WAN Archives - The Silicon Underground

Home » WAN

How to set up and optimize an Asus RT-AC66U

Dave Farquhar Servers and Networking December 5, 2016March 7, 2018AES, asus, bulbs, encryption, Firmware, flash drive, GPL, IP, IP address, ip addresses, LAN, linux, malware, NVRAM, Password, printer, RAM, router, routers, SSH, Universal Plug and Play, upgrade, video, vulnerability, WAN, wi-fi, wifi, wireless, wpa2, WPS, WRT 12 Comments

Consumer routers drive security professionals like me crazy. I’m happy to say I finally found a router that doesn’t drive me nuts. I want you to buy an Asus RT-AC66U. I’m going to tell you why, and I’m going to tell you how to configure it. Here’s how to set up an Asus RT-AC66U and how to optimize an Asus RT-AC66U.

XCOPY vs ROBOCOPY

Dave Farquhar Windows August 30, 2016August 11, 2018command prompt, DOS, hard drives, honda civic, Japan, lunchtime, microsoft, PIP, robocopy, servers, st. louis, syntax, vista, WAN, windows 8, windows me

XCOPY vs ROBOCOPY: Which do you like? If you’re a command line jockey, both Windows tools have their place. Here’s how I decide when to use which one.

Note: If you’re looking for a comparison of Robocopy and the third-party freemium tool Xxcopy, see this post.

When DD-WRT doesn’t work with Charter

Dave Farquhar DD-WRT, Servers and Networking January 11, 2016April 9, 2017d-link, dell, ethernet, ethernet cable, IP, IP address, linksys, PC, router, routers, WAN, WRT, wrt54g

I set up a DD-WRT router on Charter’s Spectrum broadband, and had a hard time getting it to work. It wouldn’t pull an IP address on the WAN side, or it would pull a 192.168 address rather than a Charter public address.

Here’s what I had to do to fix it.

Recommended DD-WRT settings

Dave Farquhar DD-WRT, security December 24, 2015August 29, 2018AES, AP, chrome, Cryptography, DDWRT, DHCP, DNS, DOS, encryption, facebook, firefox, firewall, hacker, ISP, java, lowercase letters, malware, nintendo, Password, print server, reliability, router, routers, server, servers, SSID, sysadmin, twitter, USB, vulnerability, WAN, web browser, WEP, wi-fi, wireless, Wireless security, WPA, wpa2, WPS, WRT

I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.

For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.

How to find inexpensive routers to run DD-WRT

Dave Farquhar DD-WRT, Servers and Networking April 1, 2015August 3, 2017802.11, 802.11ac, 802.11n, adapter, Broadcom, cisco, DDWRT, Firmware, gigabit, linksys, router, routers, TL, TP, upgrade, USB, WAN, wireless, WRT, wrt54g

I’ve been using and recommending DD-WRT for years, but it’s getting harder to find inexpensive routers to run DD-WRT. Many inexpensive routers now use non-Broadcom chipsets that DD-WRT and other third-party firmware don’t support well, or at all.

But there’s still a way to get inexpensive, compatible routers that isn’t likely to change any time soon.

Predicting the future, circa 2003

Dave Farquhar security, Windows September 26, 2014September 13, 2014BSD, discipline, laptops, linux, microsoft, microsoft security, phenomenon, podcast, RDP, server, SQL, unix, VPN, WAN, windows nt

In the heat of the moment, I searched my blog this weekend for quotes that could potentially be taken out of context and found something rather prophetic that I wrote in the heat of the moment 11 1/2 years ago:

Keeping up on Microsoft security patches is becoming a full-time job. I don’t know if we can afford a full-time employee who does nothing but read Microsoft security bulletins and regression-test patches to make sure they can be safely deployed. I also don’t know who would want that job.

Who ended up with that job? Me, about a year after I left that gig. It actually turned out I was pretty good at it, once I landed in a shop that realized it needed someone to do that job, and utilized that position as part of an overall IT governance model.

How to make a DMZ with two routers

Dave Farquhar security November 21, 2011August 21, 2016802.11g, 802.11n, address space, d-link, DMZ, ethernet, firewall, gigabit, hacking, IP, IP address, ISP, laptops, linksys, lowercase letters, Megabit, modem, Password, passwords, phone, router, routers, server, SSID, upgrade, WAN, web server, WEP, wireless, wireless router, WPA, wpa2, WPS, WRT, wrt54g

I’ve alluded in the past to why it’s a good idea to make a DMZ with two routers, but I’ve never gone into depth about how and necessarily why to do it.

If your ISP gave you a combination modem/switch/access point/router and it only supports 100 megabit wired and 54-megabit (802.11g) wireless and you want to upgrade to gigabit wired/150-meg (802.11n) wireless, here’s a great way to make the two devices work together and improve your security.

Secure that public wi-fi with a low-tier, no-cost home VPN

Dave Farquhar security July 31, 2011April 17, 2017cisco, conversant, firewall, hamachi, hp, linux, Password, PC, power button, proxy, Proxy server, server, servers, UPS, VPN, WAN, web browser, web browsers, wi-fi, windows 98

If you spend any time at all using unencrypted wi-fi networks at hotels and coffee shops, you need a VPN. Public connections are fine for reading news headlines and checking sports scores, but cannot be considered safe for e-mail, online banking, making purchases, or anything that involves a username and a password. A VPN, which encrypts that traffic from prying eyes, is the only way to make them safe.

Here’s how to set up a VPN that’s good enough for personal use. All you need is a home Internet connection, a computer at home, and the laptop you take on the road.

Of course corporations can set up VPNs that are much faster and much more robust, but this is something you can set up in a couple of hours on a weekend afternoon without spending anything.

Using Robocopy to root out PST files

Dave Farquhar Windows February 19, 2011December 4, 2015command prompt, DOS, DVD, error messages, migration, outlook, PST, Resource Kit, robocopy, vista, WAN, windows 7, Windows Explorer, Windows Vista, ZIP

So the word came out that the office is migrating to Windows 7 at some yet-to-be-determined time, but soon. It’s in testing now. (Too bad they didn’t recruit me as part of the testing team, because breaking Windows 7 is one of my superpowers.)

We’ve been told to back up our data. Lots of people are paranoid that they’ll lose their Outlook PST files, and with it, their ability to do top-drawer work. Frequently we have to search our archives to find forgotten details about old projects. It helps to make the new projects go more smoothly.

I came up with a surprisingly easy solution. It doesn’t even require admin rights–which is good. I won’t elaborate.
Read more

What happens when you put a dipstick, a screwdriver, and a SAN in the same room

Dave Farquhar War Stories February 16, 2011datacenter, hard drives, microsoft, microsoft patches, oracle, screwdriver, SCSI, servers, WAN

It was 2007, give or take a year. I was working a shop that had a WAN connecting four data centers around the world. A couple of hard drives in a SAN at one of the remote data centers had either failed or were in the process of failing.

No problem, we said. We’ll send some drives, and we’ll send along some extras so the next time it happens, you can just grab a spare off the shelf, slam it in, and not miss a beat.

Simple, right? Well, you should never underestimate a human being’s ability to make the simple difficult.
Read more

← Previous