|
Platystemon posted:In case anyone else upgraded firmware on their Ubiquiti device and noticed that it can no longer bridge with non‐Ubiquiti APs: the secret is to disable aggregation on the advanced tab. Speaking of, have you had any problems with connections timing out repeatedly over the period of a day or two? Mine weren't running the latest firmware, and I upgraded them last night, but I'm curious if it's the APs (a mix of LRs and regulars), the router (a Mikrotik in-house solution) or the switches (2x24 GBit trendnets). It's a relatively new problem, so I'm hoping it was just a lovely beta firmware version that I had upgraded to.
|
# ? Apr 2, 2013 19:15 |
|
|
# ? Apr 28, 2024 03:31 |
|
I have a mini-ITX system running pfSense, and a Cisco switch. My roommate has an Airport Extreme plugged in to serve solely as a wireless AP. He's moving out, so I'm going to need something to replace his Airport when he takes it with him. Can someone recommend a good home wireless AP? I don't need or want any routing or switching capabilities. Single port, powerful antenna, wireless N, and simultaneous dual band if possible. (I have no Apple products and we've had a few stupid issues with the Airport so I'm not interested in buying one myself).
|
# ? Apr 2, 2013 19:51 |
|
titaniumone posted:I have a mini-ITX system running pfSense, and a Cisco switch. My roommate has an Airport Extreme plugged in to serve solely as a wireless AP. He's moving out, so I'm going to need something to replace his Airport when he takes it with him. I'm on my second one though, since the 2.4ghz band on the first one (V2 revision) died around the 15-month mark. The 5ghz band on that one is still reliable so I've been using it as an extender.
|
# ? Apr 2, 2013 20:02 |
|
If I'm getting a new modem I might as well upgrade to a Dual band N router as well. Is there no current "best" router the way there was the WRT54GL? Are the suggestions in the OP still valid? Based on the OP I'd probably go for the E3200 in the under $150 category, but it's $75 on Newegg now, which leads me to believe it's old and replaced by something newer.
|
# ? Apr 2, 2013 20:26 |
|
FISHMANPET posted:What's the current hot poo poo DOCCIS 3.0 Surfboard modem? I think I'm tired of paying Comcast $7 for rental on a lovely Thomson modem, and they said I'd need 3.0 to take advantage of the latest speed boost, so sounds like as good a time as any to dive in head first. I think that the Motorola Surfboards (previously mentioned) are pretty solid. Paranoid wifi security questions from Three Phase time! 1. Is it possible that someone seeing my network (SSID name broadcast) can determine the type of router that I have, and use that as a "weak point"? I think the problem is that if you use the default SSID (I have a ton of 2WIREXXX's and NETGEARYYY's around me), you can narrow down the hardware on the other end with ease. If you change the SSID to anything else, there isn't any evidence given as far as what device is acting as the wifi radio. (I could change it to "2WIREXXX" even though it absolutely isn't a 2 Wire DSL modem to just be a smartass.) 2. Are there any pieces of software that can be used to "safely" (without performing any criminal acts) probe an existing wireless security setup for weaknesses? Part of me thinks that toying with that sort of thing would probably be a situation where risks outweigh potential benefits, especially if all evidence points to the network being secure. If you are curious, I currently have a Wireless-G connection enabled on my router, it is WPA2-PSK with a reasonably strong password, and I disabled WPA pin on the router. (I checked to confirm that the pin stays off, and when the pin is on the router has an enabled-by-default pin lockout feature which shuts down WPS after three bad keys until the router is restarted.) I also did a bunch of web searches based on "(my router) vulnerability" and "(my router) exploit", and found one thing that looked like an exploit (putting in http://192.168.x.x/stuff.htm would pop up information like the WPA password and admin login, but ONLY if the person on that computer already logged into the router. If the user logged off the router, it would pop up a 403 forbidden message. Plus I have remote router administration disabled so this would really be a "the caller is coming from inside YOUR HOUSE!" situation, even if it was a weakness. I found that browsing through the router logs give me a little peace of mind too, I can see if there are any unfamiliar MAC addresses or connections at strange times. Three-Phase fucked around with this message at 22:48 on Apr 2, 2013 |
# ? Apr 2, 2013 22:46 |
|
MAC addresses are tied to vendors, so it's possible to determine the manufacturer for a given device by it's MAC address. I don't know of a common database that has information tying a MAC to a particular product, but it's possible one exists. Don't worry about it though, it's been that way since the first Ethernet card was sold. You're allowed to "probe" your own wireless network all you want, but anyone passively sniffing and logging would probably be able to use that information against you, but what are the chances of that. If you're concerned you should separate your wired and wireless networks and require wireless clients to VPN into the rest of your network in order to access other machines or the internet.
|
# ? Apr 2, 2013 23:13 |
|
Ninja Rope posted:MAC addresses are tied to vendors, so it's possible to determine the manufacturer for a given device by it's MAC address. I don't know of a common database that has information tying a MAC to a particular product, but it's possible one exists. Don't worry about it though, it's been that way since the first Ethernet card was sold. On top of that turning off your SSID doesn't solve this "problem", it just prevents people from seeing the network if they are just looking in available networks to connect to in Windows or whatever. If you are using some kind of scanning program you'll still see the AP and (and its MAC address) if traffic is passing while you are looking. Anyway yeah if you want to go super crazy with this, figure out how to set up a RADIUS server and use 802.11x. But unless you have something laying around that would cause you to specifically be targeted, you are fine. It's kind of like home security, just be a more intimidating target than the rest of the street.
|
# ? Apr 2, 2013 23:47 |
|
Dogen posted:Anyway yeah if you want to go super crazy with this, figure out how to set up a RADIUS server and use 802.11x. But unless you have something laying around that would cause you to specifically be targeted, you are fine. It's kind of like home security, just be a more intimidating target than the rest of the street. Yeah, if I wanted free internet or someone else to blame for illegal crap, I'd probably tap one of the dozens of other connections. Some are probably still running WEP. My understanding is that if you're a script kiddie or just someone wanting to bum wireless, when you see WPA2 or even just WPA it's basically "forget it". And besides WPS pin attacks, there aren't any really exploits against WPA2 like there are for WEP. I was going to originally say there "weren't any good exploits", but it seems like besides WPS pin attacks, or someone using a stupidly weak password and brute forcing that, there aren't any known exploits for WPA/WPA2 period.
|
# ? Apr 3, 2013 01:31 |
|
Three-Phase posted:Yeah, if I wanted free internet or someone else to blame for illegal crap, I'd probably tap one of the dozens of other connections. Some are probably still running WEP. WPA with TKIP is considered broken as well. Using WPA/WPA2 with AES is still hardened against anything but weak passwords.
|
# ? Apr 3, 2013 04:41 |
|
Turning off SSID is dumb because it doesn’t add real security and it makes it a pain for legitimate users to connect to it. I also like broadcasting the SSID so that neighbours setting up their networks hopefully see “Hey! There’s a network on this channel! Pick a different one!”
|
# ? Apr 3, 2013 04:56 |
|
Just ordered the SB6141 and the Asus RT-N65U. Gonna bring my network into the present with dual band N instead of G and WPA2 instead of WEP (that's right, I'm the shameful nerd still using WEP).
|
# ? Apr 3, 2013 07:26 |
|
I was wondering if anyone knows of any good software for monitoring user bandwidth traffic. I have 6 other roommates who have multiple devices on our network and in the last week and a half our overall outbound traffic has spiked significantly pretty much bringing our network to a halt. Most my roommates aren't the most tech savvy people and I'm assuming that someone has some torrent client service running in the background without knowing it. Right now we are we are running an ASUS RT-N16 router with DD-WRT. Any advice for finding out the culprit device would be much appreciated.
|
# ? Apr 3, 2013 07:42 |
|
FISHMANPET posted:If I'm getting a new modem I might as well upgrade to a Dual band N router as well. Is there no current "best" router the way there was the WRT54GL? Are the suggestions in the OP still valid? Based on the OP I'd probably go for the E3200 in the under $150 category, but it's $75 on Newegg now, which leads me to believe it's old and replaced by something newer. The E3200 is perfectly fine and selling with a nice discount. Something better, nope. Belkin purchased Linksys from Cisco. So this is the end of the road as anything Linksys did right will be "fixed" by Belkin. I'm having a tough time deciding on how to update the op as with Linksys uncertainty I'm not sure of the best way to proceed, and I need some time to think about a significant rewrite. The routers in the op are listed in order of quality/price, if you can get a better deal there's no reason to be concerned. I also have the usual problem when I don't update the op much of being busy making music videos and film during the weekends. I've had a few music videos come up that are very time consuming, both now and for the next month. If this is too long until the next big update someone else is welcome to revise and update the op.
|
# ? Apr 3, 2013 08:16 |
|
The_Franz posted:WPA with TKIP is considered broken as well. Using WPA/WPA2 with AES is still hardened against anything but weak passwords. I checked the post - is that the attack where you need to be a man-in-the-middle between a hotspot and an out-of-range device? As far as picking channels, my router can pick one automatically, and I leave it set to that since there are probably fifteen networks in my vicinity.
|
# ? Apr 3, 2013 11:23 |
|
ChompOnThis posted:I was wondering if anyone knows of any good software for monitoring user bandwidth traffic. I have 6 other roommates who have multiple devices on our network and in the last week and a half our overall outbound traffic has spiked significantly pretty much bringing our network to a halt. Most my roommates aren't the most tech savvy people and I'm assuming that someone has some torrent client service running in the background without knowing it. Right now we are we are running an ASUS RT-N16 router with DD-WRT. Any advice for finding out the culprit device would be much appreciated. Someone on the dd-wrt forums wrote a script to monitor per device usage: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=75275
|
# ? Apr 3, 2013 11:46 |
|
I've had a couple incidents now with my moca setup where under heavy usage (streaming video across the LAN) it has killed my downstream Internet speed. I know in theory it is supposed to operate on a different frequency than DOCSIS, but I have seen people saying that it can screw up your Internet so I guess the next step is to pick up a filter to keep the signal from getting to the cable modem. I went ahead and bought two so that I could use one as a point of entry filter as well. Anyone have any experience with this?
|
# ? Apr 3, 2013 14:37 |
|
Is there a good Wake-On-Lan (WOL) utility I should be using? Is there an automated way for RDC to send a magic packet on connection attempt? I <3 my file server, but I only need it to be awake maybe three hours a day.
|
# ? Apr 4, 2013 03:09 |
|
If I have a switch and I have a router, would it be easier to use the switch to connect to another router, or should I do router to router? I tried running a cable from one router to another router, I even changed the device IP on the second router to 192.168.1.2 so it wouldn't conflict with the first router ( even though I read most routers were smart enough not to do this?) and it didn't work. Also I stopped being able to access the router , even after resetting it, which was very strange and caused me to give up trying to make my connection go through two routers before reaching me. This is all wired right now. Would using a router to a switch be much easier and just be plug and play as I just found a Trendnet switch in the office.
|
# ? Apr 4, 2013 20:39 |
|
Kneel Before Zog posted:If I have a switch and I have a router, would it be easier to use the switch to connect to another router, or should I do router to router? Modem <--> WAN port on Router#1 LAN port on Router#1 <--> LAN port on Router#2 If you connected it any other way, you'd end up with two separate DHCP pools and probably a broken rear end network. You can then use the remaining LAN ports on Router 1 and Router 2 semi-seamlessly (you will have a bottleneck for anything trying to access resources on R#1 from R#2, obviously). Using a router and a switch is a better option because it eliminates the bottleneck from daisy chaining routers.
|
# ? Apr 4, 2013 21:03 |
|
Dogen posted:I've had a couple incidents now with my moca setup where under heavy usage (streaming video across the LAN) it has killed my downstream Internet speed. I know in theory it is supposed to operate on a different frequency than DOCSIS, but I have seen people saying that it can screw up your Internet so I guess the next step is to pick up a filter to keep the signal from getting to the cable modem. I went ahead and bought two so that I could use one as a point of entry filter as well. I don't think there's too many moca people in this thread, but so far I have not had this happen to me. My basic setup is:
|
# ? Apr 4, 2013 21:11 |
|
Are powerline kits mostly interchangeable at a given bitrate, or are there certain kits to buy/avoid? If I've got time to wait for something to go on sale, how much should I look to spend for 500mb?
|
# ? Apr 4, 2013 23:07 |
|
titaniumone posted:Modem <--> WAN port on Router#1 Don't forget to turn off DHCP server function on router 2.
|
# ? Apr 4, 2013 23:31 |
|
Three-Phase posted:I currently have a Wireless-G connection enabled on my router, it is WPA2-PSK with a reasonably strong password The chance of someone with enough skills and knowledge caring enough to try and crack your WPA2 encrypted network is pretty slim. If it's concerning, pick a long password that contains words you won't find in a dictionary. Switch it up once a month. If you are extra paranoid: - Enable AP isolation - Disable access to the configuration GUI over wireless - Disable access to the configuration GUI over the internet - Set your private IP range to something non-default. (Instead of 192.168.1.1 - Swap it to 172.16.1.1 or 10.255.1.1) - Check your DHCP table every now and then to verify you recognize the devices. Even if someone does get on, chances are they won't be smart enough to set a static IP. Restricting to MAC can only do so much. MAC's are pretty simple to spoof.
|
# ? Apr 5, 2013 02:33 |
|
Windowlicker posted:- Enable AP isolation quote:- Disable access to the configuration GUI over wireless quote:- Disable access to the configuration GUI over the internet quote:- Set your private IP range to something non-default. (Instead of 192.168.1.1 - Swap it to 172.16.1.1 or 10.255.1.1) quote:- Check your DHCP table every now and then to verify you recognize the devices. Even if someone does get on, chances are they won't be smart enough to set a static IP. quote:Restricting to MAC can only do so much. MAC's are pretty simple to spoof.
|
# ? Apr 5, 2013 02:41 |
|
Do you have government spy secrets? Illegal porn? Are you a secret lizard person? Why so paranoid?
|
# ? Apr 5, 2013 03:40 |
|
gggiiimmmppp posted:Are powerline kits mostly interchangeable at a given bitrate, or are there certain kits to buy/avoid? If I've got time to wait for something to go on sale, how much should I look to spend for 500mb? I don't know about interchangeability between kits, I guess if they support the homeplug AV standard they should work together but can't give you a definite answer. I have had a Zyxel 200mbps kit for over a year now that works pretty well so I am partial to that brand. Their 500mbps kit is $60 on newegg these days I believe.
|
# ? Apr 5, 2013 03:53 |
|
Powerline networking blows, or at least it does in my house. All I wanted was 10% of advertised speed on the file level. I got 2–3% no matter which outlet pair I chose.
|
# ? Apr 5, 2013 04:10 |
|
titaniumone posted:I have a mini-ITX system running pfSense, and a Cisco switch. My roommate has an Airport Extreme plugged in to serve solely as a wireless AP. He's moving out, so I'm going to need something to replace his Airport when he takes it with him. I'm running pfSense as well and I've had great luck with a Ubiquiti Unifi AP Pro. I had pretty much the same requirements as you do, but I was tired of dealing with buggy custom firmware on lowest-bidder hardware, so I got one of these. It's pricey, but it's basically been running flawlessly since I got it.
|
# ? Apr 5, 2013 05:14 |
|
Platystemon posted:Powerline networking blows, or at least it does in my house. All I wanted was 10% of advertised speed on the file level. I got 23% no matter which outlet pair I chose. I have a kit running on electrical lines that are not that old but not that new either and I can hit 75mbps from my fios line. The average speed is closer to 55-60mbps though.
|
# ? Apr 5, 2013 05:20 |
|
Kreeblah posted:I'm running pfSense as well and I've had great luck with a Ubiquiti Unifi AP Pro. I had pretty much the same requirements as you do, but I was tired of dealing with buggy custom firmware on lowest-bidder hardware, so I got one of these. It's pricey, but it's basically been running flawlessly since I got it. I have a Time Capsule. I'm not super impressed with its antenna and the distance it has. I'm used to having professional grade Cisco APs in my home that had a further reach. I'm thinking of getting a Cisco 1142 or whatever replaces that but this Ubiquiti has me interested since it is a third of the cost of a Cisco AP. How's the management of them? I'd rather ssh in or use a web page than run some random thick client. Is that possible? Do you always have to run the "controller" software? Whenever I hear controller I think of autonomous APs that need a controller. Boner Wad fucked around with this message at 06:23 on Apr 5, 2013 |
# ? Apr 5, 2013 06:17 |
|
Boner Wad posted:I have a Time Capsule. I'm not super impressed with its antenna and the distance it has. I'm used to having professional grade Cisco APs in my home that had a further reach. I'm thinking of getting a Cisco 1142 or whatever replaces that but this Ubiquiti has me interested since it is a third of the cost of a Cisco AP. The controller's a web app, but it doesn't need to keep running unless you want to do stat gathering or have a captive portal (the HTTP daemon runs on the controller). If you don't care about that stuff, then you just need to run the controller software when you initially set it up or when you want to change the configuration.
|
# ? Apr 5, 2013 08:36 |
|
Three-Phase posted:I'm too afraid that will break things, but I may consider that. It won't break anything. At most if you have some static IP's set on your network, you'll need to adjust the IP address for the device to work. If you're using DHCP, it won't matter as all the devices will just pick-up a new IP address within the new DHCP scope.
|
# ? Apr 5, 2013 13:16 |
|
Maneki Neko posted:I don't think there's too many moca people in this thread, but so far I have not had this happen to me. Apparently it happens to some people. I found one post where the guy didn't even know he had moca in his house, but some newer moto STBs came with it turned on and were causing some interference. It only seems to happen to me if I send a lot of data over the moca part of the LAN. Rebooting the modem fixes it. Hopefully the filter will take care of it. I guess the splitter that comes with the actiontec kit doesn't have a filter built into it. Boner Wad posted:I have a Time Capsule. I'm not super impressed with its antenna and the distance it has. I'm used to having professional grade Cisco APs in my home that had a further reach. I'm thinking of getting a Cisco 1142 or whatever replaces that but this Ubiquiti has me interested since it is a third of the cost of a Cisco AP. Depending on the age of your TC a new one might be much better. The last couple quiet refreshes have much better antenna design.
|
# ? Apr 5, 2013 15:57 |
|
Hey, I need some quick home interwebs related help. I'm ordering DSL (only service available in my apartment), and since I can only get it from Verizon, I'm compelled to bundle phone service. I have no intention of hooking up a phone, so what do I do about regional and long distance service providers? The default Verizon options want me to add a monthly fee. Can I choose "No provider" and not be penalized if some robocaller in another state dials my number?
|
# ? Apr 5, 2013 16:02 |
|
Kreeblah posted:I'm running pfSense as well and I've had great luck with a Ubiquiti Unifi AP Pro. I had pretty much the same requirements as you do, but I was tired of dealing with buggy custom firmware on lowest-bidder hardware, so I got one of these. It's pricey, but it's basically been running flawlessly since I got it. This is the kind of thing I would rather get too. I can't stand poo poo not working properly. Will it work well enough sitting on a bookshelf or something? I have lovely popcorn ceilings so I can't ceiling mount it.
|
# ? Apr 5, 2013 16:05 |
|
Factory Factory posted:Hey, I need some quick home interwebs related help. I'm ordering DSL (only service available in my apartment), and since I can only get it from Verizon, I'm compelled to bundle phone service. I have no intention of hooking up a phone, so what do I do about regional and long distance service providers? The default Verizon options want me to add a monthly fee. Can I choose "No provider" and not be penalized if some robocaller in another state dials my number? Wait, what? They won't do a dry line? I have never lived in Verizon territory so I don't know about them, but SBC always would after it became an option. On landline phones (and mobile elsewhere in the world) you only pay for outgoing calls or incoming collect calls so you should be fine. Unless something has changed in the last 7 years since I ditched landline phones.
|
# ? Apr 5, 2013 16:48 |
|
Nope. They did it last year, and the Senate Antitrust Committee pissed and moaned a bit to no effect. Resellers that offer phone-less DSL do it on Verizon copper and charge more for service than Verizon does for the bundle. The scenario I'm primarily worried about is this: Me: I don't want a long distance carrier, thanks. Verizon: Hey, an out-of-state polling firm we sold your directory listing to tried to call, but you didn't have a long distance carrier so we could ring your phone. For your convenience, we've hooked you up to our service and put you on our basic plan so that we could ring the line you don't have a phone on. That'll be an extra :tenbux: a month, our pleasure. Factory Factory fucked around with this message at 17:04 on Apr 5, 2013 |
# ? Apr 5, 2013 17:01 |
|
I'm 99% certain long-distance carriers are only for your outbound calls, not inbound.
|
# ? Apr 5, 2013 17:11 |
|
Someone correct me if I am wrong, but I am pretty sure you don't need long distance service to receive long distance calls, only to make them.
|
# ? Apr 5, 2013 17:13 |
|
|
# ? Apr 28, 2024 03:31 |
|
Dogen posted:Someone correct me if I am wrong, but I am pretty sure you don't need long distance service to receive long distance calls, only to make them. That's the impression I was under, but I'm also not particularly confident about a telco bundling useless services to make sure that if you sub to one dying technology, you get to pay for a second one as a bonus. IOwnCalculus posted:I'm 99% certain long-distance carriers are only for your outbound calls, not inbound. Well, two other people who are as pretty-sure as I am is somewhat good news. Thanks.
|
# ? Apr 5, 2013 17:24 |