#networking

@hollow marlin not with many firewall rules it seems

But it got me to realize that Edgerouter isn't truly stateful and that's the reason why it can use asic to forward packets so fast at line speed with weak cpu

Offloading involves disabling its ability for connection Tracking

Which explains why I need to allow related and established rule

So at this point, it must be a pipe dream to expect firewall rules or QoS to be offloaded to asic and cheaply?

@pseudo blade unless its in production in anyway its still useless

GPUs are still not ASICs, they can do more than one type of task

@little schooner Mikrotik on the prosumer end do connection tracking, firewall rules and simple queuing on hardware and some of it is in software.

Its referred to as Fasttrack/fastpath and is offloaded to hardware. very limited in configuration wiggle room though

I got a ping and it was deleted? @hollow marlin

Shoudlnt have been 🤷

Hm. Strange.

Did a lil bit of work before the weekend at a new hospital. Hope you guys like this :)

@distant wedge It's amazing!

Thanks @clear igloo! I'm still a junior but being able to take the reins was really really fun. I left the fiber at the top to the pros but did all of the Cat6 :)

Fiber is easy to plug in 😂

But dang thats alot of cables

@hallow nimbus They had to be spliced into the cable trays

Oh then its hard 😂

Lols, I wasn't trained on the splicing tools and stuff, I'm still waiting, but I leave that to the senior cable techs. I know how to dress and terminate in the patch panels, so that isn't much of a big deal

we found a better way of doing that type of cabling in cable trays

way faster IMO

they make a braided kind of split loom. you premeasure the run (dont need to be 100% accurate). you then take 8 boxes of cable and pull that length. you then put the cables inside the split loom. then you toss the splitloom on the tray

0 wire management needed. less than half the velcro needed

end result

😂 😂

@waxen scroll looks very fun and ocean like

^

trying to figure out home networking without doing a lot of damage to walls, etc. just wondering if anyone has success utilizing existing coax line runs to fish through CAT lines? A quick youtube search didn't net anything. Was all MoCA talk.

theres no reason it wouldnt work, however maybe some suggestions....

use fish line to start and pull it through, then use a puller tool to grab the cable and the fishline to pull the tool

also sometimes coax goes from wall to wall, if it does you might be screwed

Yeah. I guess I'll have to go to the attic to confirm if that's the case.

if you're doing it from the attic, it might just be a straight drop down... good to check anyway

Luckily, I only need it in 1 or 2 rooms. So as long as those two aren't wonky I should be fine.

last one i did was on an outside wall and i had to open it and patch it 😦

Oof.

Well thank you for the help/suggestions. Now that it's cooling off I can finally head into the attic and do this.

@waxen scroll I'm guessing that there is no way of escaping from making holes in a home for running wire outside?

think about what you just typed

almost nobody has existing conduit to outside thats not high voltage

@waxen scroll that silver thing outside right?

Where the utility company connects

yes

you cant put low voltage in there

hello is this router decent https://www.tunisianet.com.tn/switch-routeurs-point-d-acces/31964-routeur-sans-fil-n300-adsl2-avec-4-ports.html

or DSL-124

Dlink DSL-124

@sage hare DLink is absolute crap.

Go with Ubiquiti.

mate

thats my only choice

not even joking

i looked in many cites

i live in tunisia

and no i cant import

i only realized that it was the only option after i asked here

is it better than ISP router? huawei hg532e

@finite mango

What about Asus?

If all else fails, stick with your ISP router.

i am not joking

its my ONLY choice

Jesus

so no point in changing?

There's nothing wrong with dlink

I have two of them and not a single time had they gone offline

bro

it has 10/100 interfaces and N in 2019

@sage hare what do you need form it?

if you can, use ethernet, it will save you from many issues.

my router keeps going offline

like disconnecting from isp

is it a modem combo unit?

its a router

idk whatever it is

is there another box between it and the wall?

like a splitter for phone?

yes

and its not even into the wall

ahh, ok, its a dsl combo

its literally dangling from roof to my window

you can try a new modem, but that issue could be numerous things.

do you think the cable could be an issie

as it was in a similar position b4

and it didnt happen

among other things, yes.

Try changing the cable

That was the problem with my modem

I ran out of Ethernet ports on my modem so i now us an old crappy router as a Ethernet switch

Mmmm that looks like an old WRT54GL - totally fine for a 100mbit wired switch. 🙂

Ahhh it's the GS model.

Idk i just bought it a while back to use it as one purpose but never ended up using it for that purpose now it is just a switch

Need recommendation for a wireless AC router. Pref ASUS for small home setup. Area is about 100 sq ft

@hearty shale Budget?

Prob $150 max

US?

Asia atm

As in USD?

Yup

Sorry

100sq. ft is very small. You're certain that's all you need to cover?

It is and the modem our ISP provided is really crappy

That's why we're looking into purchasing a separate router

Need ethernet ports for other stuff? What kind of modem? Fiber, cable, V/ADSL...

DSL right now, unfortunately fiber is not offered in our area

As much as we want to upgrade

I know the feeling.

So what kind of DSL? what speeds do you get?

20mbps dl tops

Excellent ADSL2+/maybe VDSL.

Our upload never gets pass 1mbps to be honest

Sounds like good ADSL2+ then.

So you want to keep using your ISP modem, just bridge mode?

Yes that's right

Why do you want AC wireless?

Anything in particular that can use the speed?

Future proofing? We have devices than can connect to 5G?

Sorry 5Ghz

Its definitely worth it if you use that for LAN speeds

Advice: Don't try to future-proof access points.

Also to alleviate traffic congestion?

Lots of wifi congestion, eh?

Yup mostly 2.4Ghz

Have an Android device?

Or knowledge of the 5ghz spectrum usage in your area?

@pseudo blade yeah, like the beta access points right?

That's why dual band is probably required for us

Yeah i dont like buying the future, not-as-tested stuff

I like my things to work right the first time.

Yes we have android devices

In your situation I'd buy this and be done with it. https://mikrotik.com/product/hap_ac2

It's small, cheap, AC/WiFi 5 and will easily cover such a small area in fast wifi. Use their mobile app if you want simple setup, it's quite nice nowadays.

But you prefer ASUS? Any particular reason?

Had experience with previous offices and works well even with lots of devices connected to it

These easily handle hundreds of connected devices. Main thing you'd get from something like this is it can also do tons of fun stuff like traffic shaping (netflix slowing down your other stuff? Just slow it down).

It has various enterprise-grade features like that which can be nice to have.

Also product availability

Take it or leave it, but these are easy to obtain ¯_(ツ)_/¯

@hearty shale you mean like, you can enter a bestbuy store today and find them by the dozen?

that kind of availability?

Not really

For instance

This mikrotik is probably not available where I'm from

It almost certainly is.

I got mine from amazon i believe

I have to double check i really dont remember

But we can look into it and probably ask if it can be ordered elsewhere

Unfortunately, I'm not from the US so very limited when it comes to specific products

https://mikrotik.com/buy

@pseudo blade When it says All port test on the product page's specs section, that means it can't do full 5gig a second with all ports?

The hAP AC^2?

yes

At most only 2 ports can reach full gigabit

Oh that explains it

yeah

I mean if you want more than 2gbps throughput buy something a little more expensive.

I see

Just curious. Wanted to make sure I was reading it right

How much is this by the way?

Price wasn't stated

It was on the page.

Specific pricing will vary between vendors, but these are US$69.

https://www.amazon.com/MikroTik-RBD52G-5HacD2HnD-TC-Dual-Concurrent-802-11a-Ethernet/dp/B079SD8NVQ from amazon

Thanks we will look into it

Specs look really promising

It costs so low because

I forgot why.

Very low part count.

Xeon, the reason they do this is that this is how all the all-in-wonder WiSOCs are built internally.

and they are very stable

too stable in fact.

Too stable? I wouldn't accuse them of that...

Once I got over the initial hurdle of configurating it

well for me it feels like it =p

Had a look at the Mikrotik app, Xeon?

It's quite nice now.

I havent

you can control with app now?

Very easy user interface.

based on this page, it says yes https://mikrotik.com/mobile_app

Can do everything if you push a specific button, but has a simplified UI for those who just want the thing to work.

Yeah, that is something to make sure to tell DialogBox

looks as if he can get it up and running faster than I thought with the app

I mentioned it first up.

Oh. I guess i didnt look

Nice stuff.

Thanks again

And of course, for people who really do want everything...

Simplified UI for new people (you can customise what options are visible, by the way)

That looks like a mikrotik device

It is a Mikrotik device.

But yeah it's actually quite nice and I'm sure those of us who've used Winbox can appreciate that it lowers the barrier for entry a fair bit but is still good enough for network admins.

This is gross

Ew

It's a bunch of Ruckus APs that have been set up by a customer, and they just all conflict with eachother for some godforsaken reason.

80mhz channels, control channels spaced 20mhz apart?

@pseudo blade do you know more about what the C stands for in the wireless channels? I've read their documentation in the past and all I got is the C is the main channel and the e is the spare for wider widths

@hollow marlin Control. Versus Extension.

Any reason to change from say Ceee to eeCe?

The control channel is the "main" one. The one used in 20mhz mode and announces capabilities, handles auth etc.

Honestly... Not really as far as I'm aware.

The only thing I can think of is if you have dense APs and lots of utilization/noise your clients will fall back to 20mhz on the control channel alone, but I wouldn't consider that to be desirable anyways.

If you lack spectrum for enough 80mhz channels that just means you should use 40mhz and/or lower transmit power honestly.

Ok cool, so I did understand that correctly. Thanks man!

No problems.

i just ordered the pixel 4 XL in LTT orange!

😼 🔥

I was going to get the 4XL, until I saw no fingerprint sensor

you dont want one anyway

the cops cant make you unlock if its pin

anything else they can

True

Wait was the keynote this morning?

yah

Has no WiFi 6, disappoint

A phone without fingerprint sensor on the back is a phone I don't want

@clear igloo most of us wont have wifi 6 in our homes for the next 4 years

Meh

i never buy new standard APs until my devices are caught up either ^_^

are you still on blobs server?

I think so

i think blobby lost his passion

yah, he's never on anywhere

usually you dont until job #2

😛

lol

Even though I already have wifi 6 device, I don't need any more speed. My backup storage is all ssd, so everything is fast enough with current AC speeds

i used to run a website and blog a lot about tech

after job 2? hell no

doneeeeee

@waxen scroll I want to write blog posts about issues that actually happen in production and have the solution for it when someone tries to Google it

thats close to what i was doing, but i was also making up problems to solve

Then they say thanks and I know I was helpful to someone out there

Yeah I'm bad at making up problems

@waxen scroll now I just internet archive anything important in case their blog disappears

lots of people i know just dont have the spark they had pre-Job

myself included

it comes and goes, but once you do work the last thing you wanna do is home lab

Truth^

what do you think about that @little schooner ?

@waxen scroll yes that's true. I hope it doesn't happen to me though, because hobbies are hard to find

@waxen scroll this is where having multiple Hobbies is a great thing

@little schooner watching TV is a valid hobby

I guess so.

https://cyber-itl.org/2019/08/26/iot-data-writeup.html based on this article, ubnt is reducing firmware security with their products instead of spending the research time to get it done right

Hehehehe

💦 💦 💦

The networking in the other hand leaves a lot to be desired

Over the Christmas holidays I plan on redoing parts of it

If it works it works

still gives me a headache every time I look at it

@naive meadow At least you have patch panels. 😉

@craggy parcel not for my room

I am running a Ethernet cable from the gigabit switch to my desktop across the hallway

That's how home networks usually works. A real pain when the cable gets damaged, because you handle it too often. 😉

@craggy parcel I clip mine to the wall with wall clips or the molding near the floor

I have a cable running from one end of my apartment, to the other, using network wall plugs, however, they are to be mounted with a sticky pad, that is pretty bad, so it's more or less hanging in the cable itself, kinda defeating the purpose. 😉

This specific cable runs from two bedrooms, living room, and then the dining room. Finally it ends in the backyard

@little schooner Yeah, so that way you only have to cut the cable, and replace the last part. 😉

@craggy parcel yes I love that part

I cut at least 10 more feet

I think I ought to up that to 20 feet for outside runs though

Oh.. Proper extra cable, for maint? 🙂

And use an outside rated cable. 😉

@craggy parcel yeah, although I'm not sure if there is a special method to keep its outdoor rating when you cut and crimp it

@little schooner the packets never

https://i.imgur.com/4ql3oZZ.jpg

wot

pack-ates

also @waxen scroll

What causes it to reset connection when it attempts to send test email to gmail?

I submitted the wireshark file to supermicro and hope they can solve it... because my other programs that send emails, like Veeam, are not having this problem

Pretty basic stuff

Going to order a m2 ax200 wifi 6 chip - anyone have any thoughts on one seller / manufacturer over the other?

Kinda confusing

https://www.amazon.com/s?k=WiFi+6+AX200&i=electronics&ref=nb_sb_noss

I'm amused that Ubiquiti has convinced people to buy their Cloud Keys/whatnot despite all the devices involved being more than powerful enough to handle its duties themselves.

Bleh. Complaints about wireless performance on a device. "May I use 5ghz? No." "May I use 40mhz mode? No." "May I reduce the number of virtual APs in use, and stop using each device as an AP and as a client? No." "Can I use dual-chain mode? No, can't afford the second element. Can I have a better single-chain antenna? No."

10mbps it is then

@pseudo blade Think you misspelled 'force' 😉

@strange silo You mean about the cloud keys?

Sorry, it's late and I'm not at my best for inferring context.

Last I checked they're not mandatory but they do demand you run a dedicated controller on something.

@pseudo blade I use my server to run it since it's already serving as the NAS and HyperV

I'm usually running it on whatever linux distro they support

Debian's their preference, basically all their hardware runs Debian.

Yeah and that worked out perfectly

I just update it for security updates and their package

I need something to help automate that though

Maybe puppet?

Or ansible

I want the best one with a nice gui

Sounds overkill.

https://wiki.debian.org/UnattendedUpgrades

Yes thats what I use now but what if I also want it to update simply the unifi package too?

Even just put it in a cron job or similar.

Cron?

Oh

Right... Cron lol

Have it check every month

0 4 1 * * sudo apt install --only-upgrade unifi

I think that would work, I just on my phone atm, not at a linux box.

I'll give it a try thanks

@little schooner Neither do I.. But you might have to do something to the plugs, especially if they are not inside. Also make sure that water stays outside, instead of flowing along the cable into the building. 😉

I found out that I can't pass through a zwave COM usb device to a hyperV VM

But with other hypervisor, it's probably possible

@little schooner I know of people who have written drivers to do this, but sadly those drivers now belong to his company and are proprietary.

@pseudo blade it caused me to purchase Intel nuc in order to do the smart home zwave thing

Cloud Keys are great if you want ease of update remotely via unifi and for it to all just work together.

Don't have to worry about SSHing in remotely to update the underlying system.

@little schooner Nope, can't find a way to pass thru a USB device in Hyper-V manager.. Perhaps when the VM is running, but hey, don't have one handy, and too lazy to setup one. 😉

@craggy parcel I believe it's only video cards and hard drives that support it

And then the motherboard itself also has to support it

I've successfully attached USB stuff to virtual machines running in VMWare workstation, on the same exact machine, that can not do it in Hyper-V. So I believe it's a software limit.

Actually I could be totally wrong. It might be the fact that I have to pass the entire usb controller but everything is in use

@craggy parcel hyperv is type 1 hypervisor

Not software

It loads before the kernel

That might be an issue

It works maybe like unraid. You pass the controller and has to be in pcie slot

Well, that means it has even MORE access to the actual hardware. But it makes no sense, that Hyper-V has less abilities to attache hardware to VMs than VMWare workstation. No matter how they differ, if one can do it, the other can too.

@craggy parcel i really like it to be as simple as VMware does it, yeah

But VMware cannot run side by side with hyperv yet until 2020

When they use the new api to have that happen

@little schooner not at the same time, no. But you can disable Hyper-V without uninstalling it. 🙂

Yeah and that requires a reboot

There's always a catch to everything =(

True.. But it's faster, at least on my PC, than uninstalling the thing, and THEN doing a reboot anyways. 😉

True. I have my os on Intel optane, but still, feels sluggish

Windows is not using all threads

Their binaries are still single threaded in most cases

Well with exception to trusted installer

Actually, I'll be careful about saying they are mostly single threaded, but based on what I saw in taskmgr, it's slowing the boot process

Optane was even faster than windows could feed it data

Optane drive for VMs is a dream though. Crazy fast, no delay

And if anything, the delay was from the fact that the VM drive was dynamically expanding or had or one vcpu

Well, I don't have THAT new of a PC that Optane makes any sense at all. 😉

Also I get most of my virtualization needs covered in my day job, or using the companys serveres for experiments. 😉

@waxen scroll if I understand this picture right, I literally just need copper wire and screw it into the right terminal of both the camera side and the nvr side?

i dont think so?

for the alarm probably

but rs-485 is a serial bus and probably isnt so easy as plugging it in and done

for my alarm the RS-485 is daisy chained and looped, complete with termination resistors

Question time: I have an asus 3100 currently running at my house. We are in a week going to be moving to a smaller home with ruckus 510 APs installed, and will have a ruckus switch installer through Lennars "everything included" package. (They make you wait for it supposedly to have an amazon rep do it for you. I call shenanigans). I am wanting to try and secure the more vulnerable parts of my network once the whole system is connected, ei smart locks, wifi thermostats, a few other bits and pieces. Can I keep my Asus 3100 and use vlans on the smart switch and smart aps set for vlans? I dont see an option in the gui for vlan support on my asus.

I believe Asus only supports vlans on the wan

I haven't seen otherwise

I don't know enough about ruckus to answer the rest

If the switch is layer 3 you need to set all the vlan on it and use it as a router for those vlans. Then you need a /30 subnet between the switch and the Asus. The switch needs a static route for 0.0.0.0/0 pointed to the Asus lan ip

The problem there is the switch isn't firewalling vlans

On many Asus you can get a root shell and maybe manually configure vlans and firewalling, but it's way more hassle than it's worth. All that will reset if the power goes out

Ah okay. I'm trying to safe money and avoid buying an edgerouter or equivalent but it sounds like it should be better in the long run

This is kind of a long shot but does anyone know how to make the Huawei 3272s-153 4G modem work with a Raspberry pi ? I don't seem to have any luck with what I find on the web...

@unborn thicket I might just. Does the modem expose a storage volume right now?

I don't think so

@pseudo blade There's a read only sr0 rom, but that's it, no "real" storage volume

sr0? strange, but if that's not just a scsi controller in your computer you're mixing up it still sounds related to this.

https://linux.die.net/man/1/usb_modeswitch

I'll check it out, thanks !

I already tried using usb_modeswitch but it didn't help (or change anything for that matter)

Although I did get a better understanding of what it is used for so that's still a small win ^^

How does one setup a MITM to troubleshoot a server-to-Gmail smtp issue?

I want to see the error message as to why my server connects but does not send an email message when it closes the connection with gmail

Having issues properly troubleshooting this

I recently found out that there are 2 (possibly more) unauthorized devices on my network. I live in a trailer park, with a neighbor I would assume to be the one (that individual or individuals living in that household) using our network without permission. I don't know how long those devices have been on our network, or who owns them. But I would like to figure out who is using our network without our consent, and what should we do. My grandmother was hacked remotely in August in our own home, but we don't know who it was or why they did it (I don't know if it's the same people/person). This is my mother's network, and no one in our household knows much about networking, except maybe me. I know some about networking, not much, but some. I don't know what I should do, and who I should talk to (ISP?)?

I think I found a tool that could help out, mitmproxy.

For who? You?

Oh, sorry. Yeah for my issue

No problem

Well..

One of the devices is currently on my network.

I REALLY want to find out who they are.

And if possible, get them arrested.

Are you able to look into your modem in your mom's home? There are times where you can see a device's hostname in the DHCP lease and that can maybe give you a clue as to who the device might belong too. For example, if its an iphone device that gets DHCP lease, iphones name could be "Jason's iphone" in the Modem DHCP lease page. If you know someone in the area by the name of jason, its a clue that it could be a jason, but its not a hard and fast truth.

Is this a wired or wireless network? @carmine brook

Wireless

WiFi

But we can use Ethernet if we want.

I use it for gaming.

Did you try a rotation of the wifi password?

Do they still find a way to connect?

@little schooner I know what u mean by the names. But the two unknown android devices have a name of "android-xxxxxxxxxxxxxxxx". The "x" being random numbers and letters.

So chances are its some kind of phone or tablet android device

If you have the MAC adress you can figure out what manufacturer

probably

you should at least

Also..umm.... I'm pretty sure it's the default router password. So I'm thinking they just looked up passwords for our router brand.

I did.

So i would change that.

I looked them up

Take control of the router setup page

lock it, change wifi password

Also, the router settings have been unlocked for years.

And wait and see if they still join it

My mother does not know much about networking.

first 6 digits/letters of MAC is the manufacturer of the device OR wifi card

I think

I know

...

oh

I'm going to list the phones' vendors.

But not reveal the MACs, I'm nice like that.

Motorola Mobility LLC, a Lenovo Company

The other vender is...

KYOCERA Corporation

That last one I have never hard about before

I first saw the Lenovo one yesterday.

And the KYOCERA one this morning, and 30 min ago.

It's currently 3:13 pm rn.

KYOCERA is a Japanese company, apparently.

they make phones too

I used "aruljohn" to find the vendors of the devices.

I know.

Well, I would just not do all that. I think you can simply get away with just changing the WiFi password and locking the router setup page with a custom password.

That should be enough to solve the issue

@carmine brook They would tell you to do the same thing I suggested

You can't find out who it is, aside physically taking their devices and checking MAC addresses, you're not going to track them down like that

go door to door and ask if anyone knows what "KYOCERA" is

KYOCERA produces photocopiers/printers, to my knowledge...

Where the devices are?

No, it doesn't work like that

Where the traffic is coming from?

There's a Lenovo android phone and a KYOCERA android phone.

The traffic comes from your network, that's it. Unless you get a device that can track RSSI strength and can narrow it down by MAC and are willing to go door to door scanning everyone, you won't find anything else out

Like, how do they catch these people?

Like @clear igloo said, you wont know unless you physically take the devices and verify mac address

@carmine brook its not like the movies that make it look so easy to track people

Ok..

They don't, because unless they are stealing your information and you can prove it, nobody cares they "stole" your wifi

Ahh Apparently Kyocera also makes phones.. Well, now I know that as well. 😉

I knoe

Know*

@little schooner I know

You have to have proof otherwise nothing will happen

Umm... it's illegal

@little schooner Whet prevents you from spoofing the mac? 😛

Yeh

someone stole my moms iphone and guess what they asked me first?

I was thinking that too

do you have insurance on it?

Could it be a laptop?

they didn't even want the location data

Laptops?

Fuck Spectrum

And ISPs

I also learned that day that if there is no intent of concealment, you can't charge the person who takes your phone

its pretty stupid

It's your responsibility to secure your wifi

You could possibly manage to know what sites they are visiting if they dont hide it I think

but not spesifics

WireShark?

I dont know, havent done it myselves

Dont know how it would help tho

My Network and Security teacher mentioned it.

unless you know that one neighbour likes fishing while others dont and stuff

Well... they use it in the building.

@carmine brook That only works if its not encrypted communications

At the college

also, in modern networks, traffic from everyone does not go to your computer

Oh yeh

Yeh

@carmine brook Depends.. If you have a Wireless NIC that supports monitor mode, you should be able to capture via wireshark wirelessly. If not, you would need to get the traffic sent to your computer, somehow..

so you wouldn't even be able to see their traffic on wired connection

Whoops

Yehh...

Hmm....

oh

Aight

Seriously, change your WiFi passwords, it's not that difficult. Courts have ruled in several cases it's your responsibility to secure your wifi, if they do something illegal and it comes back to you, it's on you unless you have tons of logs proving otherwise. Just saying "it was my neighbors" won't fly

@little schooner Depends on how much info you want.. The SNI info in the SSL handshake, is unencrypted. 🙂

@craggy parcel if its any use

yeah.

@carmine brook sometimes the easiest solutions are the best ones.

Change wifi password

@clear igloo @craggy parcel @little schooner ok I'll change the password

Well, I'll just change the password. Sorry about the fuss guys/girls, I'm just very irritated.

I'm sorry if I went too far.

It happens, just make sure it's secure and that you check every now and again. Make sure WEP isn't enabled either and you're doing WPA2 🙂

And also DISABLE WPS.

That too ^

@clear igloo @craggy parcel Thx!!😀

Although

We cant do it today.

My mother is sick and ornery, and she's not in the mood.

She also didn't know about this until now.

Well, if you can't change the password, at least power off the router when not using it.

She doesn't care

She will, when the cops comes knocking on the door, due to abuse...

What?

I'm blocking everyone.

Gonna take matters into my own hands.

I'm changing the passwords.

Aight, I put a lock on the router.

But I can't seem to block everyone so I can change the wifi password.

Idk what to do.

Changing the wifi password blocks everyone who doesn't know of the new password

@clear igloo also, it's my mother's network, I just use it. I've never been this concerned of possible network security issues, until a couple of month ago.

@little schooner I know

Wait

Will we have to put the password back in. Or will we still be connected to the network?

Have to put the password back in.

Everyone will disconnect

if using WPA2-Enterprise, not necessary to input all passwords in again

but that is not useful in your situation

Welll.

I can't block all the unknown devices because it just keeps loading.

And if I change the password, idk what exactly would happen.

And if I would fuck anything up in the process

I just told you what would happen

Everyone will complain

Oooh, even better, the Firmware hasn't been updated since 2015.

I know, I mean.

Like .....

Idk what to do from there...

Idk man, I'm sorry, I'm just tired af rn.

I want to fix the router issue. But like, idk what specific steps to take to make sure I don't f anything up.

@carmine brook What you need to do, is grab a cup of coffee, tea, hot chocolate, whatever helps you relax..

Then change the WiFi password, tell those that NEEDS access, the new password, or help them reconnect. You might have to remove the old connection, or change the network name. Some devices will refuse to ask for the new password, or let you update it, and just try to connect with the wrong credentials. (iPhones and iPads, I'm looking at YOU!)

@carmine brook Take a 5 day vacation to florida and come back to it

@little schooner Or change the pass, THEN go on vacation, before anyone notice. 😉

@craggy parcel I have to do it tomorrow.

My mother just doesn't care about this right now, especially since she's sick. Lol, my whole family doesn't care about network security.

And if I do anything, I'll get bitched out.

No one listens to me in my family when it comes to IT stuff.

Well, the one with their name on the contract, could be held liable for any illegal activity, traced to that connection. The "guests" on the network, are most likely just browsing cat pictures on facebook, but they could be doing illegal things.

Personally I would change the password, and let people complain. However, I'm not in your shoes, and you might have your reasons for delaying the password change.

But unless you know you have criminal neighbors, there might not a any other problems, than the "guests" sucking up the bandwidth, and making the network perform slower. (More devices on a WiFi, will make it slower, fact of life. )

Guest wifi is not online, hasnt been for years.

I did not mean guest wifi, I meant the unauthorized devices using the network, they are technically uninvited guests. 😉

And they are a corrupt household. Trust me, we've lived next to each other for years. I'll leave that subject where it is.

Ooh

Lol my bad

BTW, when you DO change the password, do yourself a favour, and check the clientlist EVERYTIME you connect a device, to make sure it's not one of your own devices, that just show an unexpected name. I've actually seen that on the company network.

Clientlist?

List of clients connected to the network.

Devices?

Users?

On a home wireless network, clients, devices and users, are kinda the same thing.

Ok thx

In an enterprise network, clients can be either devices or users. Meaning that multiple users can login from the same device, using different credentials.

So make sure those devices are our devices, not duplicates or whatever, right?

That's what u mean?

Just to be crystal clear.

Exactly.. So change password, reboot router. (Clears the list of devices) Then connect device 1, check device list, connect device 2, check device list, and so on, till all devices has been reconnected.

Ok

When should I update the firmware?

It hasn't been updated since 2015 apparently?

Also if you have an android TV that might be the device showing up, or a wireless printer.. I've seen apparently rouge devices on wireless networks, that turned out to just be devices that identified themselfs with strange names.

No we dont.

I dont think

Not printer

Yeh no, none of that.

But should I update the firmware after step 3? Or 1?

Well, if there's a new version available, upgrade. If not, buy a new router. 😉

Also, check the upgrade instructions, in some cases, you can not upgrade straight from a very old firmware, to the latest, especially if the latest is years newer. So you might have to upgrade in multiple steps.

I would change the password first, or if you are connected with a cable, simply disable wifi, untill the password is changed, and firmware upgraded.

Cable?

Wait.

You mean having it physically in our household?

Cable as in physically built at our home?

Also for upgrading the firmware, if the router has an auto update feature, where you just check for updates, and press "Do it", then you should be fine just upgrading, if you are to download the firmware from the manufacture, you will have to make sure you can upgrade to the latest in one step.

Ok

I mean a network cable running from your computer to the router, or at least the possibility of connecting via a network cable, doing the password change and upgrade.

Ok...

I have wifi and ethernet, lol.

I'll just change the password, reboot router, connect authorized users, and update.

Tomorrow.

@craggy parcel Thank you so much?

Lol srry, I meant with a "!".

@carmine brook Just ask if you need more. I bet someone can help. 😉

Thx bro

Also, idk if it is my neighbors or not, but, seeing as how nothing bad has happened in the past couple months, tbh I think we're good. I was just being super paranoid about the dangers.

But, I'll probably still fix this problem tomorrow or Sunday.

Yeah, I usually tend to freak out over stuff on my network, I can't explain. But the "cup of coffee" thing and then analysis, usually gives an explanation, often a device I just didn't know the name and make of. 😉

I'm gonna boot up my new gaming laptop, install/update everything, and play Destiny 2 or Rust now.

@carmine brook Sounds like a good plan.. For me going to bed, would be a better plan. (It's a quarter to midnight here)

But I mean, it's not ours.

Aight

I'll kick the baddies today on D2 and Rust, and then my network tomorrow. Cya bro, take care.

Never realized how much of a challenge it is to install phpipam. Their installation guide is horrendous

Had to rely on guides from Digital ocean

Bra wtf

Ever since I booted up my new laptop 45 min ago it keeps having network problems.

First it disconnected.

Now it shows me that yellow triangle warning saying "Unidentified network".

I'm connected to the wifi

But I cant get into steam

task manager says: 0Kbps Send and Receive.

Bro

I keep getting disconnected from my network.

@little schooner any thoughts?

@carmine brook yes, check your wireless router

That device is still on our network.

But I cant do anything about the router until tomorrow.

I'm going to update my laptop, see if it helps.

Chances are the problem is happening there

That device?

A new laptop comes with working drivers out of the box

So it's the laptopm

?

Unless the manufacturer is really that bad

Yeh

No I still say your router

Ok

You have problems with it now

So I will point at that

Well, we've had frequent problems this year.

Occasionally it will disconnect us, but my mother said it was updates. Idk

But today, while setting up my new laptop and trying to install some games, it keeps disconnecting me.

Ohhhh wow

BSOD while trying to update.

hey guys, i'm trying to make a L2TP/IPsec VPN on PFsense using a Radius Server (in this case windows server 2019) but i just can't seem to connect. It says on my windows client that the layer 3 nogociation could not be established. Any ideas ?

(also, my pfsense is Behind a bell router WITH port forwarding)

So just a thought,
Would an Individual Desktop Computer User ever require an Internet Connection with Bandwidths of about 10 Gbps and above?

No

Well

In 20 years maybe who knows what exists

LMG is all 10Gb i think

including internet

10Gb to the exchange, ~5Gbit outside of the exchange

@thick minnow for the average consumer 100mbps is even too much. 10gig will never be required

never Bold words, @hollow marlin

bill gates ate those words

I mean Bill Gates never actually said them.

somebody ate them

retail salesperson must've felt like such a fool after using those words to sell his 20th IBM PC for the week.

:P

MNIJ sprouting nonsense when providers are getting 100G interfaces and no sign of stopping

😄

MUH 8k netflix

I mean he's talking consumer, enterprises will always have different requirements.

muh 6 people needing to use 8k netflix in the same house

I'd say future content creation and consumption is the most likely consumer of faster bandwidth.

@pseudo blade muh steam downloads

waiting 1min for a new game? thats peasantry

@Meagus#9972 I will stand firm on my comment. It's not the same as Bills comment years back

(which he didn't make)

Still

But still with games exceeding 100GB and still having a long way to go in the texture department...

VR when they finally make it suck less...

Just because games are large doesn't mean they need 10gig

10Gbps isn't a requirement of tomorrow.

You said "never".

Exactly. Never.

Soo if games hit a terabyte (and I believe they will)...

Again, not needed. Needed is "I need 25mbps to stream 4k"

Full disk backups to the cloud and recovering them in a timely manner...

Even just cloud storage in general if we start seeing cloud-mounted disks go bigger could benefit.

My comment did say average consumer. Downloading 1tb games and cloud backup and recovery are not average consumer.

It's the same with gig now

I am 100% confident they will be within a decade or two.

Google Drive already makes the latter very easy.

i like the one drive model

local storage + copy in cloud

last few companies i worked for moved their network storage to thaty

Google Drive keeps a tiny cache but actually stores everything in the cloud.

last few companies i worked for moved their network storage to that Tee hee where I come from 100/40 is considered a very fast business internet connection

where i come from you need min 2x 1GB circuits

😭

Like from my research there's literally no faster option available in the city

You can't even bond more than a few because they use FTTN exclusively.

i have been involved in putting some offices on "business" coax (its consumer infrastructure heh)

works fine

Old lines, they won't run more unless you give them something close to a million bucks to consider a technology change.

@waxen scroll you think there is a difference in infrastructure for "business class" connections

no

@pseudo blade you ever dump like 2000 static routes into an office router?

i did, many times

😄

Not an office one, our cloud ones are at about 250 and the entire block is summarized on the office router.

one business wanted O365 to go out local internet and the rest go back to the data center over MPLS

they tried asking for AWS and i was like UHHHHHH

AWS does not share their routes like O365 does

they were mad cause their streaming vendor used AWS and the vendor refused to pay for a solution where their IPs never changed

AWS Direct Connect here's 4.2c/GB.

i think it was limelight networks (akamais competitor) its been a while

normally you dont do something like this. you usually have dual default routes... all goes to local internet unless local internet fails

glad i dont have to manage the routing table anymore

I definitely want to work for a company a bit bigger than the one I'm currently at.

the problem with them is all the content filtering is at their datacenter, so allowing full local internet would be unfiltered until they buy firewalls for *

It's a startup, with all the joys that brings. Work culture sucks, long hours, I was hire 1 and hire 2 was a second manager. I do everything and I mean that literally.

@waxen scroll Vegas 😄

@clear igloo well, my family doesn't think I know anything (or I'm not competent enough) about network security. My whole family b*etched me out for blocking everyone and locking the router settings.

Ohh.... btw.. I'm taking a Networking & Security class at my college, but yeh... I know nothing.

@carmine brook so whats your network experience consist of?

Not much. But I know more than my family.

is that just a class or a degree?

Class.

whats your degree for

But it's very fast paced, so it's hard to keep up with everything.

lmao. uh huh.... you dont just have one class on both of those topics

they are massive

Yeh

Its fundamental

For both, in one class.

I'm currently doing a IT Service & Support program thing. Which is non-transferable

And an Associates in Science Degree.

service and support sounds pretty broad too

no wonder its one network class

@waxen scroll btw, I locked the router settings because it wasnt locked, for years apparently, so anyone could've changed the wifi password and blocked whoever. Also, the firmware hasnt been updated since 2015. And we have some unauthorized devices on my mother's network.

Yeh

Just the basics, u know.

But alot of stuff tbh, soooooooo much notes.

That you cant even take notes, u feel me?

i guess... i could write notes really fast

the quality of them though...

lol

Lol

i write notes as bullet points, i dont write sentences unless required

It's very fast paced, the teacher just reads what's off a PowerPoint, class over.

Same

Or, I used to.

But, she does explain them though.

And provides examples. So that makes it better.

i learned more using books instead of class

@waxen scroll but tbh, I dont think you need much networking experience to know that your router and network is:
•insecure
•out of date
•and not maintained properly

Lol

Same

But #3 is more obvious

all i do is networking. every day. no servers. xD

@jaunty talon so no more DH or what?

And you can figure out that #1 and #2 are inclusive.

DH?

dreamhack

Dreamhack?

he does their networking

I'm sorry... I'm still a idiot with some things. Lol

oh, its a LAN party convention thing

Omfg

I just realized that @ wasnt for me.

Like I said, im a idiot.

your boy Lurick also does nothing but networking all day

Yeh

I can tell.

Networking is hard for me, not gonna lie

But, next week we starting security.

Which I hope will be fun.

you dont see dedicated networking / security roles until theres like 3,000 employees

of course there are edge cases

i play with 300,000 employees

Wow

U big boi huh?

thicc boiii

let me tell you, it was a pain in my ass to get my foot in the door for networking only roles

I believe it.

It seems pretty important.

Many people take it for granted.

i.e. my mother, sister, and grandmother

The ones who b*tched me out yesterday.

Lmfao, they said repeatedly that I was being selfish and thinking only of myself.

its a scope problem too.... if you're an employer who needs to hire for server you might be OK letting someone out of college come touch it. When you touch a server outside of an automation platform that touches many at once, the outage scope is one server. With network, theres no such thing as the scope being limited to one PC. Misconfigurations can also sometimes escape the building you're working on and take down the whole company.

@waxen scroll accept my friend request, I wanna show u my reward for my efforts yesterday in trying to protect my family and our network.

If they don't want it, I guess no means no.

The dentist job was the same way. They didn't want passwords for their computers

theres got to be some sort of law violation there

What?

@waxen scroll if there is, I have no idea

you're managing their IT... you should know 😦

Now is a good learning opportunity

Hold on, so who's at fault here?

Me?

im talking to xeon

Ok

Can you tell me what it is? But for some reason, my prof is hesitant to go back there to finish the work

arent you not in the US? i wouldnt know

@waxen scroll @little schooner lmfao, anyone could access the computers in my CTI and CTS classes, no passwords.

No passwords to login I mean.

The data they store is patient records and images of X rays, but that system is protected by a separate password

They don't want password for the windows login thing though

Well, that's good, at least.

Yeh

Too "hard".

"Time consuming"

Which I found odd though, as it was easy to spin up something like that

Not even hard. The main problem we faced was their awful switch

Hmm.

Well, if u can put a password on it... Do so.

For security.

Security is god.

You can't even connect to it. It's unmanaged

Hmm.

No way for password

Well.

How do u think i felt when i found out i could type in http://router on my browser and access out network? And if I wanted to, change the wifi password, and steal my families IPs and MACs, etc?

I'd feel pretty insecure staying in a network like that, which I do.

But my family finds it ok.

Soo....

My hands were tied with what I could do because the prof gave an unrealistic time line to complete the dentist job

Yeh

He should of asked for my input too

We should of seen the network together

People have their priorities in odd places.

Before saying "x will be done in y time"

Ughhh lol

Lmfao

It was my first job like that and of course I made a lot of mistakes and time management hit me so hard...

Like omg I gotta seriously. Work on time management with the problems

Everyone: "Nobody cares about the f*king network, if it ain't broke, dont fix it".

Yeh

I dont want to do netorking.

I'd rather do hardware.

It's funner for me.

And easier.

I love doing the networking stuff. It feels like a game to me

Gets me excited.... As long as I am not burnt out

a game?!

@clear igloo Shal. We. Play. A. Game?

A. GAME!!

@little schooner lets play IT change management

@waxen scroll yeah. Especially when I was doing packet tracer

if you cant explain exact impact, you will get denied

Yeah in the business env the fun stops =(

Now it's all fighting to get what you want

@waxen scroll the prof has been lucky so far explaining impact in order to snag some grants

@waxen scroll but guess what? They are starting to take control back from assets worth over 1k that was purchased with grant money

First they told him spend it on whatever you need and now they want control back on the items if they see its doing good work for students

It's stupid

This policy started like last Month

@little schooner I dont 100% understand what ur saying, but sounds like something needs some flex seal.

Flex tape*

Cus it's broken.

@waxen scroll what country makes it legal for a bank to record the card number and the amount of money withdrawn with a camera software?

Because hikvision software has an ATM search function that shows the time when that person made a transaction with card # and amount

idk, never heard of that. i have heard of a camera showing everything the customer bought on screen as it scans in

Yeah, that is the POS playback. hikvision supports that as well

i dont see why it would be illegal unless it showed the full card #

Yes, it shows the full card #

Well, I would think only because it says you can search it up

card number is like account number

for some banks.

i believe in EU thats highly illegal... in US i suppose the PCI requirements would be violated

lol this is their new UI for AI face recognition

looks like its from a game

@little schooner im planning on making a CDP crawler python script that acts like a virus

my coworkers will love me

lol

im sure they will love it xD

think of something for april fools day too

Here's the old gui of ivms https://i.ytimg.com/vi/mTu2GGVLpiY/maxresdefault.jpg

MAJOR improvement this new version vs old

you give it one device name to log into, preferably something like a WAN router, then it uses CDP on there to make a DB in memory and if you asked for a command to be run, it will do that too. Next it logs into the devices seen in CDP and does the same thing, but if a device is duplicated it will ignore it and only hit what it hasnt seen before

ahh so its like a worm, repeat the same cdp discovery and run the command on everything it finds and repeats?

heheh that is like a piece of malware

its for large sites when you want to do something like "show ip route" and compare it across all devices and dont have the time or patience to manually log into each one and put it in an excel file

yeah that does make it fast to gather it for you

we also have a documentation issue where i work, so CDP is super helpful rather than manually telling it

It's saved me a couple of times when I didn't have access to datacenter to make some trunk port changes that I had to be careful with. A mistake would of locked me out and I would of have to ask someone to go fix it with console cable

cdp to the rescue. I saw the mac addresses and the device that was on the port

and helped me map the stuff out

and then i did the changes without issue

it turns out work has a devops team and an internal github like service

so i got access to that

pretttty neat.

Also this

I can search my cameras for "violent motion"?

hehe

even people that are falling

its been over a decade since ive messed with DVR

at least it was ethernet

@little schooner Ever looked at kerberos?

Yes, with esxi nfs share. I could never get it working

and windows but that is usually automatic

I've been looking for some cams and software lately - have about 5 or so people wanting cameras installed at an elderly peoples home

oh, kerberos is a brand of camera?

They provide DVR software - kerberos.io

if i did cams at home i would probably go unifi

Yeah, I've got one Unifi setup done ( for my grandpa)

but it's not a cheap solution

Oh

nor is it easy to run wires in outside walls

cost of dvr really

I never played with them before

Thats okay, I've got an electrician and no real issues running cables

The unifi works really well tho. so maybe i've just got to find a cheaper mini pc to use as the dvr

wonder how a pi 4 would go

My DVR is currently a https://www.hikvision.com/en/Products/Network-Video-Recorder/Pro-Series(EasyIP)/EasyIP-3.0-Series-NVR/DS-7608/7616NI-Q2/8P(16P)

They are not cheap unforunately

but boy being able to draw lines anywhere in the footage to detect if someone crossed somewhere is awesome

You are not restricted to motion settings you setup

You can post-draw lines or motion boxes in places you didn't expect to put motion detection

and the nvr scrubs though looking for any matches

by far the best feature of it

Even works with non-hikvision cameras

oo nice, I was close to going hikvision for an upcoming job but ended up with dahua

https://www.dahuasecurity.com/products/productDetail/8301?us

I started buying more dahua gear, because it was more cost effective

Im sure that NVR does similar thing though, does it?

Yeah very similar, tbh this is my first cctv install job

but from my research yes very similar features haha

Getting about 10 dahua cams

Yeah they are great. I have one cam from dahua that has such an amazing sensor at night imagery

this one i got https://www.bhphotovideo.com/c/product/1499543-REG/dahua_technology_n45ef63_4mp_epoe_night_color.html/c/product/1499543-REG/N45EF63_4MP_Outdoor_ePoE_Network_Bullet

Just one, since this area was very dark

the rest were cheap ones like these https://www.bhphotovideo.com/c/product/1449829-REG/dahua_technology_n41bd22_4mp_ir_mini_bullet.html/c/product/1449829-REG/Lite_Series_N41BD22_4MP_Outdoor_Network

I've been testing cams from Alibaba actually haha - I can't believe the quality of them

china depends on good camera to keep the people in line

That last cam you sent; very similar to the cam I got for about $19

Yeah, they sell china variants and US variants

no support from dahua with china version i think...

Also when you upgrade firmware, it can be hit or miss

also look how low the required lumination is for the $240+ camera

haha they do @waxen scroll I might have heard about this on a Linus vid, but did you see the 500 Megapixel camera are working on ?

basically requires no light for color at night

and the color is fantastic

if surveillence is a hobby, it is my next favorite hobby

surveillence camera tech excites me a bit

I'm loving the new AI stuff

@young yacht add this to your dahua camera stuff, and you got an incredible AI package

https://www.sighthound.com/products/sighthound-video

Ah yep have seen them

Look at how crazy this is https://www.youtube.com/watch?v=j-3-zyx3rLo

oh wow

police must have that 😛

omg I'd LOVE to have this

but yeah that will make your camera system "AI smart" without breaking the bank

The kerberos software does kindaa do that; but it's monthly plans

@young yacht I just looked, is kerberos a free software?

Where do you see monthly plans

Thats only new if the car is self driving

Yes and no; they have paid plans for cloud hosting + AI

but it's weird; you can only connect one camera to kerberos

I think that is changing soon

Yeah they should let you connect all of them

there was a debacle about unifi's camera app having some sort of advertisement pop up?

And that the people who installed the systems for clients were complaining saying that they didn't get the deluxe package installed or whatever its called and thought the installers ripped them off

They've since fixed that but still, not sure what made them think that was a good idea to push.

lol, I didn't hear about that. I haven't seen any adverts on my current system

Shinobi is another open dvr i've been looking at

worth a look https://shinobi.video/

This was the advertisement https://community.ui.com/questions/How-to-remove-this-ridiculous-ad-for-Unifi-Protect-from-UFV-installations/b99f9c81-f0e1-4015-b5f3-122035f21811

https://shinobi.video/features

This is just simply to manage the cameras?

It doesnt say what specific motion detection it has

Region motion detection

oh. I just missed it lol

So that would be the box-style

I didn't know these open dvr systems existed

actually, they are really nice.

Yeah there is a few out there, zoneminder is another big one

I've heard bad things about Zoneminder but I think I'm gonna set it up today and see how it goes 🙂

Imagine being obsessed with some 0's and 1's moving

@ocean fable the people who are pull in $200k

Most of them probably work at a school or a library, they're not pulling in 200k

People say the same thing about sec

its common to pull in the 100s here and not even be obsessed with 1s and 0s

the obsessed ones are working at consulting firms making bank on companies who need advice

except dont tell @hollow marlin

:X

@ocean fable I don't like being the white hat hacker I like to be the defender

u like blu? I got blu

And companies attack you if you expose any wrong doings, like saving social security numbers in plaintext accessible to anyone who knows the UNC share path

They don't see it as being helpful and threaten legal action

@ocean fable Straight from the mouth of someone who probably can't make it, LUL

lol, its not my field and I'm still a student

i was just trolling

i do biomed and seng, so networking probably won't come up in my career

Biomed is a nice place too 🙂

I figured you were trolling but had to make sure

@little schooner Got that camera installed today; pretty decent quality at night ( this is from IR )

@young yacht looks great!

need covers on all that dirt

RIP you if it rains like that

@waxen scroll is it strange that I could hear someone's conversation through my computer speakers when they are sitting in a car on the street?

What kind of interference do you call that?

EMI

i suspect the same happens with my fan

when i run it at night sometimes i hear slight noises that sound like chimes or maybe radio

could just be some white noise effect i dont know about. 💁

Or you have a spoopy house O_O

I would go with spoopy house

The conversation sounded like they were doing an illicit deal nearby.

People hit this neighborhood at night during summer but never our house

you have a dog bro

Yes but they are poodles they arent the fighting type.... not in the condition they are in

They will try to play fight but that won't be enough to scare off

@little schooner you should consider a gun

if its known they're hitting homes at night, dont let them get you before you get them

I don't think I have courage to fire the gun. I can't hold one without a license either as a deterrent.

Airsoft guns? Any guns are not my style

Get anthrax dart

ez

its alot easier if theres no blood

or sound

anthrax dart oh boy I always wanted to accidentally poison myself, my family and my neighbourhood and go to prison as a result of attempting to manufacture and use a bioweapon on an intruder

Not an accident 😉

Hey @pseudo blade you still here

hm?

So you recommended that mirkotik hap ac2 and I looked around it seems it's not available here

...What country.

PH

By not available I mean they don't have it anymore in stock etc

What I found that'll probably work with our budget is an ASUS RT-AC53 AC750?

I think that's the exact model

Single-chain wireless and reviews say bad antennas, ethernet performance is apparently fine for 500-900mbps.

They're still selling wireless N routers

That's because cheap consumer routers are trash. Decent AC wireless isn't even that expensive to integrate.