Configuring WDS to extend your network

Want to extend your network and make it more reliable and robust?   

Here’s what you will need -

  • Two routers with the same firmware
    • Preferably Tomato or DD-WRT

Login to the first router.  

In this example, the static number 192.168.1.1 is the Main router.

  • Enable the WAN to match your ISP  
  • Enable DHCP
  • Enable Access Point + WDS  (Picture two below)
    • You must have the same wireless configuration on both routers
      • Enter the MAC address of router two under WDS Link with.

Router 1 no 1

Router 1 no 2

Login to the second router

  • Disable the WAN
  • Disable DHCP
  • Assign the router a static IP address (Below we have given the router .250)
  • Enter Router One’s IP Address for the Gateway
  • Enter a DNS of your choice
  • Make the wireless configuration the same as the first router.  Under WDS, change the drop down to automatic.

Router 2 no 1

Router 2 no 2

With the same settings, you can now extend your network several hundred feet under the right conditions.  Because the SSIDs are the same, once you join one of the routers with a smartphone or laptop, it will seamlessly change to the stronger signal.

With Tomato, you can chain together approximately 12 devices.

Links-

Tomato RAF

Shibby’s Tomato

DD-WRT

Note; The IP addresses and MAC addresses are in a lab environment.

Installing Linux Lite – A mini review

Home users that ONLY check email and use very few other programs may consider replacing their OS.   Linux has made an exceptional gain over the past several years with a Programs (Add/Remove) component and with hardware drivers.

To see just how Linux Lite stacked up other OSs, I decided to load it in Oracle’s VirtualBox.  The little over 600+mb download is comparable in size to Windows XP.  The ISO can be burned with an image burner to make a bootable CD/DVD.  Before you decide to switch, remember there are limitations to Windows software even with Wine.  Wine is a software application that allows you to run Windows programs.  Hunting around the internet you’ll find hundreds of Linux programs comparable to Windows programs.  You don’t have to look far considering the Linux repository has hundreds of programs.

After loading Oracle’s VirtualBox, simply walk through the New OS wizard, select Linux, allocate 2 GB of RAM and 8 GB of HDD space if you can.  Once you have completed this step, click on Settings and select bridge on the Network Card and load the ISO under storage.

Once you complete that step, start the OS and follow the on screen prompts.

1

(Above) – initial load screen.

2

Loading the OS into RAM

3

Load time of around two minutes for the initial screen to appear.

4

Select your language.

5

The above screen is checks to insure hardware and internet connectivity is ok.

6

Erase the hard drive.

7

Below – set your location for the time.

8

Select the keyboard layout.

9

Setup an initial user and password.

10

Copying files

11

After the installation, Restart your computer (VirtualBox)

12

Booting up from the hard disk drive.

13

Login and options.

14

The initial desktop is clean.  Don’t let this fool you.  The amount of programs and options for an internet user is excellent.

15

 

17 updates

 

Checking for updates is easy.  Simply click on the menu and select update.  Provide your login password and Linux Lite does the rest.

Printer setup

If you have a printer that supports IPP Protocol, login to the printer’s web address and Enable IPP.   The printer in our home is the Samsung SCX-3400 wireless.  An inexpensive laser printer that provides for thousands of pages with Samsung’s toner cartridge.  The printer provides hundreds of options for Windows, Apple, Linus or mobile devices.

printer

 

What programs come with Linux Lite?  Hundreds of items.  Here’s the main categories.

  • Office
  • Games  (Such as steam and others)
  • Graphics  (Gimp and more)
  • Accessories
  • Internet (email and browsers)
  • Multimedia
  • System (dozens of tools)
  • Settings

accessories Games Graphics Internet Multimedia Office settings Sharing System

 

If you ONLY use the internet and want to look into an alternate operating system.  Linux Lite may be for you.  It is easy to use, install and offers hundreds of programs.

Protecting your network by pen testing it

This post is for educational purposes and any use of these tools against a network without explicit permission could be illegal.   Metasploit is designed to identify weaknesses in networks and hardware/software on a network.  Do NOT use metasploit for other reasons.

Want to protect your network and the computers in your network?  You can get updates for your operating systems (Linux, Mac, iOS, Android, Windows or whatever) along with updates for third party programs yet you can still be unsecure.    When updating these products, you also have to remember firmware and updates for wireless devices, access points, bridges, firewalls, routers, switches, SCADA devices, robots, mobile devices, printers and any device on your network.

Metasploit

http://www.metasploit.com/download/

Metasploit Community is free and allows for a free scan of your network or server. Although limited (Try Pro for details and Brute Force), Metasploit Community is a first step in finding open services and ports on your operating system, hardware devices such as routers and other devices.   The trick to installing Metasploit is to disable your antivirus or make exceptions to what your antivirus finds.   You should truly install the software inside of a VM (Virtual Machine) so that your computer remains protected.

You can use Metasploit to protect your network by ‘seeing’ what a hacker or malicious person would see.  Truly for network professionals and auditors, this software can help you identify services, ports and weaknesses in your network.

There are several versions of Metasploit – Community, Pro, Express and Framework (Compare Editions)

Metasploit     Metasploit Two

Metasploit Scan Complete     metasploit Hosts

Metasploit Services After Scan

The above scan was in a controlled lab.  Malicious scanning of networks may be illegal.  Read  Penetration Basics on Metasploit’s website.

Tutorials (Videos)

Best IT Professional sites on the web

It’s hard to find great quality information that can be used by IT professionals.  One of the best sites on the web is GEGeek.  This site offers information that is updated often and covers a wide range of IT resources and troubleshooting.  This versatile site offers answers to IT questions covering a plethora of topics from legacy to modern day resources.

No where on the net can you find this amount of information.

GEGeek

 

Rick over at What’s On My PC has another site that is one of the most resourceful sites on the web.
Bookmarks 4 Techs links to over 700+ sites and blogs on the web.  The site offers links, RSS Feeds, news and hundreds of other links.

Bookmarks4techs

The life of a file

The life of a file…

8:00 a.m.  The executive secretary begins writing a credit memo for several clients.  The file has sensitive data.

8:15 a.m.   The file is saved to the documents folder on the secretary’s desktop.   The document is truly on a domain server in her profile folder.   There is one copy of the file.

8:17 a.m.   The secretary opens her email and attaches the file.   The secretary emails the document to ten recipients.

8:17:30 a.m.  The file goes to ten different email servers.

8:18: a.m.  The file now sits on eleven computers- ten email servers and on the company’s domain server.

8:19 a.m. The file gets downloaded onto three tablets and one notebook.   The file is now on 16 devices.

8:19 a.m. The file received by two of the email recipients above is synchronized to a cloud backup service.  The file is now on 19 devices.

8:20 a.m. The file is received by the above tablet and is synchronized onto a cloud backup service and synchronizes with the end-user’s phone and their home desktop computer.  The file is now on 22 devices.

8:20:45 a.m. The file on the above recipient is copied to a third party storage solution from their phone.  The file is now on 23 devices.

8:21 a.m.  The file now synchronizes from the one of the above tablets above and is forwarded to a private email.  The file is downloaded to their phone.  The file is now on 25 devices.

8:29 a.m.  The file is received by the remaining six recipients and is synchronized to five cloud servers, lands on four laptops and three smartphones.   The file is now on 43 devices.

8:30 a.m.  The corporate server synchronizes to a backup drive and shots the secretary’s file to an offsite backup.  The file is now on 45 devices.

8:35 a.m.  The secretary copies the file to a USB drive and prepares for a business meeting at another location.  The file is now on 46 devices.

9:05 a.m. One of the email recipients copies the file to a flashdrive and gives the file to an associate.  The file is now on 47 devices.

9:07 a.m. The secretary arrives at the off-site location and gives the flashdrive to a co-worker.  The co-worker prepares for a presentation and copies the file to a presentation laptop.  The file is now on 48 devices.

9:08 a.m.  The flash drive is placed into the pocket of the co-worker.   One of the email recipients copies the file onto a server and shares the file to 8 co-workers.   Six of the co-workers download the file to their tablets.  The file is now on 55 devices.

9:10 a.m.  The presenter at the offsite location  jogs to an out building to get supplies for the meeting.  The flashdrive falls through a hole in his pocket.

9:12 a.m.   An archiving program on the second server copies the file into a data warehouse server.  The data warehouse server makes a copy of the file and backs up the file.  There is now 57 devices.

9:15 a.m.  One of the email recipients cannot open the file on his tablet.   The email recipient copies the file to a flash drive and moves the file to a company laptop.   The file is now on 58 devices.

9:20 a.m.  An email recipient forwards the email to a wrong address and to three correct addresses.   The file goes to four email servers and is downloaded to three laptops and onto a desktop of one user.   The file is now on 67 devices.

9:21 a.m. The email is synchronized to other devices for the last group of recipients.   The file lands on an addition nine devices.   The file is now on 76 devices.

9:30 a.m. The email servers backup the files for the recipients.  The file is now on now on 90+ devices.

9:31 a.m.  The meeting starts at the offsite location.

9:32 a.m.  A stranger finds the flashdrive that was dropped outside of the building.   Another stranger downloads the email that was wrongfully sent to them.

In today’s world, your one file grows as though it were a microorganism.   It is held by many corporations and can be seen by many individuals…in the first hour.

ncsam10_bnr3

Great Networking tools to analyze your network

ICSI Netalyzer is an excellent online tool that measures over 100 areas of your internet connectivity.  Use this to troubleshoot your internet connectivity.  Hosted by the University of Berkeley, this online tool is a must have when optimizing your network.  http://netalyzr.icsi.berkeley.edu/

This slideshow requires JavaScript.

NANO Project – “NANO identifies performance degradations that result from network neutrality violation by an Internet service provider (ISP), such as, differential treatment of specific classes of applications, users, or destinations by the ISP.”   http://www.gtnoise.net/nano/   (Currently available for Linux only – Windows coming soon)

HostView -“HostView is an end-host measuring tool to collect network performance data annotated with users’ perceived quality of the network. Traces collected with HostView will be invaluable for us to design algorithms that automatically diagnose performance problems in individual applications as perceived by end-users.  (Currently for Mac)  http://cmon.lip6.fr/EMD/Download.html

HomeNet Profiler – gives a look at your network around your home – results are uploaded and a private link is given (research only)  http://cmon.lip6.fr/hnp/pages/home

Install LXDE, the “Lightweight X11 Desktop Environment” in VMWare Player

LXDE

LXDE, the “Lightweight X11 Desktop Environment”, is an extremely fast  and energy-saving desktop environment.    LXDE a spinoff of Fedora and is an excellent way to learn how to use this version of Linux.  LXDE is easy to install and the software is easy to use.    Virtualizing an operating systems is the easiest way to try out an operating systems without wrecking your computer.  VMWare Player is an excellent virtualization software that controls your virtual machines. . With VMPlayer, you can create virtual machines with up to 4 virtual processors, 2TB virtual hard disks and up to 64 GB of ram.

For this project, you’ll need two pieces of software.     Download the ISO (LXDE)  from fedoraproject.org and VMPlayer from VMWare.

  • The ISO for LXDE can be downloaded here.
  • VMWare can be downloaded here.

The setup of VMware Player is straight forwarded.   Installation instructions are found here.

Installing Fedora LXDE

Open VMWare Player.   Select the New Virtual Machine Wizard.   Next, select select disc image file and navigate to where you downloaded the LXDE ISO.

1

 

Next select the Guest Operating System – Linux – Fedora 64 bit.

2

Name the Virtual Machine.   I prefer never not to use spaces in a machine name.  Use an underscore or a single word.

 

3

Next specify the disk capacity.  Very little disk space is needed for this operating system.

 

4

By default, 1 GB of memory is allocated for the VM.

 

5

After clicking finish,  you can put the VM on your network with your other computers by selecting Bridge (Network Adapter).   If you select NAT, the computer will be on a different network.

 

6

 

Next, start the VM.  You will get a notice about Removable Devices. (USB devices that can be used on your VM).  You can close out this screen.

 

 

 

7

 

The VM will continue to load.

8 a

8

9

The ISO will load into memory.  In order to load the ISO on your hard drive, click the Install to Hard Drive icon.

 

10

11

To see the IP address your VM is using, click on the Terminal Icon on the lower left corner of the screen and type IFConfig.   You should have an IP address in the range of your current computers.

 

12

The installation will begin a wizard with basic questions about your setup.

 

13

During the installation, you will see basic hardware and network configuration information.   Look for any exclamation points that need attention.  Shown below is information on the installation of this VM, requiring an interaction on Storage (hard drive).

 

14

The information above requires interaction of clicking the Storage icon and selecting the appropriate drive.

 

15

Allow the OS to configure your hard drive automatically.

 

16

Once you complete this step, you will see the exclamation point disappear.  Go to the next screen.

 

17

Setup user and root passwords on the next screen.

 

18

Select a complex password before continuing.

19

 

20

21

 

After completing the password requirements, you will see the progress bar percentage begin to count.

 

 

 

 

22

 

It is a good idea to monitor the host computer’s Performance monitor.

23 Host

The CPU monitor in your LXDE is located in the lower right corner of the guest OS.

 

24

 

Once the progress bar reaches 100% and disk cleanup completes, the guest computer will reboot.

 

25

 

Fedora also offers a security lab that provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations.

A Search Engine that shows devices on the web

Secure your devices.  Bottom-line, there are malicious users on the web that can find your device (webcams, IP cameras, routers, SCADA and other devices).  Change the default passwords and update software/firmware when it is available.  Disable UPNP and look for vulnerabilities that may affect your device.

 

CNN’s Money on “Hacking anything connected to the internet

 

 

CIT Continues Advanced Training on Airfiber AF24s

The Computer Information Technology class continues to receive advanced training on the Ubiquiti AF24 Airfiber.  The Ubiquiti AF24 Airfiber is a hi-power, linear 2X2 MIMO radio with enhanced receiver performance and reliability.  The AF24 has a breakthrough speed of 1.4+ Gbps real data throughput.

These devices are specifically designed for outdoor Point to Point bridging between buildings and provide hi-performance network backhauls.  These dual-independent 2×2 MIMO 24GHz hi-gain reflector antenna systems, can operate in FDD and HDD  modes providing speed and spectral efficiency in the 24GHz band.

Students learn how to configure advanced wireless devices for real world information technology and hands-on experience.

17767_10200791247681739_257268144_n   5273_10200791245841693_1926834266_n

429478_10200791244321655_297120865_n    527862_10200791246441708_100458323_n

airfiber

Justin, Josh and Theo’s results during a configuration of the AF24s.
Justin-Theo-Kelsey-FullDuplex-AirFibre

Students also participate in a wireless shoot-off.   This contest challenges the students to design an antenna that will make an association between a standard access point and a laptop that will connect at extreme distances.  The contest will start the second week of April.

(L-R) Jay Matlock, Jonathan Laine, Scott Hess (designer of a parabolic dish with a helical transceiver), Tyler Clift and Kenny Cooper.

IMG_6733
  Photo by D. Babian

100_3052 100_3054 100_3056 100_3057  100_3061

Great details about building the Airfiber below (from 03:17 forward)

049 050 100_3064  100_3066  100_3068 100_3069

Quad Quad

Photos above (D. Babian)

IMAG0443  IMAG0445 IMAG0447  IMAG0450 IMAG0451 IMAG0452 IMAG0454 IMAG0455 IMAG0456 IMAG0457 IMAG0458   IMAG0465 IMAG0466   IMAG0469

 

 

Photo Credit: (Wil McKamey)

How long will it take to crack your password?

Mickey found a great site that gives the approximate time it will take to break your password.  The site, howsecureismypassword.net gives the  approximate time and a background color that indicates how secure your password is.  There are other things to worry about.  One of the things people don’t realize is that the code in your website may reveal even the most complex passwords.  It is up to the webmaster of your site to keep you secure.

Secure

Unsecure

Surface Pro vs. iPad vs. Android

So we played with the Surface Pro and the iPad and measured each for productivity.   What did we find?

After using an iPad for a year and having the Surface Pro for just under a week, the Pro far out shines the iPad tablet and our Android we’ve had for two years; no comparison.  Why?  Here’s what we found.

With the Surface Pro 128 Gb,  you have a stylus, USB and every application that a laptop has.   The critics say the 128 Gb is wrong because you get less than you pay for.   Part of this is used by the OS.     Have you ever purchased a laptop?  The Pro can be used with every application you ever had and with the VGA adapter, you can hook it to a full size monitor ($39.99).   The USB can be hooked to a cheap USB hub ($1.99) and guess what?  External hard drives can be used for storage (and don’t forget you have an SD slot), flash drives, external DVDs, a full size keyboard and 127 other USB accessories including printers.   The same as Windows 7.   The speed is much faster and the reliability and new features are an excellent addition to this OS compared to Windows 7.  Why aren’t critics looking at that?  Another great mystery of American consumerization.  So there you go.  You can have a full desktop by laying your tablet on your desk and plugging in two things.   When you are ready to go, just disconnect and you have a tablet or with the keyboard, a laptop.   So the $900+ price tag is a bargain.

Also navigation is NOT hard.   All you have to do is remember corners…touch any corner and you have menus.  Is that really hard?  Nope.  Are we overlooking a great OS?  I truly think so.  Thanks Kenny for bring the Pro to school.  Mine’s on order.

Surface Pro

The Surface Pro and what Microsoft is not telling you – it can replace your laptop and desktop.

For the IT Professionals – join it to a domain and use the policies you have to further control this device on your network.