Code.RogerHub » wifi https://rogerhub.com/~r/code.rogerhub The programming blog at RogerHub Fri, 27 Mar 2015 23:04:04 +0000 en-US hourly 1 http://wordpress.org/?v=4.2.2 Setting up and testing two bridged wifi routers https://rogerhub.com/~r/code.rogerhub/infrastructure/481/setting-up-and-testing-two-bridged-wifi-routers/ https://rogerhub.com/~r/code.rogerhub/infrastructure/481/setting-up-and-testing-two-bridged-wifi-routers/#comments Sun, 11 Aug 2013 05:23:06 +0000 https://rogerhub.com/~r/code.rogerhub/?p=481 The walls and microwaves of my house have always conspired to cripple the wifi signal in some rooms, especially the ones downstairs and the backyard. I recently got another wifi router to expand the range. They are daisy-chained from the modem with ethernet cables. My servers and printers are connected to the router in the middle, so it takes responsibility for forwarding ports for virtual services and static IP/MAC bindings. The router at the end of the chain is just there for range. I’m just going to quickly document how I set this up and tested it.

I set up the routers through their web interfaces over ethernet on my laptop. Here are some things to double check before you hook up the devices:

  1. The secondary router is set to receive its WAN configuration from DHCP. I tried a static configuration, but it refused to connect for reasons unknown.
  2. If you need to migrate settings (especially between routers of different models/brands), take down all the configuration settings beforehand, including forwarded services, IP/MAC bindings, DHCP and subnet ranges, QoS, static routing, if you’re using them, etc.

After the devices are set up and hooked up in their proper positions, perform a quick AP scan with your wireless card:

$ sudo iwlist wlan0 scan
wlan0   Scan completed:
        Cell 01 - Address:  XX:XX:XX....
                  Channel:  ...

There should be 2 (or more) access point results that correspond to each of your routers. Configure your local wireless card to connect to each router in turn by specifying its MAC address in your OS’s configuration. Run diagnostics and make sure the connection is operational:

$ ip addr
... (an assigned address on the correct subnet) ..
$ curl ifconfig.me
... (your public IP) ..

That’s it. Now breathe easier knowing you can watch Netflix in the yard without suffering degraded streams. Hoorah.

]]>
https://rogerhub.com/~r/code.rogerhub/infrastructure/481/setting-up-and-testing-two-bridged-wifi-routers/feed/ 0
Protecting yourself on open wifi with Firefox https://rogerhub.com/~r/code.rogerhub/infrastructure/94/protecting-yourself-on-open-wifi-with-firefox/ https://rogerhub.com/~r/code.rogerhub/infrastructure/94/protecting-yourself-on-open-wifi-with-firefox/#comments Mon, 25 Mar 2013 20:32:14 +0000 https://rogerhub.com/~r/code.rogerhub/?p=94 So, I’m sitting in the back of Brewed Awakening right now in the midst of café-goers, some of which I know must be sniffing packets from the several overlapping open wifi networks around this dense part of campus. The spread of free wifi access points is an excellent direction for humanity, but it comes with its risks. Unless you’re browsing through HTTPS, anybody with a capable wifi network adapter can sit innocuously across the café and record everything you’re transmitting and receiving on your laptop, tablet, or smartphone. It may not seem immediately concerning that strangers know what kind of sick forums you frequent, but it becomes a security issue when you start transmitting your passwords in the clear (you know, the same ones you use for banking and email).

It just so happens that Linode, the hosting company that hosts the RogerHub network, recently announced a 10x increase in bandwidth caps for all their clients, and Opera announced their decision to move their browser line over to Webkit, sparking conversation about our complacency with Safari/Chrome. These two together motivated me to return to Firefox and recapture their vast add-on ecosystem to try to address this issue.

ssh -D 1025 rogerhub

You’re probably familiar with ssh‘s ability to forward TCP and erect ad-hoc SOCKS proxies. If not, you should definitely check out man ssh and read through the -L and -D flags. This command sets up a SOCKS proxy on localhost:1025 (ports below 1024 are privileged and can only be bound by root) through which you can forward web traffic and stuff.

Now, Google Chrome’s proxy support isn’t great for two reasons: first, they’ve had corporate adoption in mind since the beginning, so Chrome has historically read proxy settings from the environmental variables/group policy/system configuration, whatever it is on your system. In their Windows version, there’s also a UI to set proxy settings, but it isn’t their main focus. Second, their extension API doesn’t allow for the same kind of deep integration with the UI and with the program internals as Firefox’s add-on environment allows.

So, I opened up Firefox and installed FoxyProxy, the popular proxy-switching add-on, and configured it with the SSh proxy. I also pulled in NoScript for the sake of locking down the browser itself.

NoScript comes with a bunch of draconian defaults, and isn’t very useful without a bit of configuration (you could, for example, just turn off scripts in Firefox instead of keeping its defaults). Enabling same-origin scripts (Base 2nd level domains works well for me) will let most sites and their CDN subdomains to function the way they were meant while ignoring the GA, Facebook, and ad network trackers. Of course, this isn’t very good practice for casual browsing, but open wifi is a battlefield.

Altogether, it makes for enough security to give you peace of mind while browsing on public wifi. Firefox, as a browser, has really improved over the years as well, especially its web developer tools which (back in the day) once consisted of an Error Console and the imperative to install/learn Firebug. Also, splitting search and location just makes sense.

]]>
https://rogerhub.com/~r/code.rogerhub/infrastructure/94/protecting-yourself-on-open-wifi-with-firefox/feed/ 0