Category Archives: Networking

Networking

Tailscale

You should NEVER hook up to a free wifi hotspot.  EVER.  If you MUST then you should instantly connect to a VPN to create an encrypted tunnel for your traffic to keep you safe.

Trouble is VPN’s either:

  • Cost money
  • Or are difficult to configure

Enter Tailscale which advertises itself as a zero configuration VPN and for the most part……….that’s true.

Basically, you install the app or program on your phone, tablet, or computer (easy) and then log in either by making an email account, using a Google or Microsoft account or a Github account. I personally would only do Github or the private email.

Tailscale login

That was easy.

Continue reading

Apple USB Superdrive with Unraid and MakeMKV

I’m ready to start ripping DVD’s on my newly built Unraid server.  In order to do it efficiently I ordered a SATA Optical Drive and my case (Fractal Node 804) has a slot in the front panel for just such a device.

In the interim, I have an old Apple USB Superdrive.  I plugged it in the server ……….and ……….nothing happened.  The disk wouldn’t insert.  It was like it was dead.   I plugged it in my laptop and it worked fine.  The dirty dogs at Apple make it so that their proprietary drive needs a wake up command that the Mac OS of course gives it.

SSH into your Unraid server and issue the following command.  If there is a disk in the slot it was auto-magically get sucked in.

sg_raw /dev/sr0 EA 00 00 00 00 00 01

In order to rip DVD’s directly into your file system in Unraid you need to add an app called “MakeMKV”. Once installed click on the logs to view.  We are looking for something specific.

MakeMKV Logs (click pics to enlarge)

Scroll through the logs until you find the section that deals with check-optical-drive.sh

Continue reading

DIY NAS Build – Network Attached Storage

DIY NAS Build – Network Attached Storage

Your house may have numerous computing devices which means you probably have data you want backed up.  Yes, there are all manner of cloud services (Google Drive, Dropbox, iCloud, etc.) that you can utilize and they are indeed handy but your data now exists on SOMEONE ELSE’S COMPUTER.  And maybe that is what you want because there is something to be said for off site back up’s.  If there is a natural disaster and something tragic happens then you may lose all your data if it is stored locally.  We’re going to explore building our own DIY NAS.

That is a subject all in itself but back when I was working I built two small, identical NAS servers and just took one to work.  Because there was no private internet connectivity besides a phone hotspot, I would just bring one from home and take the other one back home to update it.  Again, off site back ups are an entirely different subject.

Another very common reason you might want a dedicated locally controlled server would be to rip all those DVD movies, and CD music you have to a media server.  Or a NAS server can act as storage for your security cameras (to hell with paying some company a monthly fee for your video) or for DVR.  I have a couple favorite old shows that I record currently from over the air (OTA) TV to my media server.

And if you build a device that is probably going to be on 24/7 you probably should exploit the heck out of it and make it do stuff.  Let’s build a NAS, shall we?

Continue reading

LogitechMediaServer on Unraid

I heart LogitechMediaServer (LMS).  What is it?  It is a streaming music platform.  Back in the day it was among the first of the internet radio platforms.

Now we have Sonos.  Nothing wrong with Sonos if you are rich.  Big money for crappy sound.

Logitech made a line of “Squeezebox” devices such as the Touch and Radio, etc.  You can still find the same things basically with Sonos and Grace Digital Internet Radio.

LogitechMediaServer abandoned its hardware stake some years ago and now the software is community maintained and Open Source.

So you can essentially run the same streaming services FOR FREE and your clients can be small, low powered devices such as Raspberry Pi or essentially any computer you have.

So I install LMS (with the S meaning SERVER) on a Raspberry Pi and a music PLAYER called Squeezelite.  The newer Pi’s such as the Pi 3 or Pi 4 work pretty good but with some heavy use and network traffic you might experience a slight hiccup or two because of the relatively low CPU power and memory of a Pi.

Let’s move our LMS SERVER off the Pi and onto our REAL server.  I use Unraid at my house.   This blog won’t be a full installation blog but rather the “gotcha” I experienced.

Continue reading

Time To Upgrade The NAS Server

Finally got around to pulling my old NAS server out of the moving box and hook it up.  It had been out of service for about 3 months.

IT WOULDN’T BOOT.

One of my 4TB Western Digital Red Hard Drives gave up the ghost and also FreeNAS is now TrueNAS.  I didn’t catch that change because my server was kind of “set and forget”.

I decided to move to Unraid which uses Docker containers rather than “Jails” such as are used in FreeNAS.  Jails were always kind of hard for me, especially upgrading.

Unraid is a snap to upgrade the container and it runs all the stuff I want to run such as HomeAssistant, Emby, Plex, Apple Time Machine, etc.

Since I’m upgrading it was tempting to get cutting edge stuff.  However, in server builds faster and sexier is not always better.  Why?  Because a server is on 24/7 and that bleeding edge  motherboard and chip and power supply and 5 or 6 huge case fans will put a dent in your power bill.

Unless you are doing something crazy you really should consider a platform that SIPS power.  Serving files and streaming your movies on the network really doesn’t take that much overhead, especially if you have plenty of RAM.

I personally like motherboards with the Intel Atom chips.  Let’s pro and con the motherboard I chose.  The Asrock C3558D4I-4L

Asrock C3558D41-4L

Continue reading

Wifi Router as a Range Extender (Repeater Bridge)

Problem.  2800 square foot home and 1.5 acres with a path into the woods and a deck.  No way one single WiFi router can cover all this turf.

The other day I saw a Netgear XR700 Router on Facebook Marketplace for $100.  The XR700 is a rebranded Netgear R9000 aimed at gamers.  It is also a LOT cheaper than the R9000 which tips the scales at about $450.  But again, except for the case…….it is the exact same router.

Netgear XR700

Believe it or not it does cover almost all the turf in my big home but there is ONE dead spot in the house that I suspect has one too many walls and doors in the way of the wifi signal.

And when I set on the deck in the woods the wifi signal is “seen” but simply not usable at all.

So I decided to pull an old trick out of my hat.

 

I used DD-WRT firmware on my Netgear XR700 and I installed it on my old router which is a Netgear Nighthawk R7000 router.  I used something called a Repeater Bridge on the Wireless Interface to extend the range of my current router.

Let’s go over how this is done:

Continue reading

Network Security with PfSense

I haven’t written anything for a while because I retired and sold and bought a house and moved at all the same time.

During setup of the new home though I had to redo my internet setup and start fresh with a newly mapped network.  If I’ve said this once, I’ve said it a million times………If you hook a store bought router to your Cable Company modem you are begging to be hacked.  Your security is non-existent. 

This is not just my opinion.  It’s a stone cold fact.  To have any element of actual security you need a hardware firewall or a router with custom firmware such as DD-WRT or OpenWRT.  OR BOTH.

This is where PfSense comes in.  It is a hardware firewall which routes all your internet traffic through its very capable interface.  And it is far from being just a firewall as well.  It is a full fledged network Operating System.

The easiest way to get some decent network security is to buy a pre-configured appliance.

Netgate 1100

This is the Netgate 1100 and it comes in at a cost of about $179.

Yeah, that’s a little bit of cabbage but do you really want to protect your network or not?

You can build your own appliance and there is no shortage of mini computers built just for hardware firewalls.

PfSense is a free download and there are several other firewall OS’s out there that are free and also Open Sourced.

Continue reading

Network Security – Part Deux

Your network probably is comprised of the modem/wifi router provided by your Internet Service Provider.  Most people I know are configured this way.

This is the ABSOLUTE, WORST POSSIBLE security scenario there is.   It is typically extremely old, and unmaintained in terms of software / firmware.  And you probably lease the equipment from them for $10 a month or something.  That $50 hunk of hardware has already netted them hundreds of dollars from you……..if not thousands.

So the smart play is to go buy your own router and modem.  Walmart and Target sell them and it’s more than likely that is where you will go.  Or Amazon.   First of all you cannot just hook a modem to your home.  You have to call the cable company and ask them to “provision” it.   They have to apply the settings to it to allow it to work on their network.  There is NO WAY for you to do this.  They have to do it.   if there are firmware updates for your modem you have to call the cable company and tell them to apply them or “re-provision” your modem.   You can have a secure router (HA!) and have a crappy modem which will allow you to be compromised.

Continue reading

Revisiting Routers and Security and Alternative Firmware

I get on a network security / router security kick every now and again.   For the last week or so I have been reconfiguring my main router.  I have a Netgear R7800 that was running a firmware called OpenWRT.   I prefer to run Open Source firmware on my routers for a couple of reasons.

  1. Users can view the code.  When you buy a router at Walmart or Target or from Amazon or wherever it comes with the manufacturers proprietary firmware.  You have no idea what is in the code.   Also their goals are to make money, and make the router as simple as possible so you don’t call their paid support centers.  Complex configurations that are safer cause connection problems.
  2. There is a community of people who submit security and performance changes to the Open Source firmwares.   When exploits are discovered they are patched.   When is the last time you got a firmware update on your home router?

Router exploits and bugs are SCARY and all too frequent.  Here is a good resource where recent bugs against routers and modems are listed from news articles.  Scroll down that list.  I bet you won’t get far before you see a recent exploit discovered against your home router.

Continue reading

Firewalls And BIOS’s And Coreboot

I’m into computer security a little bit and always striving to learn more.  I’m also a firm believer in Open Source software.  In Proprietary software you don’t know really know what’s going on.  Case in point:  Alexa, Siri, Hey Google.  They say it isn’t spying on you but you know that it is.

With Open Source software you can view the code and see if any hanky panky is going on.

There are a lot of Open Source Operating Systems such a Linux.  But here’s the catch.  You run your Open Source OS which gets launched by a firmware (BIOS – Built In Operating System) which is PROPRIETARY!.  Also it can prevent you from installing a 3rd party device such as a battery, or charging brick.   Major exploits such as HeartBleed (remember that scare a few years ago) live and breathe in the firmware.   You can slick the OS, change the hard drive all you want but you are still compromised AND YOU DON’T EVEN KNOW IT.

Let’s lay out a scenario.
Continue reading