WAN

How to set up and optimize an Asus RT-AC66U

Dave Farquhar Servers and Networking , , , , , , , ,

Consumer routers drive security professionals like me crazy. I’m happy to say I finally found a router that doesn’t drive me nuts. I want you to buy an Asus RT-AC66U. I’m going to tell you why, and I’m going to tell you how to configure it. Here’s how to set up an Asus RT-AC66U and how to optimize an Asus RT-AC66U.

Read more

XCOPY vs ROBOCOPY

Dave Farquhar Windows , , , , , , , ,
XCOPY vs ROBOCOPY

XCOPY vs ROBOCOPY: Which do you like? If you’re a command line jockey, both Windows tools have their place. Here’s how I decide when to use which one.

Note: If you’re looking for a comparison of Robocopy and the third-party freemium tool Xxcopy, see this post.

Read more

When DD-WRT doesn’t work with Charter

Dave Farquhar DD-WRT, Servers and Networking , , , ,
When DD-WRT doesn’t work with Charter

I set up a DD-WRT router on Charter’s Spectrum broadband, and had a hard time getting it to work. It wouldn’t pull an IP address on the WAN side, or it would pull a 192.168 address rather than a Charter public address.

Here’s what I had to do to fix it.

Read more

Recommended DD-WRT settings

Dave Farquhar DD-WRT, security , , , , , , , , , , , , ,
Recommended DD-WRT settings

I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.

For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.

Read more

How to find inexpensive routers to run DD-WRT

Dave Farquhar DD-WRT, Servers and Networking , , , , , ,
How to find inexpensive routers to run DD-WRT

I’ve been using and recommending DD-WRT for years, but it’s getting harder to find inexpensive routers to run DD-WRT. Many inexpensive routers now use non-Broadcom chipsets that DD-WRT and other third-party firmware don’t support well, or at all.

But there’s still a way to get inexpensive, compatible routers that isn’t likely to change any time soon.

Read more

Predicting the future, circa 2003

Dave Farquhar security, Windows , , , , , , ,

In the heat of the moment, I searched my blog this weekend for quotes that could potentially be taken out of context and found something rather prophetic that I wrote in the heat of the moment 11 1/2 years ago:

Keeping up on Microsoft security patches is becoming a full-time job. I don’t know if we can afford a full-time employee who does nothing but read Microsoft security bulletins and regression-test patches to make sure they can be safely deployed. I also don’t know who would want that job.

Who ended up with that job? Me, about a year after I left that gig. It actually turned out I was pretty good at it, once I landed in a shop that realized it needed someone to do that job, and utilized that position as part of an overall IT governance model.

Read more

How to make a DMZ with two routers

Dave Farquhar security , , , , , , , ,

I’ve alluded in the past to why it’s a good idea to make a DMZ with two routers, but I’ve never gone into depth about how and necessarily why to do it.

If your ISP gave you a combination modem/switch/access point/router and it only supports 100 megabit wired and 54-megabit (802.11g) wireless and you want to upgrade to gigabit wired/150-meg (802.11n) wireless, here’s a great way to make the two devices work together and improve your security.

Read more

Secure that public wi-fi with a low-tier, no-cost home VPN

Dave Farquhar security , , , , , , , ,

If you spend any time at all using unencrypted wi-fi networks at hotels and coffee shops, you need a VPN. Public connections are fine for reading news headlines and checking sports scores, but cannot be considered safe for e-mail, online banking, making purchases, or anything that involves a username and a password. A VPN, which encrypts that traffic from prying eyes, is the only way to make them safe.

Here’s how to set up a VPN that’s good enough for personal use. All you need is a home Internet connection, a computer at home, and the laptop you take on the road.

Of course corporations can set up VPNs that are much faster and much more robust, but this is something you can set up in a couple of hours on a weekend afternoon without spending anything.

Read more

Using Robocopy to root out PST files

Dave Farquhar Windows , , , , , , ,

So the word came out that the office is migrating to Windows 7 at some yet-to-be-determined time, but soon. It’s in testing now. (Too bad they didn’t recruit me as part of the testing team, because breaking Windows 7 is one of my superpowers.)

We’ve been told to back up our data. Lots of people are paranoid that they’ll lose their Outlook PST files, and with it, their ability to do top-drawer work. Frequently we have to search our archives to find forgotten details about old projects. It helps to make the new projects go more smoothly.

I came up with a surprisingly easy solution. It doesn’t even require admin rights–which is good. I won’t elaborate.
Read more

What happens when you put a dipstick, a screwdriver, and a SAN in the same room

Dave Farquhar War Stories , ,

It was 2007, give or take a year. I was working a shop that had a WAN connecting four data centers around the world. A couple of hard drives in a SAN at one of the remote data centers had either failed or were in the process of failing.

No problem, we said. We’ll send some drives, and we’ll send along some extras so the next time it happens, you can just grab a spare off the shelf, slam it in, and not miss a beat.

Simple, right? Well, you should never underestimate a human being’s ability to make the simple difficult.
Read more