I set up a DD-WRT router on Charter’s Spectrum broadband, and had a hard time getting it to work. It wouldn’t pull an IP address on the WAN side, or it would pull a 192.168 address rather than a Charter public address.
Here’s what I had to do to fix it.
Continue reading When DD-WRT doesn’t work with Charter
I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.
For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.
Continue reading Recommended DD-WRT settings
I’ve been using and recommending DD-WRT for years, but it’s getting harder to find inexpensive routers to run DD-WRT. Many inexpensive routers now use non-Broadcom chipsets that DD-WRT and other third-party firmware don’t support well, or at all.
But there’s still a way to get inexpensive, compatible routers that isn’t likely to change any time soon.
Continue reading How to find inexpensive routers to run DD-WRT
In the heat of the moment, I searched my blog this weekend for quotes that could potentially be taken out of context and found something rather prophetic that I wrote in the heat of the moment 11 1/2 years ago:
Keeping up on Microsoft security patches is becoming a full-time job. I don’t know if we can afford a full-time employee who does nothing but read Microsoft security bulletins and regression-test patches to make sure they can be safely deployed. I also don’t know who would want that job.
Who ended up with that job? Me, about a year after I left that gig. It actually turned out I was pretty good at it, once I landed in a shop that realized it needed someone to do that job, and utilized that position as part of an overall IT governance model.
Continue reading Predicting the future, circa 2003
I’ve alluded in the past to why it’s a good idea to make a DMZ with two routers, but I’ve never gone into depth about how and necessarily why to do it.
If your ISP gave you a combination modem/switch/access point/router and it only supports 100 megabit wired and 54-megabit (802.11g) wireless and you want to upgrade to gigabit wired/150-meg (802.11n) wireless, here’s a great way to make the two devices work together and improve your security.
Continue reading How to make a DMZ with two routers
If you spend any time at all using unencrypted wi-fi networks at hotels and coffee shops, you need a VPN. Public connections are fine for reading news headlines and checking sports scores, but cannot be considered safe for e-mail, online banking, making purchases, or anything that involves a username and a password. A VPN, which encrypts that traffic from prying eyes, is the only way to make them safe.
Here’s how to set up a VPN that’s good enough for personal use. All you need is a home Internet connection, a computer at home, and the laptop you take on the road.
Of course corporations can set up VPNs that are much faster and much more robust, but this is something you can set up in a couple of hours on a weekend afternoon without spending anything.
Continue reading Secure that public wi-fi with a low-tier, no-cost home VPN
It was 2007, give or take a year. I was working a shop that had a WAN connecting four data centers around the world. A couple of hard drives in a SAN at one of the remote data centers had either failed or were in the process of failing.
No problem, we said. We’ll send some drives, and we’ll send along some extras so the next time it happens, you can just grab a spare off the shelf, slam it in, and not miss a beat.
Simple, right? Well, you should never underestimate a human being’s ability to make the simple difficult.
Continue reading What happens when you put a dipstick, a screwdriver, and a SAN in the same room
I was working in a data center, where we had a couple of Cisco VOIP phones. I don’t know who put them in or when–it’s possible they predated me. We never got them working, but nobody ever really tried, either.
The idea was that two guys working on servers in different datacenters across the WAN might need to talk. The reality was that we didn’t do that very often and usually had other ways to do it–a cellphone being the most obvious option. Our networking guys always had much more pressing issues than getting the VOIP phones working, so the phones just sat there and looked pretty. Until the wrong guy noticed them one day, that is.
Continue reading Misguided security, episode 14
What should you do when someone hands you a computer, tells you they think it has a virus, and asks you to clean it?
Proceed carefully, that’s what. You don’t want to infect your other computers with whatever it has.
To get it gone safely and effectively, you really need two things: an antivirus live CD, and a spare router.
Continue reading How to clean viruses off other people’s systems safely