Servers and Networking Archives

Home » Servers and Networking » Page 7

A quick security improvement: Change your IP range

Dave Farquhar security, Servers and Networking December 18, 2013October 28, 2021d-link, VPN

As you may know, lots of D-Link routers have serious vulnerabilities. Some are patched, some aren’t, and many are being exploited by Javascript on web pages. (See, routers don’t make you invincible.)

The right thing to do is patch. But most exploits will assume that your router lives in the 192.168.0.x or 192.168.1.x space, whatever the factory default is. So you can get a degree of protection even against future vulnerabilities by moving your IP space somewhere else. Read more

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.

dfarq.homeip.net

Upgrading a D-Link DIR-615 to DD-WRT

Dave Farquhar DD-WRT, Hardware, security, Servers and Networking December 2, 2013January 31, 2022AES, CGI, code execution, d-link, dd wrt, DDWRT, firefox, Micro Center, Universal Plug and Play

Last year I bought my mother in law a D-Link router, an oddball DIR-615 revision E1 that was only sold at a few stores. It was supposed to be a Fry’s exclusive, but I bought hers at Micro Center. It worked for a while, then gave her trouble, so this year I was working with it again, and when I was setting it up, I noticed it had some security vulnerabilities–remote code execution, UPnP vulnerabilities, and who knows what else. So that got me some practice upgrading a D-Link DIR-615 to DD-WRT.

DD-WRT’s track record and attitude towards security research could be better, but I’d rather trust my mother in law to DD-WRT’s B+ security than D-Link’s F.

Dave Farquhar

dfarq.homeip.net

Home network projects for a budding sysadmin

Dave Farquhar Servers and Networking February 13, 2013July 4, 2018cisco, pfsense, windows 7, Windows Server

A very good question came in as a comment to my earlier post, the benefits of practicing IT at home. What do I mean by putting some Windows 7 machines on a domain? It’s one of several good home network projects.

I mean standing up a server with centralized user accounts and shares, running on Windows Server or Samba, whichever you can afford. Make it a print server too, and print from it, just like you would from an office. Then extend it, and extend your sysadmin skills. Here are several ideas for projects of varying length, difficulty, and expense.

Dave Farquhar

dfarq.homeip.net

An update on the shortcut to wiring a house with Ethernet

Dave Farquhar Servers and Networking December 27, 2012November 28, 2018baseboard, keystone jack, linksys, pitfalls

Last week, I presented a shortcut for wiring a house with Ethernet using cheap keystone couplers. I’m happy to say I’ve done it twice now, and it all works, but I wanted to follow up and share a little more experience now that I’ve wired about a dozen ports this way.

Dave Farquhar

dfarq.homeip.net

How to be a hero next Christmas (or your next family get-together)

Dave Farquhar Servers and Networking December 25, 2012November 23, 2018android, apple, cat5e, christmas, d-link, SSID, WEP, wi-fi

My mother in law didn’t have wifi set up, but she picked up a smart TV this year, so she asked me if I could help her with it. So I picked up a D-Link DIR-615 on sale, brought it with me and set up wi-fi securely (hints: set the SSID to whatever time it happens to be, disable WPS, disable WEP and WPA, and use WPA2 with a long password with some numbers and symbols in it) and once it seemed to be working right, I put her TV and laptop on it. Then, as other relatives trickled in, they asked me for the wireless key. Soon the air was full of Androids and Apples chattering away on wireless.

Dave Farquhar

dfarq.homeip.net

A shortcut for wiring your house with Ethernet

Dave Farquhar Servers and Networking December 16, 2012November 28, 2018cat5, cat5e, keystone jack

As convenient as wireless is, wireless will never match the security, speed, and reliability of wired Ethernet. I ran some wired Ethernet jacks in mid-2009 and have no regrets, but on my last trip to Lowe’s, I spied a nifty shortcut for wiring: an Ethernet coupler that plugs into a standard keystone jack. They were expensive, but looked like a good way to cut out the most consuming part of wiring a house. I looked online, and they cost less than $2 from Amazon. Read more

Dave Farquhar

dfarq.homeip.net

Ping sweep from Windows

Dave Farquhar Servers and Networking, Windows July 1, 2012August 21, 2022antivirus

Here’s the best Windows command-line one-liner I’ve seen in a very long time: a ping sweep from Windows. Ping sweeps, also known as ping scans, are something every sysadmin and security analyst is likely to need at one point or another. You don’t need a special tool either. It can be as simple as a one-line batch file. Ping sweep scripts for Unix are common, but you won’t always have a Unix box available. You can almost always find a Windows box anywhere you go. That makes a Windows ping sweep useful.

If you’re not familiar with a ping sweep, read on. If you need to quickly scan your network to see if anyone’s added any new systems without telling you–something that only ever happens to me, right?–this tool will help you detect that, then head off those questions about why you haven’t patched and installed antivirus on that new server yet. Sometimes I run this on my home network too, to help me jog my memory.

Dave Farquhar

dfarq.homeip.net

Nginx, a leaner, meaner web server

Dave Farquhar Linux, Servers and Networking November 15, 2011November 14, 2011apache, debian, PHP, pogoplug, ubuntu

Arstechnica posted a nice writeup on Nginx, a cut-down webserver that does less than Apache does, but does the few things it does much faster. That’s nothing particularly new, as smaller and faster webservers have existed for as long as I can remember.

What makes Nginx different is that it can work with PHP. And therefore, it can run WordPress.

Dave Farquhar

dfarq.homeip.net

Do you need faster Internet, or just TCP Optimizer?

Dave Farquhar Servers and Networking October 27, 2011October 29, 2011tinkerer

A longtime reader wrote in this week recommending TCP Optimizer. I’ve used this program off and on for years, but don’t seem to have ever mentioned it on the blog.

I talked about similar programs in my book, but TCP Optimizer works with all modern (and many ancient) versions of Windows, and it can make a tremendous difference. It’s a small, self-contained program that doesn’t require any installation, the way programs ought to be.

Dave Farquhar

dfarq.homeip.net

Awesome Ads broke my blog

Dave Farquhar Servers and Networking October 19, 2011PHP

So I thought I’d experiment with a plugin to help me better manage the ad blocks on my blog. The WordPress plugin Awesome Ads looked promising, so I tried it. Not only did it not work, it also threw my admin page into an endless loop of errors. This function not found in this php file. That function not found in another php file. Line 175 seemed like a problem.

Here’s how I fixed it. I won’t say it’s the right way, but it worked.

Dave Farquhar

dfarq.homeip.net