-provision” your modem.   You can have a secure router (HA!) and have a crappy modem which will allow you to be compromised.

Continue reading

Revisiting Routers and Security and Alternative Firmware

I get on a network security / router security kick every now and again.   For the last week or so I have been reconfiguring my main router.  I have a Netgear R7800 that was running a firmware called OpenWRT.   I prefer to run Open Source firmware on my routers for a couple of reasons.

  1. Users can view the code.  When you buy a router at Walmart or Target or from Amazon or wherever it comes with the manufacturers proprietary firmware.  You have no idea what is in the code.   Also their goals are to make money, and make the router as simple as possible so you don’t call their paid support centers.  Complex configurations that are safer cause connection problems.
  2. There is a community of people who submit security and performance changes to the Open Source firmwares.   When exploits are discovered they are patched.   When is the last time you got a firmware update on your home router?

Router exploits and bugs are SCARY and all too frequent.  Here is a good resource where recent bugs against routers and modems are listed from news articles.  Scroll down that list.  I bet you won’t get far before you see a recent exploit discovered against your home router.

Continue reading

Firewalls And BIOS’s And Coreboot

I’m into computer security a little bit and always striving to learn more.  I’m also a firm believer in Open Source software.  In Proprietary software you don’t know really know what’s going on.  Case in point:  Alexa, Siri, Hey Google.  They say it isn’t spying on you but you know that it is.

With Open Source software you can view the code and see if any hanky panky is going on.

There are a lot of Open Source Operating Systems such a Linux.  But here’s the catch.  You run your Open Source OS which gets launched by a firmware (BIOS – Built In Operating System) which is PROPRIETARY!.  Also it can prevent you from installing a 3rd party device such as a battery, or charging brick.   Major exploits such as HeartBleed (remember that scare a few years ago) live and breathe in the firmware.   You can slick the OS, change the hard drive all you want but you are still compromised AND YOU DON’T EVEN KNOW IT.

Let’s lay out a scenario.
Continue reading

Over The Air Television

Some time back I did the math and decided that full blown cable or satellite TV just wasn’t worth it. High speed internet, Hulu, Netflix, and Sling are still way cheaper per year than cable TV. Also if there is that one or two shows that you can’t live without in this day and age you can buy them on Amazon Prime or Apple TV and it is still cheaper than a year of cable TV.

Of course now that broadcast, over the air television is transmitted in digital you can improve your content simply by sticking an antenna up. I’ve run the gamut of indoor amplified antennas and suffice to say I’m in a poor region for broadcast TV. I can typically get 7 or so channels at my home, 6 of which are mostly worthless. So I opted to get a Mohu Sky 60 Antenna to stick in my attic.

Right away I got a slew of channels including the two major players I needed. Fox and CBS (FOOTBALL!)

Although they claim the Mohu Sky 60 is omni-directional it is very much a directional antenna. and unfortunately for me positioning it to get great reception on CBS screws up Fox. Still I’m convinced there is a magic location that will pull it all in with ease. I know it is there, because I’ve found it several times however when I mount the antenna the magic spot loses its magic. The Mohu Sky 60 also comes with a preamplifier WHICH IS WORTHLESS. The antenna performs better in every respect without it (in my application).

Continue reading

FreeNAS Server

A few years back I built a home server based on information mostly obtained from this blog  I never really knew how bad I needed this server until it went down about a month ago with a motherboard failure.   My server was built with these components:

And  of course I’m using the operating system FreeNAS which is free and is pretty much the best Server OS there is.  Yeah, that’s debatable, I know.

I also use something called OpenMediaVault on the little teeny tiny piece of the server you can see in the right side of the picture.

The little piece of the server to the left is my backup to the backup server. Can’t be too safe!

 

Continue reading

RSPDuo Running over Network on RSP_TCP

I just bought an RSPDuo from SDRPlay and I wanted to see if I could hook it up so I could access it from the network just like I do my Airspy HF+ on SpyServer.

So you dig around on Google and you find out that sure enough you can however it wasn’t as easy as it appeared. Believe me, it never is.  I am running my RSPDuo from an Ubuntu 18.04 laptop.  In SDRPlay’s defense they have a Raspberry Pi image on their downloads page and this stuff may already be configured. I won’t swear to that though. Laptops have a hell of a lot more OOMPH than a Raspberry Pi though and I just like messing around in Linux.

Lets get started:

Continue reading

Making Your Refrigerator SMART

I have an old refrigerator in my garage which I suspected was a power hog.  I bought a Sonoff S31 Power Monitoring outlet and flashed it with custom firmware (Tasmota) and blogged about that here.

I’ve since figured out you can do a WHOLE LOT MORE with a Tasmota flashed Sonoff S31. I figure there are two important things you’d want to know about an old refrigerator.

  1. Is it running?
  2. Has the door been left open?

Both answers can be tackled with home automation.  I use the EXCELLENT program HomeAssistant.  So let’s get to it, shall we?

Continue reading

Running an RTL_TCP Server Off Of A Router

An RTL_TCP server first of all is a taking a USB Software Defined Radio and setting it up as a server for receiving radio signals within the frequency parameters of the SDR device which can them be connected to from anywhere.  For example an RTL-SDR Version 3  operates from about 500 kHz (with direct sampling enabled) to about 1.7 GHz.

So if you set up the server you can be anywhere provided your server allows incoming connections to the internet or you can access your network via VPN, as I do, and connect back to it and hear all the local radio stations or radio signals that interest you.

What good is that?  Maybe there is a radio program you like but the station doesn’t stream.  Maybe you want to hear your kid playing his high school football game broadcast on local radio.  Maybe you set a microphone and transmitter up in your home as a security device (such as a baby monitor).  Maybe you want to listen to the local weather broadcast or maybe you are a scanner junkie and like hearing your local police scanner.  Whatever.  There are lots of reasons.

Continue reading

pfSense Hardware Firewall

I am always blathering on about network security. The only real security is a firewall. Your router that you bought on Amazon or at Walmart is NOT secure. Look at the box. It says it is FAST. It doesn’t say it is secure. Furthermore there is a sticker on the bottom of it with a WiFi password that looks like this:

098798te6rfghjvhfydtHY(UYGIGUYTTUI^(*&)(&*(^*&T*&%TGYIKHLNLKL

That’s awesome. It really is.

So then you plug your router into the cable modem which attaches it to the INTERNET via direct physical connection. Guess what the password is for that direct physical connection?

Answer: password

Continue reading