Move Debian to new hardware without messing up networking

One advantage that Linux has over Windows is that you generally can pick up a machine and move it to new hardware. The trickiest part is getting the network card(s) working.

Maybe I’m the only dummy who had a hard time with this. Well, except for one guy who posted a question somewhere, got no answer, then came back and said something rude to the people who didn’t answer and said he switched to FreeBSD. That was entertaining, but not helpful.

Just in case everyone else is afraid to speak up, here’s how I got the network cards working after I imaged the disks from a failing Debian server to newer hardware.

Read more

Building DOS gaming PCs

The ultimate DOS gaming PC is a topic that I’ve seen come up in forums frequently, and that I’ve been asked directly a number of times. I guess since I published advice on running DOS games on Windows PCs on two continents, people figured I knew something about that. I guess I fooled them!

The trouble is that no single PC can really be the “ultimate” DOS game machine. Well, not if your goal is to be able to optimally run everything from early 1980s titles designed for the original IBM PC up to the last DOS version of Quake. I learned that the hard way in 1995 or 1996, even before Quake existed. Read more

Need a good, cheap dual gigabit NIC? I have just the thing.

If you need gigabit ports for your home server or router project and you’re short on available expansion slots, I have just the thing. Home sysadmins have known for a while that you can get cheap PCI-X Intel NICs and run them in PCI mode, but you may not know that you can find the very same thing by searching Ebay for HP 7170 and it’s usually cheaper. It’s not rare to find them for $7, shipped.

Read more

How hard-coding your DNS can improve your security

I’ve long recommended hard-coding your DNS settings as a performance and reliability enhancement–here’s my guide for that–but it turns out it can be a security enhancement too.

Botnets targetting routers aren’t new at all, but there’s a particularly nasty one named Moose running around right now. Among other things, it changes routers’ DNS settings to point to rogue DNS servers that allow the attackers to steal your social media credentials, furthering the bot. Read more

What to do when you have more open slots than drive bays

Every once in a while you find something you weren’t looking for, then you wonder why you never thought of it before. That’s what I thought when I saw the Kingwin 2-Bay PCI adapter. It’s a bracket that slides into a couple of empty slots and gives you space to mount a pair of 2.5″ hard drives or SSDs.

It’s brilliant because almost any computer these days has empty slots because all of the essential stuff that used to be on plug-in boards comes integrated onto the motherboard these days. And if you put a micro ATX motherboard into a full ATX case like I often do, you have at least two empty slots that you couldn’t use even if you wanted to.

This is a brilliant way to get a couple of additional drive bays in a desktop computer, so I highly recommend it.

And in a story that should surprise no one, Target’s attack was unsophisticated

I found a story today stating that the attackers who stole millions of credit cards from Target didn’t have to try very hard to hide. I wish I could say I was surprised.

My boss says it this way: Amateurs hit as hard as they can. Professionals hit as hard as they have to.

Why? Because if they only hit as hard as they have to, they can save the hard hit for another day. And it really boils down to simple economics. If I can buy off-the-shelf malware for $1,000 and use it to steal millions of dollars, then use the same malware again somewhere else and steal another few million, why not do that? The alternative is to buy a sophisticated attack that costs five or six figures. Then what happens? I use it, get my money, and then the victim can’t figure it out, so the victim calls in Mandiant. Mandiant discovers the zero-day attack, then tells the world about it. Mandiant looks good because they discovered something nobody else has ever seen before. The victim looks a lot better too, because they got mowed down by something that was unstoppable. But then the vendor moves heaven and earth to release an emergency out-of-band patch as quickly as possible, closing down a very brief window of opportunity to use it.

Cyber criminals may be crooked and unethical, but they aren’t stupid. And that’s why this is an uphill battle: A cheap attack can go up against defenses that cost an order of magnitude more, and still win. Read more

The world’s fastest budget PC

So, a relative’s PC was getting a bit aged, and runs Windows XP, barely, so I talked them into an upgrade. I noticed that Micro Center had HP/Compaq DC5700s for $99. They were standard issue office PCs a few years ago, and there are a lot of them in the refurb channel. We went and got one over the weekend.

“What are you going to do with that?” the sales rep asked. “We only use them as cash registers.”

“Word processing,” I said.

“You sure you want to run Windows 7 on an 8-year-old PC?”

“I wrote the book on running Windows on older PCs. Literally. It’ll be fine.”

I hate calling rank like that, but sometimes it’s what you have to do.

And really, for $99, it’s awfully good. Web browsing is plenty fast, Libre Office runs fine on it, and think about it. Windows 7 retails for $100-$109. So it’s like getting the hardware for free. Or Windows for free, however you want to look at it.

Read more

More about Pfsense, the alternative to the crappy consumer router

I spent some time over the weekend playing with Pfsense, and I can’t say much about it other than it does what it says. I didn’t throw a ton of hardware at it–the best motherboard I have laying around is a late P4-era Celeron board, and the best network card I could find was, believe it or not, an ancient Netgear 10/100 card with the late, lamented DEC Tulip chipset on it. Great card for its time, but, yeah, nice 100-megabit throughput, hipster.

If you actually configure your routers rather than just plugging them in, you can do this. Plug in a couple of network cards, plug in a hard drive that you don’t mind getting overwritten, download Pfsense, write the image file to a USB stick, boot off the USB stick, and follow the prompts. Then, to add wireless, plug in a well-supported card like a TP-Link and follow the howto. Read more

Consumer routers are the security vulnerability of the year, so far

Today I found an article in PC World that gives a somber assessment of the state of consumer routers, like the device that probably sits between you and the Internet.

I’m glad this is getting attention. There’s a lot more to it than what’s in the PC World article, but I’ve droned enough about what’s bad about consumer routers. It’s bad now, and it’s going to get worse before it gets better. Kudos to PC World for providing a bit of an action plan.

What if you want to go beyond what PC World is talking about? I’m glad both of you asked. Read more

My $30 desktop PC upgrade

I built my main desktop PC three and a half years ago and have no complaints about it, save one. Hard to believe, but PC hardware has improved considerably in recent years. This weekend, I sunk $30 into it to solve my single complaint, and now I can reasonably expect to get another three years out of it, if not longer.

The integrated video on my system tended to bluescreen once a year or so. The troubleshooting always pointed to the video driver, which hasn’t been updated since the previous decade and probably never will, since Nvidia has abandoned its Nforce desktop chipsets. That may be why I got a good deal on the board in the first place–it was an orphan. The solution? A $30 PCIe Geforce 210 card, which is about 6x faster than the built-in video anyway. It’s not a gamer card, but it’s fine for productivity use. I was satisfied with the built-in video except for that bluescreen issue, so I’ll be happy with this. Plus it gives me more outputs, so I can connect to a monitor via DVI, or a television via HDMI.

My Windows performance index score went from 3.9 for Aero and 3.2 for business/gaming graphics to 4.2 for Aero and 5.6 for business/gaming graphics.  But that’s secondary; what I really cared about was getting rid of those bluescreens; getting something no slower than what I already had and digital output was what finally convinced me to spend 30 bucks.

A lot of people regard desktops as passe, but this is why I still like them. I can build them for a couple hundred dollars, drop a $30-$40 upgrade into them periodically, and run them for nearly a decade. I’ll need to put a bigger SSD in this machine once the one I’m using now gets too crowded, but this has been a very low-maintenance machine, which is how I like them.